diff --git a/builder/amazon/common/step_run_spot_instance.go b/builder/amazon/common/step_run_spot_instance.go index ded801bfc..3d93f854a 100644 --- a/builder/amazon/common/step_run_spot_instance.go +++ b/builder/amazon/common/step_run_spot_instance.go @@ -54,6 +54,24 @@ type StepRunSpotInstance struct { instanceId string } +// The EbsBlockDevice and LaunchTemplateEbsBlockDeviceRequest structs are +// nearly identical except for the struct's name and one extra field in +// EbsBlockDeviceResuest, which unfortunately means you can't just cast one +// into the other. THANKS AMAZON. +func castBlockDeviceToRequest(bd *ec2.EbsBlockDevice) *ec2.LaunchTemplateEbsBlockDeviceRequest { + out := &ec2.LaunchTemplateEbsBlockDeviceRequest{ + DeleteOnTermination: bd.DeleteOnTermination, + Encrypted: bd.Encrypted, + Iops: bd.Iops, + KmsKeyId: bd.KmsKeyId, + SnapshotId: bd.SnapshotId, + Throughput: bd.Throughput, + VolumeSize: bd.VolumeSize, + VolumeType: bd.VolumeType, + } + return out +} + func (s *StepRunSpotInstance) CreateTemplateData(userData *string, az string, state multistep.StateBag, marketOptions *ec2.LaunchTemplateInstanceMarketOptionsRequest) *ec2.RequestLaunchTemplateData { blockDeviceMappings := s.LaunchMappings.BuildEC2BlockDeviceMappings() @@ -61,15 +79,12 @@ func (s *StepRunSpotInstance) CreateTemplateData(userData *string, az string, // LaunchTemplateBlockDeviceMappingRequest. These structs are identical, // except for the EBS field -- on one, that field contains a // LaunchTemplateEbsBlockDeviceRequest, and on the other, it contains an - // EbsBlockDevice. The EbsBlockDevice and - // LaunchTemplateEbsBlockDeviceRequest structs are themselves - // identical except for the struct's name, so you can cast one directly - // into the other. + // EbsBlockDevice. var launchMappingRequests []*ec2.LaunchTemplateBlockDeviceMappingRequest for _, mapping := range blockDeviceMappings { launchRequest := &ec2.LaunchTemplateBlockDeviceMappingRequest{ DeviceName: mapping.DeviceName, - Ebs: (*ec2.LaunchTemplateEbsBlockDeviceRequest)(mapping.Ebs), + Ebs: castBlockDeviceToRequest(mapping.Ebs), VirtualName: mapping.VirtualName, } launchMappingRequests = append(launchMappingRequests, launchRequest) diff --git a/go.mod b/go.mod index 8e63daf14..d553f702a 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20170113022742-e6dbea820a9f github.com/antihax/optional v1.0.0 github.com/approvals/go-approval-tests v0.0.0-20160714161514-ad96e53bea43 - github.com/aws/aws-sdk-go v1.36.5 + github.com/aws/aws-sdk-go v1.37.15 github.com/biogo/hts v0.0.0-20160420073057-50da7d4131a3 github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee github.com/cheggaaa/pb v1.0.27 diff --git a/go.sum b/go.sum index 3f51c4032..a847cc20a 100644 --- a/go.sum +++ b/go.sum @@ -129,6 +129,8 @@ github.com/aws/aws-sdk-go v1.31.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU github.com/aws/aws-sdk-go v1.36.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go v1.36.5 h1:SouM2ar1A8f+3DYWW622sDdqkkZAO3ha4j8GQjiPLFg= github.com/aws/aws-sdk-go v1.36.5/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= +github.com/aws/aws-sdk-go v1.37.15 h1:W7l7gLLMcYRlg6a+uvf3Zz4jYwdqYzhe5ymqwWoOhp4= +github.com/aws/aws-sdk-go v1.37.15/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go index 03334d692..74f35ccf0 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go @@ -88,10 +88,6 @@ func (c *Client) NewRequest(operation *request.Operation, params interface{}, da // AddDebugHandlers injects debug logging handlers into the service to log request // debug information. func (c *Client) AddDebugHandlers() { - if !c.Config.LogLevel.AtLeast(aws.LogDebug) { - return - } - c.Handlers.Send.PushFrontNamed(LogHTTPRequestHandler) c.Handlers.Send.PushBackNamed(LogHTTPResponseHandler) } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go index 8958c32d4..1d774cfa2 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go @@ -53,6 +53,10 @@ var LogHTTPRequestHandler = request.NamedHandler{ } func logRequest(r *request.Request) { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) { + return + } + logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) bodySeekable := aws.IsReaderSeekable(r.Body) @@ -120,6 +124,10 @@ var LogHTTPResponseHandler = request.NamedHandler{ } func logResponse(r *request.Request) { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) { + return + } + lw := &logWriter{r.Config.Logger, bytes.NewBuffer(nil)} if r.HTTPResponse == nil { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go index 3b809e847..39fa6d5fe 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -438,13 +438,6 @@ func (c *Config) WithDisableEndpointHostPrefix(t bool) *Config { return c } -// MergeIn merges the passed in configs into the existing config object. -func (c *Config) MergeIn(cfgs ...*Config) { - for _, other := range cfgs { - mergeInConfig(c, other) - } -} - // WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag // when resolving the endpoint for a service func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config { @@ -459,6 +452,27 @@ func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEn return c } +// WithLowerCaseHeaderMaps sets a config LowerCaseHeaderMaps value +// returning a Config pointer for chaining. +func (c *Config) WithLowerCaseHeaderMaps(t bool) *Config { + c.LowerCaseHeaderMaps = &t + return c +} + +// WithDisableRestProtocolURICleaning sets a config DisableRestProtocolURICleaning value +// returning a Config pointer for chaining. +func (c *Config) WithDisableRestProtocolURICleaning(t bool) *Config { + c.DisableRestProtocolURICleaning = &t + return c +} + +// MergeIn merges the passed in configs into the existing config object. +func (c *Config) MergeIn(cfgs ...*Config) { + for _, other := range cfgs { + mergeInConfig(c, other) + } +} + func mergeInConfig(dst *Config, other *Config) { if other == nil { return @@ -571,6 +585,10 @@ func mergeInConfig(dst *Config, other *Config) { if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint { dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint } + + if other.LowerCaseHeaderMaps != nil { + dst.LowerCaseHeaderMaps = other.LowerCaseHeaderMaps + } } // Copy will return a shallow copy of the Config object. If any additional diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go new file mode 100644 index 000000000..18c940ab3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go @@ -0,0 +1,60 @@ +// Package ssocreds provides a credential provider for retrieving temporary AWS credentials using an SSO access token. +// +// IMPORTANT: The provider in this package does not initiate or perform the AWS SSO login flow. The SDK provider +// expects that you have already performed the SSO login flow using AWS CLI using the "aws sso login" command, or by +// some other mechanism. The provider must find a valid non-expired access token for the AWS SSO user portal URL in +// ~/.aws/sso/cache. If a cached token is not found, it is expired, or the file is malformed an error will be returned. +// +// Loading AWS SSO credentials with the AWS shared configuration file +// +// You can use configure AWS SSO credentials from the AWS shared configuration file by +// providing the specifying the required keys in the profile: +// +// sso_account_id +// sso_region +// sso_role_name +// sso_start_url +// +// For example, the following defines a profile "devsso" and specifies the AWS SSO parameters that defines the target +// account, role, sign-on portal, and the region where the user portal is located. Note: all SSO arguments must be +// provided, or an error will be returned. +// +// [profile devsso] +// sso_start_url = https://my-sso-portal.awsapps.com/start +// sso_role_name = SSOReadOnlyRole +// sso_region = us-east-1 +// sso_account_id = 123456789012 +// +// Using the config module, you can load the AWS SDK shared configuration, and specify that this profile be used to +// retrieve credentials. For example: +// +// sess, err := session.NewSessionWithOptions(session.Options{ +// SharedConfigState: session.SharedConfigEnable, +// Profile: "devsso", +// }) +// if err != nil { +// return err +// } +// +// Programmatically loading AWS SSO credentials directly +// +// You can programmatically construct the AWS SSO Provider in your application, and provide the necessary information +// to load and retrieve temporary credentials using an access token from ~/.aws/sso/cache. +// +// svc := sso.New(sess, &aws.Config{ +// Region: aws.String("us-west-2"), // Client Region must correspond to the AWS SSO user portal region +// }) +// +// provider := ssocreds.NewCredentialsWithClient(svc, "123456789012", "SSOReadOnlyRole", "https://my-sso-portal.awsapps.com/start") +// +// credentials, err := provider.Get() +// if err != nil { +// return err +// } +// +// Additional Resources +// +// Configuring the AWS CLI to use AWS Single Sign-On: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +// +// AWS Single Sign-On User Guide: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html +package ssocreds diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go new file mode 100644 index 000000000..ceca7dcee --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go @@ -0,0 +1,9 @@ +// +build !windows + +package ssocreds + +import "os" + +func getHomeDirectory() string { + return os.Getenv("HOME") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go new file mode 100644 index 000000000..eb48f61e5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go @@ -0,0 +1,7 @@ +package ssocreds + +import "os" + +func getHomeDirectory() string { + return os.Getenv("USERPROFILE") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go new file mode 100644 index 000000000..6eda2a555 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go @@ -0,0 +1,180 @@ +package ssocreds + +import ( + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "io/ioutil" + "path/filepath" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/service/sso" + "github.com/aws/aws-sdk-go/service/sso/ssoiface" +) + +// ErrCodeSSOProviderInvalidToken is the code type that is returned if loaded token has expired or is otherwise invalid. +// To refresh the SSO session run aws sso login with the corresponding profile. +const ErrCodeSSOProviderInvalidToken = "SSOProviderInvalidToken" + +const invalidTokenMessage = "the SSO session has expired or is invalid" + +func init() { + nowTime = time.Now + defaultCacheLocation = defaultCacheLocationImpl +} + +var nowTime func() time.Time + +// ProviderName is the name of the provider used to specify the source of credentials. +const ProviderName = "SSOProvider" + +var defaultCacheLocation func() string + +func defaultCacheLocationImpl() string { + return filepath.Join(getHomeDirectory(), ".aws", "sso", "cache") +} + +// Provider is an AWS credential provider that retrieves temporary AWS credentials by exchanging an SSO login token. +type Provider struct { + credentials.Expiry + + // The Client which is configured for the AWS Region where the AWS SSO user portal is located. + Client ssoiface.SSOAPI + + // The AWS account that is assigned to the user. + AccountID string + + // The role name that is assigned to the user. + RoleName string + + // The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal. + StartURL string +} + +// NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured +// for the AWS Region where the AWS SSO user portal is located. +func NewCredentials(configProvider client.ConfigProvider, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { + return NewCredentialsWithClient(sso.New(configProvider), accountID, roleName, startURL, optFns...) +} + +// NewCredentialsWithClient returns a new AWS Single Sign-On (AWS SSO) credential provider. The provided client is expected to be configured +// for the AWS Region where the AWS SSO user portal is located. +func NewCredentialsWithClient(client ssoiface.SSOAPI, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { + p := &Provider{ + Client: client, + AccountID: accountID, + RoleName: roleName, + StartURL: startURL, + } + + for _, fn := range optFns { + fn(p) + } + + return credentials.NewCredentials(p) +} + +// Retrieve retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal +// by exchanging the accessToken present in ~/.aws/sso/cache. +func (p *Provider) Retrieve() (credentials.Value, error) { + return p.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal +// by exchanging the accessToken present in ~/.aws/sso/cache. +func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { + tokenFile, err := loadTokenFile(p.StartURL) + if err != nil { + return credentials.Value{}, err + } + + output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{ + AccessToken: &tokenFile.AccessToken, + AccountId: &p.AccountID, + RoleName: &p.RoleName, + }) + if err != nil { + return credentials.Value{}, err + } + + expireTime := time.Unix(0, aws.Int64Value(output.RoleCredentials.Expiration)*int64(time.Millisecond)).UTC() + p.SetExpiration(expireTime, 0) + + return credentials.Value{ + AccessKeyID: aws.StringValue(output.RoleCredentials.AccessKeyId), + SecretAccessKey: aws.StringValue(output.RoleCredentials.SecretAccessKey), + SessionToken: aws.StringValue(output.RoleCredentials.SessionToken), + ProviderName: ProviderName, + }, nil +} + +func getCacheFileName(url string) (string, error) { + hash := sha1.New() + _, err := hash.Write([]byte(url)) + if err != nil { + return "", err + } + return strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json", nil +} + +type rfc3339 time.Time + +func (r *rfc3339) UnmarshalJSON(bytes []byte) error { + var value string + + if err := json.Unmarshal(bytes, &value); err != nil { + return err + } + + parse, err := time.Parse(time.RFC3339, value) + if err != nil { + return fmt.Errorf("expected RFC3339 timestamp: %v", err) + } + + *r = rfc3339(parse) + + return nil +} + +type token struct { + AccessToken string `json:"accessToken"` + ExpiresAt rfc3339 `json:"expiresAt"` + Region string `json:"region,omitempty"` + StartURL string `json:"startUrl,omitempty"` +} + +func (t token) Expired() bool { + return nowTime().Round(0).After(time.Time(t.ExpiresAt)) +} + +func loadTokenFile(startURL string) (t token, err error) { + key, err := getCacheFileName(startURL) + if err != nil { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) + } + + fileBytes, err := ioutil.ReadFile(filepath.Join(defaultCacheLocation(), key)) + if err != nil { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) + } + + if err := json.Unmarshal(fileBytes, &t); err != nil { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) + } + + if len(t.AccessToken) == 0 { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) + } + + if t.Expired() { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) + } + + return t, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 6846ef6f8..260a37cbb 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -95,7 +95,7 @@ import ( // StdinTokenProvider will prompt on stderr and read from stdin for a string value. // An error is returned if reading from stdin fails. // -// Use this function go read MFA tokens from stdin. The function makes no attempt +// Use this function to read MFA tokens from stdin. The function makes no attempt // to make atomic prompts from stdin across multiple gorouties. // // Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will @@ -244,9 +244,11 @@ type AssumeRoleProvider struct { MaxJitterFrac float64 } -// NewCredentials returns a pointer to a new Credentials object wrapping the +// NewCredentials returns a pointer to a new Credentials value wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. +// role will be named after a nanosecond timestamp of this operation. The +// Credentials value will attempt to refresh the credentials using the provider +// when Credentials.Get is called, if the cached credentials are expiring. // // Takes a Config provider to create the STS client. The ConfigProvider is // satisfied by the session.Session type. @@ -268,9 +270,11 @@ func NewCredentials(c client.ConfigProvider, roleARN string, options ...func(*As return credentials.NewCredentials(p) } -// NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the +// NewCredentialsWithClient returns a pointer to a new Credentials value wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. +// role will be named after a nanosecond timestamp of this operation. The +// Credentials value will attempt to refresh the credentials using the provider +// when Credentials.Get is called, if the cached credentials are expiring. // // Takes an AssumeRoler which can be satisfied by the STS client. // diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 78f222607..50a3c1c92 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -358,6 +358,22 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "amplifybackend": service{ + + Endpoints: endpoints{ + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-south-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "api.detective": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -380,9 +396,33 @@ var awsPartition = partition{ "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "api.detective-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "api.detective-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "api.detective-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "api.detective-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "api.ecr": service{ @@ -581,6 +621,12 @@ var awsPartition = partition{ }, }, }, + "api.fleethub.iot": service{ + + Endpoints: endpoints{ + "us-east-1": endpoint{}, + }, + }, "api.mediatailor": service{ Endpoints: endpoints{ @@ -740,6 +786,7 @@ var awsPartition = partition{ "appmesh": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -827,12 +874,36 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "athena-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "athena-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "athena-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "athena-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "autoscaling": service{ @@ -1231,6 +1302,7 @@ var awsPartition = partition{ "codebuild": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1355,9 +1427,25 @@ var awsPartition = partition{ }, }, }, + "codeguru-reviewer": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "codepipeline": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1366,6 +1454,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1510,6 +1599,12 @@ var awsPartition = partition{ Region: "us-east-2", }, }, + "fips-us-west-1": endpoint{ + Hostname: "cognito-idp-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "fips-us-west-2": endpoint{ Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ @@ -3006,6 +3101,7 @@ var awsPartition = partition{ "fsx": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3015,14 +3111,46 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-prod-ca-central-1": endpoint{ + Hostname: "fsx-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-prod-us-east-1": endpoint{ + Hostname: "fsx-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-prod-us-east-2": endpoint{ + Hostname: "fsx-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-prod-us-west-1": endpoint{ + Hostname: "fsx-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-prod-us-west-2": endpoint{ + Hostname: "fsx-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "gamelift": service{ @@ -3520,6 +3648,23 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "iotwireless": service{ + + Endpoints: endpoints{ + "eu-west-1": endpoint{ + Hostname: "api.iotwireless.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "us-east-1": endpoint{ + Hostname: "api.iotwireless.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, "kafka": service{ Endpoints: endpoints{ @@ -3665,6 +3810,7 @@ var awsPartition = partition{ "lakeformation": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3914,6 +4060,7 @@ var awsPartition = partition{ "macie2": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -3923,6 +4070,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -3950,11 +4098,12 @@ var awsPartition = partition{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "managedblockchain": service{ @@ -4177,7 +4326,19 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "models-fips.lex.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "models-fips.lex.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "monitoring": service{ @@ -5091,7 +5252,19 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "runtime-fips.lex.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "runtime-fips.lex.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "runtime.sagemaker": service{ @@ -5636,6 +5809,7 @@ var awsPartition = partition{ "servicediscovery": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -5645,6 +5819,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -6407,6 +6582,7 @@ var awsPartition = partition{ "transfer": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -6448,11 +6624,12 @@ var awsPartition = partition{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "translate": service{ @@ -7296,6 +7473,16 @@ var awscnPartition = partition{ "cn-north-1": endpoint{}, }, }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "health": service{ Endpoints: endpoints{ @@ -8170,6 +8357,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "connect": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "datasync": service{ Endpoints: endpoints{ @@ -8495,6 +8688,25 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "fsx": service{ + + Endpoints: endpoints{ + "fips-prod-us-gov-east-1": endpoint{ + Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-prod-us-gov-west-1": endpoint{ + Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "glacier": service{ Endpoints: endpoints{ @@ -8556,7 +8768,12 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "greengrass.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ Hostname: "greengrass.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -8787,6 +9004,22 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "models.lex": service{ + Defaults: endpoint{ + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "models-fips.lex.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "monitoring": service{ Endpoints: endpoints{ @@ -8992,10 +9225,32 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "runtime.lex": service{ + Defaults: endpoint{ + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "runtime-fips.lex.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "runtime.sagemaker": service{ Endpoints: endpoints{ "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "runtime.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "s3": service{ @@ -9406,12 +9661,24 @@ var awsusgovPartition = partition{ "waf-regional": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "waf-regional-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "fips-us-gov-west-1": endpoint{ Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, + "us-gov-east-1": endpoint{ + Hostname: "waf-regional.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ Hostname: "waf-regional.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -9703,12 +9970,30 @@ var awsisoPartition = partition{ "us-iso-east-1": endpoint{}, }, }, + "medialive": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "mediapackage": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "monitoring": service{ Endpoints: endpoints{ "us-iso-east-1": endpoint{}, }, }, + "outposts": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "rds": service{ Endpoints: endpoints{ @@ -9751,6 +10036,12 @@ var awsisoPartition = partition{ }, }, }, + "secretsmanager": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "snowball": service{ Endpoints: endpoints{ @@ -9773,6 +10064,12 @@ var awsisoPartition = partition{ }, }, }, + "ssm": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "states": service{ Endpoints: endpoints{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index fe6dac1f4..3ddd4e512 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -9,6 +9,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/credentials/processcreds" + "github.com/aws/aws-sdk-go/aws/credentials/ssocreds" "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/request" @@ -100,6 +101,9 @@ func resolveCredsFromProfile(cfg *aws.Config, sharedCfg.Creds, ) + case sharedCfg.hasSSOConfiguration(): + creds, err = resolveSSOCredentials(cfg, sharedCfg, handlers) + case len(sharedCfg.CredentialProcess) != 0: // Get credentials from CredentialProcess creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) @@ -151,6 +155,25 @@ func resolveCredsFromProfile(cfg *aws.Config, return creds, nil } +func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers request.Handlers) (*credentials.Credentials, error) { + if err := sharedCfg.validateSSOConfiguration(); err != nil { + return nil, err + } + + cfgCopy := cfg.Copy() + cfgCopy.Region = &sharedCfg.SSORegion + + return ssocreds.NewCredentials( + &Session{ + Config: cfgCopy, + Handlers: handlers.Copy(), + }, + sharedCfg.SSOAccountID, + sharedCfg.SSORoleName, + sharedCfg.SSOStartURL, + ), nil +} + // valid credential source values const ( credSourceEc2Metadata = "Ec2InstanceMetadata" diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 08713cc34..038ae222f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -36,7 +36,7 @@ const ( // ErrSharedConfigSourceCollision will be returned if a section contains both // source_profile and credential_source -var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only source profile or credential source can be specified, not both", nil) +var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token, or sso", nil) // ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment // variables are empty and Environment was set as the credential source diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index be7daacf3..c3f38b6ec 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -2,6 +2,7 @@ package session import ( "fmt" + "strings" "time" "github.com/aws/aws-sdk-go/aws/awserr" @@ -25,6 +26,12 @@ const ( roleSessionNameKey = `role_session_name` // optional roleDurationSecondsKey = "duration_seconds" // optional + // AWS Single Sign-On (AWS SSO) group + ssoAccountIDKey = "sso_account_id" + ssoRegionKey = "sso_region" + ssoRoleNameKey = "sso_role_name" + ssoStartURL = "sso_start_url" + // CSM options csmEnabledKey = `csm_enabled` csmHostKey = `csm_host` @@ -63,6 +70,8 @@ const ( // sharedConfig represents the configuration fields of the SDK config files. type sharedConfig struct { + Profile string + // Credentials values from the config file. Both aws_access_key_id and // aws_secret_access_key must be provided together in the same file to be // considered valid. The values will be ignored if not a complete group. @@ -78,6 +87,11 @@ type sharedConfig struct { CredentialProcess string WebIdentityTokenFile string + SSOAccountID string + SSORegion string + SSORoleName string + SSOStartURL string + RoleARN string RoleSessionName string ExternalID string @@ -189,6 +203,8 @@ func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) { } func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error { + cfg.Profile = profile + // Trim files from the list that don't exist. var skippedFiles int var profileNotFoundErr error @@ -217,9 +233,9 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s cfg.clearAssumeRoleOptions() } else { // First time a profile has been seen, It must either be a assume role - // or credentials. Assert if the credential type requires a role ARN, - // the ARN is also set. - if err := cfg.validateCredentialsRequireARN(profile); err != nil { + // credentials, or SSO. Assert if the credential type requires a role ARN, + // the ARN is also set, or validate that the SSO configuration is complete. + if err := cfg.validateCredentialsConfig(profile); err != nil { return err } } @@ -312,6 +328,12 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e } cfg.S3UsEast1RegionalEndpoint = sre } + + // AWS Single Sign-On (AWS SSO) + updateString(&cfg.SSOAccountID, section, ssoAccountIDKey) + updateString(&cfg.SSORegion, section, ssoRegionKey) + updateString(&cfg.SSORoleName, section, ssoRoleNameKey) + updateString(&cfg.SSOStartURL, section, ssoStartURL) } updateString(&cfg.CredentialProcess, section, credentialProcessKey) @@ -342,6 +364,14 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e return nil } +func (cfg *sharedConfig) validateCredentialsConfig(profile string) error { + if err := cfg.validateCredentialsRequireARN(profile); err != nil { + return err + } + + return nil +} + func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error { var credSource string @@ -371,6 +401,7 @@ func (cfg *sharedConfig) validateCredentialType() error { len(cfg.CredentialSource) != 0, len(cfg.CredentialProcess) != 0, len(cfg.WebIdentityTokenFile) != 0, + cfg.hasSSOConfiguration(), ) { return ErrSharedConfigSourceCollision } @@ -378,12 +409,43 @@ func (cfg *sharedConfig) validateCredentialType() error { return nil } +func (cfg *sharedConfig) validateSSOConfiguration() error { + if !cfg.hasSSOConfiguration() { + return nil + } + + var missing []string + if len(cfg.SSOAccountID) == 0 { + missing = append(missing, ssoAccountIDKey) + } + + if len(cfg.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(cfg.SSORoleName) == 0 { + missing = append(missing, ssoRoleNameKey) + } + + if len(cfg.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + cfg.Profile, strings.Join(missing, ", ")) + } + + return nil +} + func (cfg *sharedConfig) hasCredentials() bool { switch { case len(cfg.SourceProfileName) != 0: case len(cfg.CredentialSource) != 0: case len(cfg.CredentialProcess) != 0: case len(cfg.WebIdentityTokenFile) != 0: + case cfg.hasSSOConfiguration(): case cfg.Creds.HasKeys(): default: return false @@ -407,6 +469,18 @@ func (cfg *sharedConfig) clearAssumeRoleOptions() { cfg.SourceProfileName = "" } +func (cfg *sharedConfig) hasSSOConfiguration() bool { + switch { + case len(cfg.SSOAccountID) != 0: + case len(cfg.SSORegion) != 0: + case len(cfg.SSORoleName) != 0: + case len(cfg.SSOStartURL) != 0: + default: + return false + } + return true +} + func oneOrNone(bs ...bool) bool { var count int diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index b18b40cab..fe73428eb 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.36.5" +const SDKVersion = "1.37.15" diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go index d7d42db0a..1f1d27aea 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go @@ -1,9 +1,10 @@ package protocol import ( - "strings" - "github.com/aws/aws-sdk-go/aws/request" + "net" + "strconv" + "strings" ) // ValidateEndpointHostHandler is a request handler that will validate the @@ -22,8 +23,26 @@ var ValidateEndpointHostHandler = request.NamedHandler{ // 3986 host. Returns error if the host is not valid. func ValidateEndpointHost(opName, host string) error { paramErrs := request.ErrInvalidParams{Context: opName} - labels := strings.Split(host, ".") + var hostname string + var port string + var err error + + if strings.Contains(host, ":") { + hostname, port, err = net.SplitHostPort(host) + + if err != nil { + paramErrs.Add(request.NewErrParamFormat("endpoint", err.Error(), host)) + } + + if !ValidPortNumber(port) { + paramErrs.Add(request.NewErrParamFormat("endpoint port number", "[0-65535]", port)) + } + } else { + hostname = host + } + + labels := strings.Split(hostname, ".") for i, label := range labels { if i == len(labels)-1 && len(label) == 0 { // Allow trailing dot for FQDN hosts. @@ -36,7 +55,11 @@ func ValidateEndpointHost(opName, host string) error { } } - if len(host) > 255 { + if len(hostname) == 0 { + paramErrs.Add(request.NewErrParamMinLen("endpoint host", 1)) + } + + if len(hostname) > 255 { paramErrs.Add(request.NewErrParamMaxLen( "endpoint host", 255, host, )) @@ -66,3 +89,16 @@ func ValidHostLabel(label string) bool { return true } + +// ValidPortNumber return if the port is valid RFC 3986 port +func ValidPortNumber(port string) bool { + i, err := strconv.Atoi(port) + if err != nil { + return false + } + + if i < 0 || i > 65535 { + return false + } + return true +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go new file mode 100644 index 000000000..2e0e205af --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go @@ -0,0 +1,59 @@ +// Package restjson provides RESTful JSON serialization of AWS +// requests and responses. +package restjson + +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-json.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-json.json unmarshal_test.go + +import ( + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" + "github.com/aws/aws-sdk-go/private/protocol/rest" +) + +// BuildHandler is a named request handler for building restjson protocol +// requests +var BuildHandler = request.NamedHandler{ + Name: "awssdk.restjson.Build", + Fn: Build, +} + +// UnmarshalHandler is a named request handler for unmarshaling restjson +// protocol requests +var UnmarshalHandler = request.NamedHandler{ + Name: "awssdk.restjson.Unmarshal", + Fn: Unmarshal, +} + +// UnmarshalMetaHandler is a named request handler for unmarshaling restjson +// protocol request metadata +var UnmarshalMetaHandler = request.NamedHandler{ + Name: "awssdk.restjson.UnmarshalMeta", + Fn: UnmarshalMeta, +} + +// Build builds a request for the REST JSON protocol. +func Build(r *request.Request) { + rest.Build(r) + + if t := rest.PayloadType(r.Params); t == "structure" || t == "" { + if v := r.HTTPRequest.Header.Get("Content-Type"); len(v) == 0 { + r.HTTPRequest.Header.Set("Content-Type", "application/json") + } + jsonrpc.Build(r) + } +} + +// Unmarshal unmarshals a response body for the REST JSON protocol. +func Unmarshal(r *request.Request) { + if t := rest.PayloadType(r.Data); t == "structure" || t == "" { + jsonrpc.Unmarshal(r) + } else { + rest.Unmarshal(r) + } +} + +// UnmarshalMeta unmarshals response headers for the REST JSON protocol. +func UnmarshalMeta(r *request.Request) { + rest.UnmarshalMeta(r) +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go new file mode 100644 index 000000000..d756d8cc5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go @@ -0,0 +1,134 @@ +package restjson + +import ( + "bytes" + "io" + "io/ioutil" + "net/http" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" + "github.com/aws/aws-sdk-go/private/protocol/rest" +) + +const ( + errorTypeHeader = "X-Amzn-Errortype" + errorMessageHeader = "X-Amzn-Errormessage" +) + +// UnmarshalTypedError provides unmarshaling errors API response errors +// for both typed and untyped errors. +type UnmarshalTypedError struct { + exceptions map[string]func(protocol.ResponseMetadata) error +} + +// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the +// set of exception names to the error unmarshalers +func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { + return &UnmarshalTypedError{ + exceptions: exceptions, + } +} + +// UnmarshalError attempts to unmarshal the HTTP response error as a known +// error type. If unable to unmarshal the error type, the generic SDK error +// type will be used. +func (u *UnmarshalTypedError) UnmarshalError( + resp *http.Response, + respMeta protocol.ResponseMetadata, +) (error, error) { + + code := resp.Header.Get(errorTypeHeader) + msg := resp.Header.Get(errorMessageHeader) + + body := resp.Body + if len(code) == 0 { + // If unable to get code from HTTP headers have to parse JSON message + // to determine what kind of exception this will be. + var buf bytes.Buffer + var jsonErr jsonErrorResponse + teeReader := io.TeeReader(resp.Body, &buf) + err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) + if err != nil { + return nil, err + } + + body = ioutil.NopCloser(&buf) + code = jsonErr.Code + msg = jsonErr.Message + } + + // If code has colon separators remove them so can compare against modeled + // exception names. + code = strings.SplitN(code, ":", 2)[0] + + if fn, ok := u.exceptions[code]; ok { + // If exception code is know, use associated constructor to get a value + // for the exception that the JSON body can be unmarshaled into. + v := fn(respMeta) + if err := jsonutil.UnmarshalJSONCaseInsensitive(v, body); err != nil { + return nil, err + } + + if err := rest.UnmarshalResponse(resp, v, true); err != nil { + return nil, err + } + + return v, nil + } + + // fallback to unmodeled generic exceptions + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil +} + +// UnmarshalErrorHandler is a named request handler for unmarshaling restjson +// protocol request errors +var UnmarshalErrorHandler = request.NamedHandler{ + Name: "awssdk.restjson.UnmarshalError", + Fn: UnmarshalError, +} + +// UnmarshalError unmarshals a response error for the REST JSON protocol. +func UnmarshalError(r *request.Request) { + defer r.HTTPResponse.Body.Close() + + var jsonErr jsonErrorResponse + err := jsonutil.UnmarshalJSONError(&jsonErr, r.HTTPResponse.Body) + if err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal response error", err), + r.HTTPResponse.StatusCode, + r.RequestID, + ) + return + } + + code := r.HTTPResponse.Header.Get(errorTypeHeader) + if code == "" { + code = jsonErr.Code + } + msg := r.HTTPResponse.Header.Get(errorMessageHeader) + if msg == "" { + msg = jsonErr.Message + } + + code = strings.SplitN(code, ":", 2)[0] + r.Error = awserr.NewRequestFailure( + awserr.New(code, jsonErr.Message, nil), + r.HTTPResponse.StatusCode, + r.RequestID, + ) +} + +type jsonErrorResponse struct { + Code string `json:"code"` + Message string `json:"message"` +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index f49d31d75..e380fb0e9 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -88,6 +88,80 @@ func (c *EC2) AcceptReservedInstancesExchangeQuoteWithContext(ctx aws.Context, i return out, req.Send() } +const opAcceptTransitGatewayMulticastDomainAssociations = "AcceptTransitGatewayMulticastDomainAssociations" + +// AcceptTransitGatewayMulticastDomainAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the AcceptTransitGatewayMulticastDomainAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AcceptTransitGatewayMulticastDomainAssociations for more information on using the AcceptTransitGatewayMulticastDomainAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AcceptTransitGatewayMulticastDomainAssociationsRequest method. +// req, resp := client.AcceptTransitGatewayMulticastDomainAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AcceptTransitGatewayMulticastDomainAssociations +func (c *EC2) AcceptTransitGatewayMulticastDomainAssociationsRequest(input *AcceptTransitGatewayMulticastDomainAssociationsInput) (req *request.Request, output *AcceptTransitGatewayMulticastDomainAssociationsOutput) { + op := &request.Operation{ + Name: opAcceptTransitGatewayMulticastDomainAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AcceptTransitGatewayMulticastDomainAssociationsInput{} + } + + output = &AcceptTransitGatewayMulticastDomainAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// AcceptTransitGatewayMulticastDomainAssociations API operation for Amazon Elastic Compute Cloud. +// +// Accepts a request to associate subnets with a transit gateway multicast domain. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AcceptTransitGatewayMulticastDomainAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AcceptTransitGatewayMulticastDomainAssociations +func (c *EC2) AcceptTransitGatewayMulticastDomainAssociations(input *AcceptTransitGatewayMulticastDomainAssociationsInput) (*AcceptTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.AcceptTransitGatewayMulticastDomainAssociationsRequest(input) + return out, req.Send() +} + +// AcceptTransitGatewayMulticastDomainAssociationsWithContext is the same as AcceptTransitGatewayMulticastDomainAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See AcceptTransitGatewayMulticastDomainAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AcceptTransitGatewayMulticastDomainAssociationsWithContext(ctx aws.Context, input *AcceptTransitGatewayMulticastDomainAssociationsInput, opts ...request.Option) (*AcceptTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.AcceptTransitGatewayMulticastDomainAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAcceptTransitGatewayPeeringAttachment = "AcceptTransitGatewayPeeringAttachment" // AcceptTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the @@ -2941,7 +3015,7 @@ func (c *EC2) CancelReservedInstancesListingRequest(input *CancelReservedInstanc // Marketplace. // // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3323,14 +3397,25 @@ func (c *EC2) CopyImageRequest(input *CopyImageInput) (req *request.Request, out // CopyImage API operation for Amazon Elastic Compute Cloud. // -// Initiates the copy of an AMI from the specified source Region to the current -// Region. You specify the destination Region by using its endpoint when making -// the request. +// Initiates the copy of an AMI. You can copy an AMI from one Region to another, +// or from a Region to an AWS Outpost. You can't copy an AMI from an Outpost +// to a Region, from one Outpost to another, or within the same Outpost. // -// Copies of encrypted backing snapshots for the AMI are encrypted. Copies of -// unencrypted backing snapshots remain unencrypted, unless you set Encrypted -// during the copy operation. You cannot create an unencrypted copy of an encrypted -// backing snapshot. +// To copy an AMI from one Region to another, specify the source Region using +// the SourceRegion parameter, and specify the destination Region using its +// endpoint. Copies of encrypted backing snapshots for the AMI are encrypted. +// Copies of unencrypted backing snapshots remain unencrypted, unless you set +// Encrypted during the copy operation. You cannot create an unencrypted copy +// of an encrypted backing snapshot. +// +// To copy an AMI from a Region to an Outpost, specify the source Region using +// the SourceRegion parameter, and specify the ARN of the destination Outpost +// using DestinationOutpostArn. Backing snapshots copied to an Outpost are encrypted +// by default using the default encryption key for the Region, or a different +// key that you specify in the request using KmsKeyId. Outposts do not support +// unencrypted snapshots. For more information, Amazon EBS local snapshots on +// Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) +// in the Amazon Elastic Compute Cloud User Guide. // // For more information about the prerequisites and limits when copying an AMI, // see Copying an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) @@ -3409,18 +3494,25 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // CopySnapshot API operation for Amazon Elastic Compute Cloud. // // Copies a point-in-time snapshot of an EBS volume and stores it in Amazon -// S3. You can copy the snapshot within the same Region or from one Region to -// another. You can use the snapshot to create EBS volumes or Amazon Machine -// Images (AMIs). +// S3. You can copy a snapshot within the same Region, from one Region to another, +// or from a Region to an Outpost. You can't copy a snapshot from an Outpost +// to a Region, from one Outpost to another, or within the same Outpost. // -// Copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted -// snapshots remain unencrypted, unless you enable encryption for the snapshot -// copy operation. By default, encrypted snapshot copies use the default AWS -// Key Management Service (AWS KMS) customer master key (CMK); however, you -// can specify a different CMK. +// You can use the snapshot to create EBS volumes or Amazon Machine Images (AMIs). // -// To copy an encrypted snapshot that has been shared from another account, -// you must have permissions for the CMK used to encrypt the snapshot. +// When copying snapshots to a Region, copies of encrypted EBS snapshots remain +// encrypted. Copies of unencrypted snapshots remain unencrypted, unless you +// enable encryption for the snapshot copy operation. By default, encrypted +// snapshot copies use the default AWS Key Management Service (AWS KMS) customer +// master key (CMK); however, you can specify a different CMK. To copy an encrypted +// snapshot that has been shared from another account, you must have permissions +// for the CMK used to encrypt the snapshot. +// +// Snapshots copied to an Outpost are encrypted by default using the default +// encryption key for the Region, or a different key that you specify in the +// request using KmsKeyId. Outposts do not support unencrypted snapshots. For +// more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) +// in the Amazon Elastic Compute Cloud User Guide. // // Snapshots created by copying another snapshot have an arbitrary volume ID // that should not be used for any purpose. @@ -3509,7 +3601,7 @@ func (c *EC2) CreateCapacityReservationRequest(input *CreateCapacityReservationI // you ensure that you always have access to Amazon EC2 capacity when you need // it, for as long as you need it. For more information, see Capacity Reservations // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Your request to create a Capacity Reservation could fail if Amazon EC2 does // not have sufficient capacity to fulfill the request. If your request fails @@ -3522,8 +3614,8 @@ func (c *EC2) CreateCapacityReservationRequest(input *CreateCapacityReservationI // Instance limit for the selected instance type. If your request fails due // to limit constraints, increase your On-Demand Instance limit for the required // instance type and try again. For more information about increasing your instance -// limits, see Amazon EC2 Service Limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) -// in the Amazon Elastic Compute Cloud User Guide. +// limits, see Amazon EC2 Service Quotas (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4288,7 +4380,7 @@ func (c *EC2) CreateFleetRequest(input *CreateFleetInput) (req *request.Request, // that vary by instance type, AMI, Availability Zone, or subnet. // // For more information, see Launching an EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5448,6 +5540,84 @@ func (c *EC2) CreateNetworkAclEntryWithContext(ctx aws.Context, input *CreateNet return out, req.Send() } +const opCreateNetworkInsightsPath = "CreateNetworkInsightsPath" + +// CreateNetworkInsightsPathRequest generates a "aws/request.Request" representing the +// client's request for the CreateNetworkInsightsPath operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateNetworkInsightsPath for more information on using the CreateNetworkInsightsPath +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateNetworkInsightsPathRequest method. +// req, resp := client.CreateNetworkInsightsPathRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateNetworkInsightsPath +func (c *EC2) CreateNetworkInsightsPathRequest(input *CreateNetworkInsightsPathInput) (req *request.Request, output *CreateNetworkInsightsPathOutput) { + op := &request.Operation{ + Name: opCreateNetworkInsightsPath, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateNetworkInsightsPathInput{} + } + + output = &CreateNetworkInsightsPathOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateNetworkInsightsPath API operation for Amazon Elastic Compute Cloud. +// +// Creates a path to analyze for reachability. +// +// Reachability Analyzer enables you to analyze and debug network reachability +// between two resources in your virtual private cloud (VPC). For more information, +// see What is Reachability Analyzer (https://docs.aws.amazon.com/vpc/latest/reachability/). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateNetworkInsightsPath for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateNetworkInsightsPath +func (c *EC2) CreateNetworkInsightsPath(input *CreateNetworkInsightsPathInput) (*CreateNetworkInsightsPathOutput, error) { + req, out := c.CreateNetworkInsightsPathRequest(input) + return out, req.Send() +} + +// CreateNetworkInsightsPathWithContext is the same as CreateNetworkInsightsPath with the addition of +// the ability to pass a context and additional request options. +// +// See CreateNetworkInsightsPath for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateNetworkInsightsPathWithContext(ctx aws.Context, input *CreateNetworkInsightsPathInput, opts ...request.Option) (*CreateNetworkInsightsPathOutput, error) { + req, out := c.CreateNetworkInsightsPathRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateNetworkInterface = "CreateNetworkInterface" // CreateNetworkInterfaceRequest generates a "aws/request.Request" representing the @@ -5659,7 +5829,7 @@ func (c *EC2) CreatePlacementGroupRequest(input *CreatePlacementGroupInput) (req // in another partition. // // For more information, see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5755,7 +5925,7 @@ func (c *EC2) CreateReservedInstancesListingRequest(input *CreateReservedInstanc // you can use the DescribeReservedInstancesListings operation. // // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6103,6 +6273,12 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // snapshots for backups, to make copies of EBS volumes, and to save data before // shutting down an instance. // +// You can create snapshots of volumes in a Region and volumes on an Outpost. +// If you create a snapshot of a volume in a Region, the snapshot must be stored +// in the same Region as the volume. If you create a snapshot of a volume on +// an Outpost, the snapshot can be stored on the same Outpost as the volume, +// or in the Region for that Outpost. +// // When a snapshot is created, any AWS Marketplace product codes that are associated // with the source volume are propagated to the snapshot. // @@ -6209,6 +6385,12 @@ func (c *EC2) CreateSnapshotsRequest(input *CreateSnapshotsInput) (req *request. // will produce one snapshot each that is crash-consistent across the instance. // Boot volumes can be excluded by changing the parameters. // +// You can create multi-volume snapshots of instances in a Region and instances +// on an Outpost. If you create snapshots from an instance in a Region, the +// snapshots must be stored in the same Region as the instance. If you create +// snapshots from an instance on an Outpost, the snapshots can be stored on +// the same Outpost as the instance, or in the Region for that Outpost. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6916,6 +7098,166 @@ func (c *EC2) CreateTransitGatewayWithContext(ctx aws.Context, input *CreateTran return out, req.Send() } +const opCreateTransitGatewayConnect = "CreateTransitGatewayConnect" + +// CreateTransitGatewayConnectRequest generates a "aws/request.Request" representing the +// client's request for the CreateTransitGatewayConnect operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTransitGatewayConnect for more information on using the CreateTransitGatewayConnect +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTransitGatewayConnectRequest method. +// req, resp := client.CreateTransitGatewayConnectRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayConnect +func (c *EC2) CreateTransitGatewayConnectRequest(input *CreateTransitGatewayConnectInput) (req *request.Request, output *CreateTransitGatewayConnectOutput) { + op := &request.Operation{ + Name: opCreateTransitGatewayConnect, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTransitGatewayConnectInput{} + } + + output = &CreateTransitGatewayConnectOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTransitGatewayConnect API operation for Amazon Elastic Compute Cloud. +// +// Creates a Connect attachment from a specified transit gateway attachment. +// A Connect attachment is a GRE-based tunnel attachment that you can use to +// establish a connection between a transit gateway and an appliance. +// +// A Connect attachment uses an existing VPC or AWS Direct Connect attachment +// as the underlying transport mechanism. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTransitGatewayConnect for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayConnect +func (c *EC2) CreateTransitGatewayConnect(input *CreateTransitGatewayConnectInput) (*CreateTransitGatewayConnectOutput, error) { + req, out := c.CreateTransitGatewayConnectRequest(input) + return out, req.Send() +} + +// CreateTransitGatewayConnectWithContext is the same as CreateTransitGatewayConnect with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTransitGatewayConnect for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTransitGatewayConnectWithContext(ctx aws.Context, input *CreateTransitGatewayConnectInput, opts ...request.Option) (*CreateTransitGatewayConnectOutput, error) { + req, out := c.CreateTransitGatewayConnectRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTransitGatewayConnectPeer = "CreateTransitGatewayConnectPeer" + +// CreateTransitGatewayConnectPeerRequest generates a "aws/request.Request" representing the +// client's request for the CreateTransitGatewayConnectPeer operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTransitGatewayConnectPeer for more information on using the CreateTransitGatewayConnectPeer +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTransitGatewayConnectPeerRequest method. +// req, resp := client.CreateTransitGatewayConnectPeerRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayConnectPeer +func (c *EC2) CreateTransitGatewayConnectPeerRequest(input *CreateTransitGatewayConnectPeerInput) (req *request.Request, output *CreateTransitGatewayConnectPeerOutput) { + op := &request.Operation{ + Name: opCreateTransitGatewayConnectPeer, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTransitGatewayConnectPeerInput{} + } + + output = &CreateTransitGatewayConnectPeerOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTransitGatewayConnectPeer API operation for Amazon Elastic Compute Cloud. +// +// Creates a Connect peer for a specified transit gateway Connect attachment +// between a transit gateway and an appliance. +// +// The peer address and transit gateway address must be the same IP address +// family (IPv4 or IPv6). +// +// For more information, see Connect peers (https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html#tgw-connect-peer) +// in the Transit Gateways Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTransitGatewayConnectPeer for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayConnectPeer +func (c *EC2) CreateTransitGatewayConnectPeer(input *CreateTransitGatewayConnectPeerInput) (*CreateTransitGatewayConnectPeerOutput, error) { + req, out := c.CreateTransitGatewayConnectPeerRequest(input) + return out, req.Send() +} + +// CreateTransitGatewayConnectPeerWithContext is the same as CreateTransitGatewayConnectPeer with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTransitGatewayConnectPeer for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTransitGatewayConnectPeerWithContext(ctx aws.Context, input *CreateTransitGatewayConnectPeerInput, opts ...request.Option) (*CreateTransitGatewayConnectPeerOutput, error) { + req, out := c.CreateTransitGatewayConnectPeerRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateTransitGatewayMulticastDomain = "CreateTransitGatewayMulticastDomain" // CreateTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the @@ -8698,7 +9040,7 @@ func (c *EC2) DeleteFleetsRequest(input *DeleteFleetsInput) (req *request.Reques // instant fleets. // // For more information, see Deleting an EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#delete-fleet) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9630,6 +9972,154 @@ func (c *EC2) DeleteNetworkAclEntryWithContext(ctx aws.Context, input *DeleteNet return out, req.Send() } +const opDeleteNetworkInsightsAnalysis = "DeleteNetworkInsightsAnalysis" + +// DeleteNetworkInsightsAnalysisRequest generates a "aws/request.Request" representing the +// client's request for the DeleteNetworkInsightsAnalysis operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteNetworkInsightsAnalysis for more information on using the DeleteNetworkInsightsAnalysis +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteNetworkInsightsAnalysisRequest method. +// req, resp := client.DeleteNetworkInsightsAnalysisRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteNetworkInsightsAnalysis +func (c *EC2) DeleteNetworkInsightsAnalysisRequest(input *DeleteNetworkInsightsAnalysisInput) (req *request.Request, output *DeleteNetworkInsightsAnalysisOutput) { + op := &request.Operation{ + Name: opDeleteNetworkInsightsAnalysis, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteNetworkInsightsAnalysisInput{} + } + + output = &DeleteNetworkInsightsAnalysisOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteNetworkInsightsAnalysis API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified network insights analysis. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteNetworkInsightsAnalysis for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteNetworkInsightsAnalysis +func (c *EC2) DeleteNetworkInsightsAnalysis(input *DeleteNetworkInsightsAnalysisInput) (*DeleteNetworkInsightsAnalysisOutput, error) { + req, out := c.DeleteNetworkInsightsAnalysisRequest(input) + return out, req.Send() +} + +// DeleteNetworkInsightsAnalysisWithContext is the same as DeleteNetworkInsightsAnalysis with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteNetworkInsightsAnalysis for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteNetworkInsightsAnalysisWithContext(ctx aws.Context, input *DeleteNetworkInsightsAnalysisInput, opts ...request.Option) (*DeleteNetworkInsightsAnalysisOutput, error) { + req, out := c.DeleteNetworkInsightsAnalysisRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteNetworkInsightsPath = "DeleteNetworkInsightsPath" + +// DeleteNetworkInsightsPathRequest generates a "aws/request.Request" representing the +// client's request for the DeleteNetworkInsightsPath operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteNetworkInsightsPath for more information on using the DeleteNetworkInsightsPath +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteNetworkInsightsPathRequest method. +// req, resp := client.DeleteNetworkInsightsPathRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteNetworkInsightsPath +func (c *EC2) DeleteNetworkInsightsPathRequest(input *DeleteNetworkInsightsPathInput) (req *request.Request, output *DeleteNetworkInsightsPathOutput) { + op := &request.Operation{ + Name: opDeleteNetworkInsightsPath, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteNetworkInsightsPathInput{} + } + + output = &DeleteNetworkInsightsPathOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteNetworkInsightsPath API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified path. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteNetworkInsightsPath for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteNetworkInsightsPath +func (c *EC2) DeleteNetworkInsightsPath(input *DeleteNetworkInsightsPathInput) (*DeleteNetworkInsightsPathOutput, error) { + req, out := c.DeleteNetworkInsightsPathRequest(input) + return out, req.Send() +} + +// DeleteNetworkInsightsPathWithContext is the same as DeleteNetworkInsightsPath with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteNetworkInsightsPath for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteNetworkInsightsPathWithContext(ctx aws.Context, input *DeleteNetworkInsightsPathInput, opts ...request.Option) (*DeleteNetworkInsightsPathOutput, error) { + req, out := c.DeleteNetworkInsightsPathRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteNetworkInterface = "DeleteNetworkInterface" // DeleteNetworkInterfaceRequest generates a "aws/request.Request" representing the @@ -9831,7 +10321,7 @@ func (c *EC2) DeletePlacementGroupRequest(input *DeletePlacementGroupInput) (req // Deletes the specified placement group. You must terminate all instances in // the placement group before you can delete the placement group. For more information, // see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10861,6 +11351,155 @@ func (c *EC2) DeleteTransitGatewayWithContext(ctx aws.Context, input *DeleteTran return out, req.Send() } +const opDeleteTransitGatewayConnect = "DeleteTransitGatewayConnect" + +// DeleteTransitGatewayConnectRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTransitGatewayConnect operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTransitGatewayConnect for more information on using the DeleteTransitGatewayConnect +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTransitGatewayConnectRequest method. +// req, resp := client.DeleteTransitGatewayConnectRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayConnect +func (c *EC2) DeleteTransitGatewayConnectRequest(input *DeleteTransitGatewayConnectInput) (req *request.Request, output *DeleteTransitGatewayConnectOutput) { + op := &request.Operation{ + Name: opDeleteTransitGatewayConnect, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTransitGatewayConnectInput{} + } + + output = &DeleteTransitGatewayConnectOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTransitGatewayConnect API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Connect attachment. You must first delete any Connect +// peers for the attachment. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTransitGatewayConnect for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayConnect +func (c *EC2) DeleteTransitGatewayConnect(input *DeleteTransitGatewayConnectInput) (*DeleteTransitGatewayConnectOutput, error) { + req, out := c.DeleteTransitGatewayConnectRequest(input) + return out, req.Send() +} + +// DeleteTransitGatewayConnectWithContext is the same as DeleteTransitGatewayConnect with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTransitGatewayConnect for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTransitGatewayConnectWithContext(ctx aws.Context, input *DeleteTransitGatewayConnectInput, opts ...request.Option) (*DeleteTransitGatewayConnectOutput, error) { + req, out := c.DeleteTransitGatewayConnectRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTransitGatewayConnectPeer = "DeleteTransitGatewayConnectPeer" + +// DeleteTransitGatewayConnectPeerRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTransitGatewayConnectPeer operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTransitGatewayConnectPeer for more information on using the DeleteTransitGatewayConnectPeer +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTransitGatewayConnectPeerRequest method. +// req, resp := client.DeleteTransitGatewayConnectPeerRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayConnectPeer +func (c *EC2) DeleteTransitGatewayConnectPeerRequest(input *DeleteTransitGatewayConnectPeerInput) (req *request.Request, output *DeleteTransitGatewayConnectPeerOutput) { + op := &request.Operation{ + Name: opDeleteTransitGatewayConnectPeer, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTransitGatewayConnectPeerInput{} + } + + output = &DeleteTransitGatewayConnectPeerOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTransitGatewayConnectPeer API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Connect peer. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTransitGatewayConnectPeer for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayConnectPeer +func (c *EC2) DeleteTransitGatewayConnectPeer(input *DeleteTransitGatewayConnectPeerInput) (*DeleteTransitGatewayConnectPeerOutput, error) { + req, out := c.DeleteTransitGatewayConnectPeerRequest(input) + return out, req.Send() +} + +// DeleteTransitGatewayConnectPeerWithContext is the same as DeleteTransitGatewayConnectPeer with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTransitGatewayConnectPeer for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTransitGatewayConnectPeerWithContext(ctx aws.Context, input *DeleteTransitGatewayConnectPeerInput, opts ...request.Option) (*DeleteTransitGatewayConnectPeerOutput, error) { + req, out := c.DeleteTransitGatewayConnectPeerRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteTransitGatewayMulticastDomain = "DeleteTransitGatewayMulticastDomain" // DeleteTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the @@ -11663,12 +12302,26 @@ func (c *EC2) DeleteVpcEndpointsRequest(input *DeleteVpcEndpointsInput) (req *re // DeleteVpcEndpoints API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more specified VPC endpoints. Deleting a gateway endpoint -// also deletes the endpoint routes in the route tables that were associated -// with the endpoint. Deleting an interface endpoint or a Gateway Load Balancer -// endpoint deletes the endpoint network interfaces. Gateway Load Balancer endpoints -// can only be deleted if the routes that are associated with the endpoint are -// deleted. +// Deletes one or more specified VPC endpoints. You can delete any of the following +// types of VPC endpoints. +// +// * Gateway endpoint, +// +// * Gateway Load Balancer endpoint, +// +// * Interface endpoint +// +// The following rules apply when you delete a VPC endpoint: +// +// * When you delete a gateway endpoint, we delete the endpoint routes in +// the route tables that are associated with the endpoint. +// +// * When you delete a Gateway Load Balancer endpoint, we delete the endpoint +// network interfaces. You can only delete Gateway Load Balancer endpoints +// when the routes that are associated with the endpoint are deleted. +// +// * When you delete an interface endpoint, we delete the endpoint network +// interfaces. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -12580,6 +13233,139 @@ func (c *EC2) DescribeAddressesWithContext(ctx aws.Context, input *DescribeAddre return out, req.Send() } +const opDescribeAddressesAttribute = "DescribeAddressesAttribute" + +// DescribeAddressesAttributeRequest generates a "aws/request.Request" representing the +// client's request for the DescribeAddressesAttribute operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeAddressesAttribute for more information on using the DescribeAddressesAttribute +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeAddressesAttributeRequest method. +// req, resp := client.DescribeAddressesAttributeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeAddressesAttribute +func (c *EC2) DescribeAddressesAttributeRequest(input *DescribeAddressesAttributeInput) (req *request.Request, output *DescribeAddressesAttributeOutput) { + op := &request.Operation{ + Name: opDescribeAddressesAttribute, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeAddressesAttributeInput{} + } + + output = &DescribeAddressesAttributeOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeAddressesAttribute API operation for Amazon Elastic Compute Cloud. +// +// Describes the attributes of the specified Elastic IP addresses. For requirements, +// see Using reverse DNS for email applications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeAddressesAttribute for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeAddressesAttribute +func (c *EC2) DescribeAddressesAttribute(input *DescribeAddressesAttributeInput) (*DescribeAddressesAttributeOutput, error) { + req, out := c.DescribeAddressesAttributeRequest(input) + return out, req.Send() +} + +// DescribeAddressesAttributeWithContext is the same as DescribeAddressesAttribute with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeAddressesAttribute for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeAddressesAttributeWithContext(ctx aws.Context, input *DescribeAddressesAttributeInput, opts ...request.Option) (*DescribeAddressesAttributeOutput, error) { + req, out := c.DescribeAddressesAttributeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeAddressesAttributePages iterates over the pages of a DescribeAddressesAttribute operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeAddressesAttribute method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeAddressesAttribute operation. +// pageNum := 0 +// err := client.DescribeAddressesAttributePages(params, +// func(page *ec2.DescribeAddressesAttributeOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeAddressesAttributePages(input *DescribeAddressesAttributeInput, fn func(*DescribeAddressesAttributeOutput, bool) bool) error { + return c.DescribeAddressesAttributePagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeAddressesAttributePagesWithContext same as DescribeAddressesAttributePages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeAddressesAttributePagesWithContext(ctx aws.Context, input *DescribeAddressesAttributeInput, fn func(*DescribeAddressesAttributeOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeAddressesAttributeInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeAddressesAttributeRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeAddressesAttributeOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeAggregateIdFormat = "DescribeAggregateIdFormat" // DescribeAggregateIdFormatRequest generates a "aws/request.Request" representing the @@ -15043,6 +15829,9 @@ func (c *EC2) DescribeFleetHistoryRequest(input *DescribeFleetHistoryInput) (req // This ensures that you can query by the last evaluated time and not miss a // recorded event. EC2 Fleet events are available for 48 hours. // +// For more information, see Monitoring your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html#monitor-ec2-fleet) +// in the Amazon EC2 User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -15117,6 +15906,9 @@ func (c *EC2) DescribeFleetInstancesRequest(input *DescribeFleetInstancesInput) // // Describes the running instances for the specified EC2 Fleet. // +// For more information, see Monitoring your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html#monitor-ec2-fleet) +// in the Amazon EC2 User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -15197,6 +15989,9 @@ func (c *EC2) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Re // // Describes the specified EC2 Fleets or all of your EC2 Fleets. // +// For more information, see Monitoring your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html#monitor-ec2-fleet) +// in the Amazon EC2 User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -15676,8 +16471,8 @@ func (c *EC2) DescribeHostReservationOfferingsRequest(input *DescribeHostReserva // Hosts. When purchasing an offering, ensure that the instance family and Region // of the offering matches that of the Dedicated Hosts with which it is to be // associated. For more information about supported instance types, see Dedicated -// Hosts Overview (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Hosts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16916,7 +17711,7 @@ func (c *EC2) DescribeInstanceCreditSpecificationsRequest(input *DescribeInstanc // the call works normally. // // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -17133,18 +17928,18 @@ func (c *EC2) DescribeInstanceStatusRequest(input *DescribeInstanceStatusInput) // to identify hardware and software issues. For more information, see Status // checks for your instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html) // and Troubleshooting instances with failed status checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // * Scheduled events - Amazon EC2 can schedule events (such as reboot, stop, // or terminate) for your instances related to hardware issues, software // updates, or system maintenance. For more information, see Scheduled events // for your instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // * Instance state - You can manage your instances from the moment you launch // them through their termination. For more information, see Instance lifecycle // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -19583,6 +20378,270 @@ func (c *EC2) DescribeNetworkAclsPagesWithContext(ctx aws.Context, input *Descri return p.Err() } +const opDescribeNetworkInsightsAnalyses = "DescribeNetworkInsightsAnalyses" + +// DescribeNetworkInsightsAnalysesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeNetworkInsightsAnalyses operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeNetworkInsightsAnalyses for more information on using the DescribeNetworkInsightsAnalyses +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeNetworkInsightsAnalysesRequest method. +// req, resp := client.DescribeNetworkInsightsAnalysesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeNetworkInsightsAnalyses +func (c *EC2) DescribeNetworkInsightsAnalysesRequest(input *DescribeNetworkInsightsAnalysesInput) (req *request.Request, output *DescribeNetworkInsightsAnalysesOutput) { + op := &request.Operation{ + Name: opDescribeNetworkInsightsAnalyses, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeNetworkInsightsAnalysesInput{} + } + + output = &DescribeNetworkInsightsAnalysesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeNetworkInsightsAnalyses API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more of your network insights analyses. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeNetworkInsightsAnalyses for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeNetworkInsightsAnalyses +func (c *EC2) DescribeNetworkInsightsAnalyses(input *DescribeNetworkInsightsAnalysesInput) (*DescribeNetworkInsightsAnalysesOutput, error) { + req, out := c.DescribeNetworkInsightsAnalysesRequest(input) + return out, req.Send() +} + +// DescribeNetworkInsightsAnalysesWithContext is the same as DescribeNetworkInsightsAnalyses with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeNetworkInsightsAnalyses for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkInsightsAnalysesWithContext(ctx aws.Context, input *DescribeNetworkInsightsAnalysesInput, opts ...request.Option) (*DescribeNetworkInsightsAnalysesOutput, error) { + req, out := c.DescribeNetworkInsightsAnalysesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeNetworkInsightsAnalysesPages iterates over the pages of a DescribeNetworkInsightsAnalyses operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeNetworkInsightsAnalyses method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeNetworkInsightsAnalyses operation. +// pageNum := 0 +// err := client.DescribeNetworkInsightsAnalysesPages(params, +// func(page *ec2.DescribeNetworkInsightsAnalysesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeNetworkInsightsAnalysesPages(input *DescribeNetworkInsightsAnalysesInput, fn func(*DescribeNetworkInsightsAnalysesOutput, bool) bool) error { + return c.DescribeNetworkInsightsAnalysesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeNetworkInsightsAnalysesPagesWithContext same as DescribeNetworkInsightsAnalysesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkInsightsAnalysesPagesWithContext(ctx aws.Context, input *DescribeNetworkInsightsAnalysesInput, fn func(*DescribeNetworkInsightsAnalysesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeNetworkInsightsAnalysesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeNetworkInsightsAnalysesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeNetworkInsightsAnalysesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeNetworkInsightsPaths = "DescribeNetworkInsightsPaths" + +// DescribeNetworkInsightsPathsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeNetworkInsightsPaths operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeNetworkInsightsPaths for more information on using the DescribeNetworkInsightsPaths +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeNetworkInsightsPathsRequest method. +// req, resp := client.DescribeNetworkInsightsPathsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeNetworkInsightsPaths +func (c *EC2) DescribeNetworkInsightsPathsRequest(input *DescribeNetworkInsightsPathsInput) (req *request.Request, output *DescribeNetworkInsightsPathsOutput) { + op := &request.Operation{ + Name: opDescribeNetworkInsightsPaths, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeNetworkInsightsPathsInput{} + } + + output = &DescribeNetworkInsightsPathsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeNetworkInsightsPaths API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more of your paths. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeNetworkInsightsPaths for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeNetworkInsightsPaths +func (c *EC2) DescribeNetworkInsightsPaths(input *DescribeNetworkInsightsPathsInput) (*DescribeNetworkInsightsPathsOutput, error) { + req, out := c.DescribeNetworkInsightsPathsRequest(input) + return out, req.Send() +} + +// DescribeNetworkInsightsPathsWithContext is the same as DescribeNetworkInsightsPaths with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeNetworkInsightsPaths for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkInsightsPathsWithContext(ctx aws.Context, input *DescribeNetworkInsightsPathsInput, opts ...request.Option) (*DescribeNetworkInsightsPathsOutput, error) { + req, out := c.DescribeNetworkInsightsPathsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeNetworkInsightsPathsPages iterates over the pages of a DescribeNetworkInsightsPaths operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeNetworkInsightsPaths method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeNetworkInsightsPaths operation. +// pageNum := 0 +// err := client.DescribeNetworkInsightsPathsPages(params, +// func(page *ec2.DescribeNetworkInsightsPathsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeNetworkInsightsPathsPages(input *DescribeNetworkInsightsPathsInput, fn func(*DescribeNetworkInsightsPathsOutput, bool) bool) error { + return c.DescribeNetworkInsightsPathsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeNetworkInsightsPathsPagesWithContext same as DescribeNetworkInsightsPathsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkInsightsPathsPagesWithContext(ctx aws.Context, input *DescribeNetworkInsightsPathsInput, fn func(*DescribeNetworkInsightsPathsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeNetworkInsightsPathsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeNetworkInsightsPathsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeNetworkInsightsPathsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeNetworkInterfaceAttribute = "DescribeNetworkInterfaceAttribute" // DescribeNetworkInterfaceAttributeRequest generates a "aws/request.Request" representing the @@ -19968,7 +21027,7 @@ func (c *EC2) DescribePlacementGroupsRequest(input *DescribePlacementGroupsInput // // Describes the specified placement groups or all of your placement groups. // For more information, see Placement groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20540,7 +21599,7 @@ func (c *EC2) DescribeReservedInstancesRequest(input *DescribeReservedInstancesI // Describes one or more of the Reserved Instances that you purchased. // // For more information about Reserved Instances, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20635,7 +21694,7 @@ func (c *EC2) DescribeReservedInstancesListingsRequest(input *DescribeReservedIn // that you purchase. // // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20721,7 +21780,7 @@ func (c *EC2) DescribeReservedInstancesModificationsRequest(input *DescribeReser // about the specific modification is returned. // // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20864,7 +21923,7 @@ func (c *EC2) DescribeReservedInstancesOfferingsRequest(input *DescribeReservedI // that you do not purchase your own Reserved Instances. // // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -23419,6 +24478,270 @@ func (c *EC2) DescribeTransitGatewayAttachmentsPagesWithContext(ctx aws.Context, return p.Err() } +const opDescribeTransitGatewayConnectPeers = "DescribeTransitGatewayConnectPeers" + +// DescribeTransitGatewayConnectPeersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTransitGatewayConnectPeers operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTransitGatewayConnectPeers for more information on using the DescribeTransitGatewayConnectPeers +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTransitGatewayConnectPeersRequest method. +// req, resp := client.DescribeTransitGatewayConnectPeersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayConnectPeers +func (c *EC2) DescribeTransitGatewayConnectPeersRequest(input *DescribeTransitGatewayConnectPeersInput) (req *request.Request, output *DescribeTransitGatewayConnectPeersOutput) { + op := &request.Operation{ + Name: opDescribeTransitGatewayConnectPeers, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTransitGatewayConnectPeersInput{} + } + + output = &DescribeTransitGatewayConnectPeersOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTransitGatewayConnectPeers API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Connect peers. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTransitGatewayConnectPeers for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayConnectPeers +func (c *EC2) DescribeTransitGatewayConnectPeers(input *DescribeTransitGatewayConnectPeersInput) (*DescribeTransitGatewayConnectPeersOutput, error) { + req, out := c.DescribeTransitGatewayConnectPeersRequest(input) + return out, req.Send() +} + +// DescribeTransitGatewayConnectPeersWithContext is the same as DescribeTransitGatewayConnectPeers with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTransitGatewayConnectPeers for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayConnectPeersWithContext(ctx aws.Context, input *DescribeTransitGatewayConnectPeersInput, opts ...request.Option) (*DescribeTransitGatewayConnectPeersOutput, error) { + req, out := c.DescribeTransitGatewayConnectPeersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTransitGatewayConnectPeersPages iterates over the pages of a DescribeTransitGatewayConnectPeers operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayConnectPeers method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayConnectPeers operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayConnectPeersPages(params, +// func(page *ec2.DescribeTransitGatewayConnectPeersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayConnectPeersPages(input *DescribeTransitGatewayConnectPeersInput, fn func(*DescribeTransitGatewayConnectPeersOutput, bool) bool) error { + return c.DescribeTransitGatewayConnectPeersPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayConnectPeersPagesWithContext same as DescribeTransitGatewayConnectPeersPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayConnectPeersPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayConnectPeersInput, fn func(*DescribeTransitGatewayConnectPeersOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayConnectPeersInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayConnectPeersRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayConnectPeersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeTransitGatewayConnects = "DescribeTransitGatewayConnects" + +// DescribeTransitGatewayConnectsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTransitGatewayConnects operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTransitGatewayConnects for more information on using the DescribeTransitGatewayConnects +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTransitGatewayConnectsRequest method. +// req, resp := client.DescribeTransitGatewayConnectsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayConnects +func (c *EC2) DescribeTransitGatewayConnectsRequest(input *DescribeTransitGatewayConnectsInput) (req *request.Request, output *DescribeTransitGatewayConnectsOutput) { + op := &request.Operation{ + Name: opDescribeTransitGatewayConnects, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTransitGatewayConnectsInput{} + } + + output = &DescribeTransitGatewayConnectsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTransitGatewayConnects API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Connect attachments. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTransitGatewayConnects for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayConnects +func (c *EC2) DescribeTransitGatewayConnects(input *DescribeTransitGatewayConnectsInput) (*DescribeTransitGatewayConnectsOutput, error) { + req, out := c.DescribeTransitGatewayConnectsRequest(input) + return out, req.Send() +} + +// DescribeTransitGatewayConnectsWithContext is the same as DescribeTransitGatewayConnects with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTransitGatewayConnects for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayConnectsWithContext(ctx aws.Context, input *DescribeTransitGatewayConnectsInput, opts ...request.Option) (*DescribeTransitGatewayConnectsOutput, error) { + req, out := c.DescribeTransitGatewayConnectsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTransitGatewayConnectsPages iterates over the pages of a DescribeTransitGatewayConnects operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayConnects method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayConnects operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayConnectsPages(params, +// func(page *ec2.DescribeTransitGatewayConnectsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayConnectsPages(input *DescribeTransitGatewayConnectsInput, fn func(*DescribeTransitGatewayConnectsOutput, bool) bool) error { + return c.DescribeTransitGatewayConnectsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayConnectsPagesWithContext same as DescribeTransitGatewayConnectsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayConnectsPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayConnectsInput, fn func(*DescribeTransitGatewayConnectsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayConnectsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayConnectsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayConnectsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTransitGatewayMulticastDomains = "DescribeTransitGatewayMulticastDomains" // DescribeTransitGatewayMulticastDomainsRequest generates a "aws/request.Request" representing the @@ -25476,12 +26799,12 @@ func (c *EC2) DescribeVpcEndpointServicesRequest(input *DescribeVpcEndpointServi // // Describes available services to which you can create a VPC endpoint. // -// When the service provider and the consumer have different accounts multiple +// When the service provider and the consumer have different accounts in multiple // Availability Zones, and the consumer views the VPC endpoint service information, // the response only includes the common Availability Zones. For example, when // the service provider account uses us-east-1a and us-east-1c and the consumer -// uses us-east-1a and us-east-1a and us-east-1b, the response includes the -// VPC endpoint services in the common Availability Zone, us-east-1a. +// uses us-east-1a and us-east-1b, the response includes the VPC endpoint services +// in the common Availability Zone, us-east-1a. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28921,8 +30244,8 @@ func (c *EC2) GetConsoleOutputRequest(input *GetConsoleOutputInput) (req *reques // during the instance lifecycle. This option is supported on instance types // that use the Nitro hypervisor. // -// For more information, see Instance Console Output (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Instance console output (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29076,7 +30399,7 @@ func (c *EC2) GetDefaultCreditSpecificationRequest(input *GetDefaultCreditSpecif // instance family. // // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29870,7 +31193,7 @@ func (c *EC2) GetPasswordDataRequest(input *GetPasswordDataInput) (req *request. // scripts (Windows Server 2016 and later). This usually only happens the first // time an instance is launched. For more information, see EC2Config (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_WinAMI.html) // and EC2Launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // For the EC2Config service, the password is not generated for rebundled AMIs // unless Ec2SetPassword is enabled before bundling. @@ -31121,6 +32444,81 @@ func (c *EC2) ImportVolumeWithContext(ctx aws.Context, input *ImportVolumeInput, return out, req.Send() } +const opModifyAddressAttribute = "ModifyAddressAttribute" + +// ModifyAddressAttributeRequest generates a "aws/request.Request" representing the +// client's request for the ModifyAddressAttribute operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyAddressAttribute for more information on using the ModifyAddressAttribute +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyAddressAttributeRequest method. +// req, resp := client.ModifyAddressAttributeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyAddressAttribute +func (c *EC2) ModifyAddressAttributeRequest(input *ModifyAddressAttributeInput) (req *request.Request, output *ModifyAddressAttributeOutput) { + op := &request.Operation{ + Name: opModifyAddressAttribute, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyAddressAttributeInput{} + } + + output = &ModifyAddressAttributeOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyAddressAttribute API operation for Amazon Elastic Compute Cloud. +// +// Modifies an attribute of the specified Elastic IP address. For requirements, +// see Using reverse DNS for email applications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyAddressAttribute for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyAddressAttribute +func (c *EC2) ModifyAddressAttribute(input *ModifyAddressAttributeInput) (*ModifyAddressAttributeOutput, error) { + req, out := c.ModifyAddressAttributeRequest(input) + return out, req.Send() +} + +// ModifyAddressAttributeWithContext is the same as ModifyAddressAttribute with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyAddressAttribute for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyAddressAttributeWithContext(ctx aws.Context, input *ModifyAddressAttributeInput, opts ...request.Option) (*ModifyAddressAttributeOutput, error) { + req, out := c.ModifyAddressAttributeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyAvailabilityZoneGroup = "ModifyAvailabilityZoneGroup" // ModifyAvailabilityZoneGroupRequest generates a "aws/request.Request" representing the @@ -31411,7 +32809,7 @@ func (c *EC2) ModifyDefaultCreditSpecificationRequest(input *ModifyDefaultCredit // for updates. // // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32123,7 +33521,7 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput // // To modify some attributes, the instance must be stopped. For more information, // see Modifying attributes of a stopped instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32278,7 +33676,7 @@ func (c *EC2) ModifyInstanceCreditSpecificationRequest(input *ModifyInstanceCred // performance instance. The credit options are standard and unlimited. // // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32432,7 +33830,8 @@ func (c *EC2) ModifyInstanceMetadataOptionsRequest(input *ModifyInstanceMetadata // the API responds with a state of “pending”. After the parameter modifications // are successfully applied to the instance, the state of the modifications // changes from “pending” to “applied” in subsequent describe-instances -// API calls. For more information, see Instance metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). +// API calls. For more information, see Instance metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32840,7 +34239,7 @@ func (c *EC2) ModifyReservedInstancesRequest(input *ModifyReservedInstancesInput // network platform, and instance type. // // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34747,7 +36146,7 @@ func (c *EC2) MonitorInstancesRequest(input *MonitorInstancesInput) (req *reques // Enables detailed monitoring for a running instance. Otherwise, basic monitoring // is enabled. For more information, see Monitoring your instances and volumes // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // To disable detailed monitoring, see . // @@ -35083,7 +36482,7 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn // // For more information, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) // and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -35251,7 +36650,7 @@ func (c *EC2) RebootInstancesRequest(input *RebootInstancesInput) (req *request. // // For more information about troubleshooting, see Getting console output and // rebooting instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -35333,12 +36732,25 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // For Amazon EBS-backed instances, CreateImage creates and registers the AMI // in a single request, so you don't have to register the AMI yourself. // -// You can also use RegisterImage to create an Amazon EBS-backed Linux AMI from -// a snapshot of a root device volume. You specify the snapshot using the block -// device mapping. For more information, see Launching a Linux instance from -// a backup (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) +// If needed, you can deregister an AMI at any time. Any modifications you make +// to an AMI backed by an instance store volume invalidates its registration. +// If you make changes to an image, deregister the previous image and register +// the new image. +// +// Register a snapshot of a root device volume +// +// You can use RegisterImage to create an Amazon EBS-backed Linux AMI from a +// snapshot of a root device volume. You specify the snapshot using a block +// device mapping. You can't set the encryption state of the volume using the +// block device mapping. If the snapshot is encrypted, or encryption by default +// is enabled, the root volume of an instance launched from the AMI is encrypted. +// +// For more information, see Create a Linux AMI from a snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot) +// and Use encryption with EBS-backed AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // +// AWS Marketplace product codes +// // If any snapshots have AWS Marketplace product codes, they are copied to the // new AMI. // @@ -35364,11 +36776,6 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // Obtaining billing information (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html) // in the Amazon Elastic Compute Cloud User Guide. // -// If needed, you can deregister an AMI at any time. Any modifications you make -// to an AMI backed by an instance store volume invalidates its registration. -// If you make changes to an image, deregister the previous image and register -// the new image. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -35638,6 +37045,81 @@ func (c *EC2) RegisterTransitGatewayMulticastGroupSourcesWithContext(ctx aws.Con return out, req.Send() } +const opRejectTransitGatewayMulticastDomainAssociations = "RejectTransitGatewayMulticastDomainAssociations" + +// RejectTransitGatewayMulticastDomainAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the RejectTransitGatewayMulticastDomainAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RejectTransitGatewayMulticastDomainAssociations for more information on using the RejectTransitGatewayMulticastDomainAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RejectTransitGatewayMulticastDomainAssociationsRequest method. +// req, resp := client.RejectTransitGatewayMulticastDomainAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RejectTransitGatewayMulticastDomainAssociations +func (c *EC2) RejectTransitGatewayMulticastDomainAssociationsRequest(input *RejectTransitGatewayMulticastDomainAssociationsInput) (req *request.Request, output *RejectTransitGatewayMulticastDomainAssociationsOutput) { + op := &request.Operation{ + Name: opRejectTransitGatewayMulticastDomainAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RejectTransitGatewayMulticastDomainAssociationsInput{} + } + + output = &RejectTransitGatewayMulticastDomainAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// RejectTransitGatewayMulticastDomainAssociations API operation for Amazon Elastic Compute Cloud. +// +// Rejects a request to associate cross-account subnets with a transit gateway +// multicast domain. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RejectTransitGatewayMulticastDomainAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RejectTransitGatewayMulticastDomainAssociations +func (c *EC2) RejectTransitGatewayMulticastDomainAssociations(input *RejectTransitGatewayMulticastDomainAssociationsInput) (*RejectTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.RejectTransitGatewayMulticastDomainAssociationsRequest(input) + return out, req.Send() +} + +// RejectTransitGatewayMulticastDomainAssociationsWithContext is the same as RejectTransitGatewayMulticastDomainAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See RejectTransitGatewayMulticastDomainAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RejectTransitGatewayMulticastDomainAssociationsWithContext(ctx aws.Context, input *RejectTransitGatewayMulticastDomainAssociationsInput, opts ...request.Option) (*RejectTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.RejectTransitGatewayMulticastDomainAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRejectTransitGatewayPeeringAttachment = "RejectTransitGatewayPeeringAttachment" // RejectTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the @@ -36847,6 +38329,81 @@ func (c *EC2) RequestSpotInstancesWithContext(ctx aws.Context, input *RequestSpo return out, req.Send() } +const opResetAddressAttribute = "ResetAddressAttribute" + +// ResetAddressAttributeRequest generates a "aws/request.Request" representing the +// client's request for the ResetAddressAttribute operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ResetAddressAttribute for more information on using the ResetAddressAttribute +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ResetAddressAttributeRequest method. +// req, resp := client.ResetAddressAttributeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ResetAddressAttribute +func (c *EC2) ResetAddressAttributeRequest(input *ResetAddressAttributeInput) (req *request.Request, output *ResetAddressAttributeOutput) { + op := &request.Operation{ + Name: opResetAddressAttribute, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ResetAddressAttributeInput{} + } + + output = &ResetAddressAttributeOutput{} + req = c.newRequest(op, input, output) + return +} + +// ResetAddressAttribute API operation for Amazon Elastic Compute Cloud. +// +// Resets the attribute of the specified IP address. For requirements, see Using +// reverse DNS for email applications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ResetAddressAttribute for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ResetAddressAttribute +func (c *EC2) ResetAddressAttribute(input *ResetAddressAttributeInput) (*ResetAddressAttributeOutput, error) { + req, out := c.ResetAddressAttributeRequest(input) + return out, req.Send() +} + +// ResetAddressAttributeWithContext is the same as ResetAddressAttribute with the addition of +// the ability to pass a context and additional request options. +// +// See ResetAddressAttribute for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ResetAddressAttributeWithContext(ctx aws.Context, input *ResetAddressAttributeInput, opts ...request.Option) (*ResetAddressAttributeOutput, error) { + req, out := c.ResetAddressAttributeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opResetEbsDefaultKmsKeyId = "ResetEbsDefaultKmsKeyId" // ResetEbsDefaultKmsKeyIdRequest generates a "aws/request.Request" representing the @@ -37132,7 +38689,7 @@ func (c *EC2) ResetInstanceAttributeRequest(input *ResetInstanceAttributeInput) // is enabled. The default value is true, which means checking is enabled. This // value must be false for a NAT instance to perform NAT. For more information, // see NAT Instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -37819,13 +39376,11 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // Linux instances have access to the public key of the key pair at boot. You // can use this key to provide secure access to the instance. Amazon EC2 public // images use this feature to provide secure access without passwords. For more -// information, see Key pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) -// in the Amazon Elastic Compute Cloud User Guide. +// information, see Key pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html). // // For troubleshooting, see What to do if an instance immediately terminates // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), -// and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html) -// in the Amazon Elastic Compute Cloud User Guide. +// and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -37909,7 +39464,7 @@ func (c *EC2) RunScheduledInstancesRequest(input *RunScheduledInstancesInput) (r // If you terminate a Scheduled Instance before the current scheduled time period // ends, you can launch it again after a few minutes. For more information, // see Scheduled Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38436,7 +39991,7 @@ func (c *EC2) StartInstancesRequest(input *StartInstancesInput) (req *request.Re // root device returns an error. // // For more information, see Stopping instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38466,6 +40021,81 @@ func (c *EC2) StartInstancesWithContext(ctx aws.Context, input *StartInstancesIn return out, req.Send() } +const opStartNetworkInsightsAnalysis = "StartNetworkInsightsAnalysis" + +// StartNetworkInsightsAnalysisRequest generates a "aws/request.Request" representing the +// client's request for the StartNetworkInsightsAnalysis operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartNetworkInsightsAnalysis for more information on using the StartNetworkInsightsAnalysis +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartNetworkInsightsAnalysisRequest method. +// req, resp := client.StartNetworkInsightsAnalysisRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartNetworkInsightsAnalysis +func (c *EC2) StartNetworkInsightsAnalysisRequest(input *StartNetworkInsightsAnalysisInput) (req *request.Request, output *StartNetworkInsightsAnalysisOutput) { + op := &request.Operation{ + Name: opStartNetworkInsightsAnalysis, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartNetworkInsightsAnalysisInput{} + } + + output = &StartNetworkInsightsAnalysisOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartNetworkInsightsAnalysis API operation for Amazon Elastic Compute Cloud. +// +// Starts analyzing the specified path. If the path is reachable, the operation +// returns the shortest feasible path. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation StartNetworkInsightsAnalysis for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartNetworkInsightsAnalysis +func (c *EC2) StartNetworkInsightsAnalysis(input *StartNetworkInsightsAnalysisInput) (*StartNetworkInsightsAnalysisOutput, error) { + req, out := c.StartNetworkInsightsAnalysisRequest(input) + return out, req.Send() +} + +// StartNetworkInsightsAnalysisWithContext is the same as StartNetworkInsightsAnalysis with the addition of +// the ability to pass a context and additional request options. +// +// See StartNetworkInsightsAnalysis for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) StartNetworkInsightsAnalysisWithContext(ctx aws.Context, input *StartNetworkInsightsAnalysisInput, opts ...request.Option) (*StartNetworkInsightsAnalysisOutput, error) { + req, out := c.StartNetworkInsightsAnalysisRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStartVpcEndpointServicePrivateDnsVerification = "StartVpcEndpointServicePrivateDnsVerification" // StartVpcEndpointServicePrivateDnsVerificationRequest generates a "aws/request.Request" representing the @@ -38599,7 +40229,7 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) // and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // We don't charge usage for a stopped instance, or data transfer fees; however, // your root partition Amazon EBS volume remains and continues to persist your @@ -38615,7 +40245,7 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // the Stop action to hibernate Spot Instances, but you can specify that Amazon // EC2 should hibernate Spot Instances when they are interrupted. For more information, // see Hibernating interrupted Spot Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // When you stop or hibernate an instance, we shut it down. You can restart // your instance at any time. Before stopping or hibernating an instance, make @@ -38631,13 +40261,13 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // launch are automatically deleted. For more information about the differences // between rebooting, stopping, hibernating, and terminating instances, see // Instance lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // When you stop an instance, we attempt to shut it down forcibly after a short // while. If your instance appears stuck in the stopping state after a period // of time, there may be an issue with the underlying host computer. For more // information, see Troubleshooting stopping your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38807,11 +40437,11 @@ func (c *EC2) TerminateInstancesRequest(input *TerminateInstancesInput) (req *re // device mapping parameter set to true are automatically deleted. For more // information about the differences between stopping and terminating instances, // see Instance lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // For more information about troubleshooting, see Troubleshooting terminating // your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39036,7 +40666,7 @@ func (c *EC2) UnmonitorInstancesRequest(input *UnmonitorInstancesInput) (req *re // // Disables detailed monitoring for a running instance. For more information, // see Monitoring your instances and volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39402,6 +41032,82 @@ func (s *AcceptReservedInstancesExchangeQuoteOutput) SetExchangeId(v string) *Ac return s } +type AcceptTransitGatewayMulticastDomainAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the subnets to associate with the transit gateway multicast domain. + SubnetIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway attachment. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s AcceptTransitGatewayMulticastDomainAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AcceptTransitGatewayMulticastDomainAssociationsInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *AcceptTransitGatewayMulticastDomainAssociationsInput) SetDryRun(v bool) *AcceptTransitGatewayMulticastDomainAssociationsInput { + s.DryRun = &v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *AcceptTransitGatewayMulticastDomainAssociationsInput) SetSubnetIds(v []*string) *AcceptTransitGatewayMulticastDomainAssociationsInput { + s.SubnetIds = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *AcceptTransitGatewayMulticastDomainAssociationsInput) SetTransitGatewayAttachmentId(v string) *AcceptTransitGatewayMulticastDomainAssociationsInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *AcceptTransitGatewayMulticastDomainAssociationsInput) SetTransitGatewayMulticastDomainId(v string) *AcceptTransitGatewayMulticastDomainAssociationsInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type AcceptTransitGatewayMulticastDomainAssociationsOutput struct { + _ struct{} `type:"structure"` + + // Describes the multicast domain associations. + Associations *TransitGatewayMulticastDomainAssociations `locationName:"associations" type:"structure"` +} + +// String returns the string representation +func (s AcceptTransitGatewayMulticastDomainAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AcceptTransitGatewayMulticastDomainAssociationsOutput) GoString() string { + return s.String() +} + +// SetAssociations sets the Associations field's value. +func (s *AcceptTransitGatewayMulticastDomainAssociationsOutput) SetAssociations(v *TransitGatewayMulticastDomainAssociations) *AcceptTransitGatewayMulticastDomainAssociationsOutput { + s.Associations = v + return s +} + type AcceptTransitGatewayPeeringAttachmentInput struct { _ struct{} `type:"structure"` @@ -40000,6 +41706,57 @@ func (s *Address) SetTags(v []*Tag) *Address { return s } +// The attributes associated with an Elastic IP address. +type AddressAttribute struct { + _ struct{} `type:"structure"` + + // [EC2-VPC] The allocation ID. + AllocationId *string `locationName:"allocationId" type:"string"` + + // The pointer (PTR) record for the IP address. + PtrRecord *string `locationName:"ptrRecord" type:"string"` + + // The updated PTR record for the IP address. + PtrRecordUpdate *PtrUpdateStatus `locationName:"ptrRecordUpdate" type:"structure"` + + // The public IP address. + PublicIp *string `locationName:"publicIp" type:"string"` +} + +// String returns the string representation +func (s AddressAttribute) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AddressAttribute) GoString() string { + return s.String() +} + +// SetAllocationId sets the AllocationId field's value. +func (s *AddressAttribute) SetAllocationId(v string) *AddressAttribute { + s.AllocationId = &v + return s +} + +// SetPtrRecord sets the PtrRecord field's value. +func (s *AddressAttribute) SetPtrRecord(v string) *AddressAttribute { + s.PtrRecord = &v + return s +} + +// SetPtrRecordUpdate sets the PtrRecordUpdate field's value. +func (s *AddressAttribute) SetPtrRecordUpdate(v *PtrUpdateStatus) *AddressAttribute { + s.PtrRecordUpdate = v + return s +} + +// SetPublicIp sets the PublicIp field's value. +func (s *AddressAttribute) SetPublicIp(v string) *AddressAttribute { + s.PublicIp = &v + return s +} + type AdvertiseByoipCidrInput struct { _ struct{} `type:"structure"` @@ -40115,6 +41872,9 @@ type AllocateAddressInput struct { // EC2 select an address from the address pool. To specify a specific address // from the address pool, use the Address parameter instead. PublicIpv4Pool *string `type:"string"` + + // The tags to assign to the Elastic IP address. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -40163,6 +41923,12 @@ func (s *AllocateAddressInput) SetPublicIpv4Pool(v string) *AllocateAddressInput return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *AllocateAddressInput) SetTagSpecifications(v []*TagSpecification) *AllocateAddressInput { + s.TagSpecifications = v + return s +} + type AllocateAddressOutput struct { _ struct{} `type:"structure"` @@ -40259,8 +42025,8 @@ type AllocateHostsInput struct { // Indicates whether the host accepts any untargeted instance launches that // match its instance type configuration, or if it only accepts Host tenancy // instance launches that specify its unique host ID. For more information, - // see Understanding Instance Placement and Host Affinity (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) - // in the Amazon EC2 User Guide for Linux Instances. + // see Understanding auto-placement and affinity (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) + // in the Amazon EC2 User Guide. // // Default: on AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` @@ -40271,13 +42037,13 @@ type AllocateHostsInput struct { AvailabilityZone *string `locationName:"availabilityZone" type:"string" required:"true"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // Indicates whether to enable or disable host recovery for the Dedicated Host. - // Host recovery is disabled by default. For more information, see Host Recovery + // Host recovery is disabled by default. For more information, see Host recovery // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. // // Default: off HostRecovery *string `type:"string" enum:"HostRecovery"` @@ -40441,6 +42207,472 @@ func (s *AllowedPrincipal) SetPrincipalType(v string) *AllowedPrincipal { return s } +// Describes an potential intermediate component of a feasible path. +type AlternatePathHint struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the component. + ComponentArn *string `locationName:"componentArn" type:"string"` + + // The ID of the component. + ComponentId *string `locationName:"componentId" type:"string"` +} + +// String returns the string representation +func (s AlternatePathHint) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AlternatePathHint) GoString() string { + return s.String() +} + +// SetComponentArn sets the ComponentArn field's value. +func (s *AlternatePathHint) SetComponentArn(v string) *AlternatePathHint { + s.ComponentArn = &v + return s +} + +// SetComponentId sets the ComponentId field's value. +func (s *AlternatePathHint) SetComponentId(v string) *AlternatePathHint { + s.ComponentId = &v + return s +} + +// Describes a network access control (ACL) rule. +type AnalysisAclRule struct { + _ struct{} `type:"structure"` + + // The IPv4 address range, in CIDR notation. + Cidr *string `locationName:"cidr" type:"string"` + + // Indicates whether the rule is an outbound rule. + Egress *bool `locationName:"egress" type:"boolean"` + + // The range of ports. + PortRange *PortRange `locationName:"portRange" type:"structure"` + + // The protocol. + Protocol *string `locationName:"protocol" type:"string"` + + // Indicates whether to allow or deny traffic that matches the rule. + RuleAction *string `locationName:"ruleAction" type:"string"` + + // The rule number. + RuleNumber *int64 `locationName:"ruleNumber" type:"integer"` +} + +// String returns the string representation +func (s AnalysisAclRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisAclRule) GoString() string { + return s.String() +} + +// SetCidr sets the Cidr field's value. +func (s *AnalysisAclRule) SetCidr(v string) *AnalysisAclRule { + s.Cidr = &v + return s +} + +// SetEgress sets the Egress field's value. +func (s *AnalysisAclRule) SetEgress(v bool) *AnalysisAclRule { + s.Egress = &v + return s +} + +// SetPortRange sets the PortRange field's value. +func (s *AnalysisAclRule) SetPortRange(v *PortRange) *AnalysisAclRule { + s.PortRange = v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *AnalysisAclRule) SetProtocol(v string) *AnalysisAclRule { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *AnalysisAclRule) SetRuleAction(v string) *AnalysisAclRule { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *AnalysisAclRule) SetRuleNumber(v int64) *AnalysisAclRule { + s.RuleNumber = &v + return s +} + +// Describes a path component. +type AnalysisComponent struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the component. + Arn *string `locationName:"arn" type:"string"` + + // The ID of the component. + Id *string `locationName:"id" type:"string"` +} + +// String returns the string representation +func (s AnalysisComponent) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisComponent) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *AnalysisComponent) SetArn(v string) *AnalysisComponent { + s.Arn = &v + return s +} + +// SetId sets the Id field's value. +func (s *AnalysisComponent) SetId(v string) *AnalysisComponent { + s.Id = &v + return s +} + +// Describes a load balancer listener. +type AnalysisLoadBalancerListener struct { + _ struct{} `type:"structure"` + + // [Classic Load Balancers] The back-end port for the listener. + InstancePort *int64 `locationName:"instancePort" min:"1" type:"integer"` + + // The port on which the load balancer is listening. + LoadBalancerPort *int64 `locationName:"loadBalancerPort" min:"1" type:"integer"` +} + +// String returns the string representation +func (s AnalysisLoadBalancerListener) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisLoadBalancerListener) GoString() string { + return s.String() +} + +// SetInstancePort sets the InstancePort field's value. +func (s *AnalysisLoadBalancerListener) SetInstancePort(v int64) *AnalysisLoadBalancerListener { + s.InstancePort = &v + return s +} + +// SetLoadBalancerPort sets the LoadBalancerPort field's value. +func (s *AnalysisLoadBalancerListener) SetLoadBalancerPort(v int64) *AnalysisLoadBalancerListener { + s.LoadBalancerPort = &v + return s +} + +// Describes a load balancer target. +type AnalysisLoadBalancerTarget struct { + _ struct{} `type:"structure"` + + // The IP address. + Address *string `locationName:"address" type:"string"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // Information about the instance. + Instance *AnalysisComponent `locationName:"instance" type:"structure"` + + // The port on which the target is listening. + Port *int64 `locationName:"port" min:"1" type:"integer"` +} + +// String returns the string representation +func (s AnalysisLoadBalancerTarget) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisLoadBalancerTarget) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *AnalysisLoadBalancerTarget) SetAddress(v string) *AnalysisLoadBalancerTarget { + s.Address = &v + return s +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *AnalysisLoadBalancerTarget) SetAvailabilityZone(v string) *AnalysisLoadBalancerTarget { + s.AvailabilityZone = &v + return s +} + +// SetInstance sets the Instance field's value. +func (s *AnalysisLoadBalancerTarget) SetInstance(v *AnalysisComponent) *AnalysisLoadBalancerTarget { + s.Instance = v + return s +} + +// SetPort sets the Port field's value. +func (s *AnalysisLoadBalancerTarget) SetPort(v int64) *AnalysisLoadBalancerTarget { + s.Port = &v + return s +} + +// Describes a header. Reflects any changes made by a component as traffic passes +// through. The fields of an inbound header are null except for the first component +// of a path. +type AnalysisPacketHeader struct { + _ struct{} `type:"structure"` + + // The destination addresses. + DestinationAddresses []*string `locationName:"destinationAddressSet" locationNameList:"item" type:"list"` + + // The destination port ranges. + DestinationPortRanges []*PortRange `locationName:"destinationPortRangeSet" locationNameList:"item" type:"list"` + + // The protocol. + Protocol *string `locationName:"protocol" type:"string"` + + // The source addresses. + SourceAddresses []*string `locationName:"sourceAddressSet" locationNameList:"item" type:"list"` + + // The source port ranges. + SourcePortRanges []*PortRange `locationName:"sourcePortRangeSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s AnalysisPacketHeader) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisPacketHeader) GoString() string { + return s.String() +} + +// SetDestinationAddresses sets the DestinationAddresses field's value. +func (s *AnalysisPacketHeader) SetDestinationAddresses(v []*string) *AnalysisPacketHeader { + s.DestinationAddresses = v + return s +} + +// SetDestinationPortRanges sets the DestinationPortRanges field's value. +func (s *AnalysisPacketHeader) SetDestinationPortRanges(v []*PortRange) *AnalysisPacketHeader { + s.DestinationPortRanges = v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *AnalysisPacketHeader) SetProtocol(v string) *AnalysisPacketHeader { + s.Protocol = &v + return s +} + +// SetSourceAddresses sets the SourceAddresses field's value. +func (s *AnalysisPacketHeader) SetSourceAddresses(v []*string) *AnalysisPacketHeader { + s.SourceAddresses = v + return s +} + +// SetSourcePortRanges sets the SourcePortRanges field's value. +func (s *AnalysisPacketHeader) SetSourcePortRanges(v []*PortRange) *AnalysisPacketHeader { + s.SourcePortRanges = v + return s +} + +// Describes a route table route. +type AnalysisRouteTableRoute struct { + _ struct{} `type:"structure"` + + // The destination IPv4 address, in CIDR notation. + DestinationCidr *string `locationName:"destinationCidr" type:"string"` + + // The prefix of the AWS service. + DestinationPrefixListId *string `locationName:"destinationPrefixListId" type:"string"` + + // The ID of an egress-only internet gateway. + EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` + + // The ID of the gateway, such as an internet gateway or virtual private gateway. + GatewayId *string `locationName:"gatewayId" type:"string"` + + // The ID of the instance, such as a NAT instance. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The ID of a NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` + + // The ID of a network interface. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // Describes how the route was created. The following are possible values: + // + // * CreateRouteTable - The route was automatically created when the route + // table was created. + // + // * CreateRoute - The route was manually added to the route table. + // + // * EnableVgwRoutePropagation - The route was propagated by route propagation. + Origin *string `locationName:"origin" type:"string"` + + // The ID of a transit gateway. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of a VPC peering connection. + VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` +} + +// String returns the string representation +func (s AnalysisRouteTableRoute) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisRouteTableRoute) GoString() string { + return s.String() +} + +// SetDestinationCidr sets the DestinationCidr field's value. +func (s *AnalysisRouteTableRoute) SetDestinationCidr(v string) *AnalysisRouteTableRoute { + s.DestinationCidr = &v + return s +} + +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *AnalysisRouteTableRoute) SetDestinationPrefixListId(v string) *AnalysisRouteTableRoute { + s.DestinationPrefixListId = &v + return s +} + +// SetEgressOnlyInternetGatewayId sets the EgressOnlyInternetGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetEgressOnlyInternetGatewayId(v string) *AnalysisRouteTableRoute { + s.EgressOnlyInternetGatewayId = &v + return s +} + +// SetGatewayId sets the GatewayId field's value. +func (s *AnalysisRouteTableRoute) SetGatewayId(v string) *AnalysisRouteTableRoute { + s.GatewayId = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *AnalysisRouteTableRoute) SetInstanceId(v string) *AnalysisRouteTableRoute { + s.InstanceId = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetNatGatewayId(v string) *AnalysisRouteTableRoute { + s.NatGatewayId = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *AnalysisRouteTableRoute) SetNetworkInterfaceId(v string) *AnalysisRouteTableRoute { + s.NetworkInterfaceId = &v + return s +} + +// SetOrigin sets the Origin field's value. +func (s *AnalysisRouteTableRoute) SetOrigin(v string) *AnalysisRouteTableRoute { + s.Origin = &v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetTransitGatewayId(v string) *AnalysisRouteTableRoute { + s.TransitGatewayId = &v + return s +} + +// SetVpcPeeringConnectionId sets the VpcPeeringConnectionId field's value. +func (s *AnalysisRouteTableRoute) SetVpcPeeringConnectionId(v string) *AnalysisRouteTableRoute { + s.VpcPeeringConnectionId = &v + return s +} + +// Describes a security group rule. +type AnalysisSecurityGroupRule struct { + _ struct{} `type:"structure"` + + // The IPv4 address range, in CIDR notation. + Cidr *string `locationName:"cidr" type:"string"` + + // The direction. The following are possible values: + // + // * egress + // + // * ingress + Direction *string `locationName:"direction" type:"string"` + + // The port range. + PortRange *PortRange `locationName:"portRange" type:"structure"` + + // The prefix list ID. + PrefixListId *string `locationName:"prefixListId" type:"string"` + + // The protocol name. + Protocol *string `locationName:"protocol" type:"string"` + + // The security group ID. + SecurityGroupId *string `locationName:"securityGroupId" type:"string"` +} + +// String returns the string representation +func (s AnalysisSecurityGroupRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AnalysisSecurityGroupRule) GoString() string { + return s.String() +} + +// SetCidr sets the Cidr field's value. +func (s *AnalysisSecurityGroupRule) SetCidr(v string) *AnalysisSecurityGroupRule { + s.Cidr = &v + return s +} + +// SetDirection sets the Direction field's value. +func (s *AnalysisSecurityGroupRule) SetDirection(v string) *AnalysisSecurityGroupRule { + s.Direction = &v + return s +} + +// SetPortRange sets the PortRange field's value. +func (s *AnalysisSecurityGroupRule) SetPortRange(v *PortRange) *AnalysisSecurityGroupRule { + s.PortRange = v + return s +} + +// SetPrefixListId sets the PrefixListId field's value. +func (s *AnalysisSecurityGroupRule) SetPrefixListId(v string) *AnalysisSecurityGroupRule { + s.PrefixListId = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *AnalysisSecurityGroupRule) SetProtocol(v string) *AnalysisSecurityGroupRule { + s.Protocol = &v + return s +} + +// SetSecurityGroupId sets the SecurityGroupId field's value. +func (s *AnalysisSecurityGroupRule) SetSecurityGroupId(v string) *AnalysisSecurityGroupRule { + s.SecurityGroupId = &v + return s +} + type ApplySecurityGroupsToClientVpnTargetNetworkInput struct { _ struct{} `type:"structure"` @@ -40546,8 +42778,10 @@ func (s *ApplySecurityGroupsToClientVpnTargetNetworkOutput) SetSecurityGroupIds( type AssignIpv6AddressesInput struct { _ struct{} `type:"structure"` - // The number of IPv6 addresses to assign to the network interface. Amazon EC2 - // automatically selects the IPv6 addresses from the subnet range. You can't + // The number of additional IPv6 addresses to assign to the network interface. + // The specified number of IPv6 addresses are assigned in addition to the existing + // IPv6 addresses that are already assigned to the network interface. Amazon + // EC2 automatically selects the IPv6 addresses from the subnet range. You can't // use this option if specifying specific IPv6 addresses. Ipv6AddressCount *int64 `locationName:"ipv6AddressCount" type:"integer"` @@ -40605,7 +42839,8 @@ func (s *AssignIpv6AddressesInput) SetNetworkInterfaceId(v string) *AssignIpv6Ad type AssignIpv6AddressesOutput struct { _ struct{} `type:"structure"` - // The IPv6 addresses assigned to the network interface. + // The new IPv6 addresses assigned to the network interface. Existing IPv6 addresses + // that were assigned to the network interface before the request are not included. AssignedIpv6Addresses []*string `locationName:"assignedIpv6Addresses" locationNameList:"item" type:"list"` // The ID of the network interface. @@ -40783,10 +43018,10 @@ type AssociateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you - // can specify either the instance ID or the network interface ID, but not both. - // The operation fails if you specify an instance ID unless exactly one network - // interface is attached. + // The ID of the instance. The instance must have exactly one attached network + // interface. For EC2-VPC, you can specify either the instance ID or the network + // interface ID, but not both. For EC2-Classic, you must specify an instance + // ID and the instance must be in the running state. InstanceId *string `type:"string"` // [EC2-VPC] The ID of the network interface. If the instance has more than @@ -40801,8 +43036,8 @@ type AssociateAddressInput struct { // address is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // The Elastic IP address to associate with the instance. This is required for - // EC2-Classic. + // [EC2-Classic] The Elastic IP address to associate with the instance. This + // is required for EC2-Classic. PublicIp *string `type:"string"` } @@ -41135,7 +43370,7 @@ type AssociateEnclaveCertificateIamRoleOutput struct { CertificateS3BucketName *string `locationName:"certificateS3BucketName" type:"string"` // The Amazon S3 object key where the certificate, certificate chain, and encrypted - // private key bundle are stored. The object key is formatted as follows: certificate_arn/role_arn. + // private key bundle are stored. The object key is formatted as follows: role_arn/certificate_arn. CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` // The ID of the AWS KMS CMK used to encrypt the private key of the certificate. @@ -41740,7 +43975,7 @@ type AssociatedRole struct { // The key of the Amazon S3 object ey where the certificate, certificate chain, // and encrypted private key bundle is stored. The object key is formated as - // follows: certificate_arn/role_arn. + // follows: role_arn/certificate_arn. CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` // The ID of the KMS customer master key (CMK) used to encrypt the private key. @@ -43077,8 +45312,7 @@ type BlockDeviceMapping struct { // launched. Ebs *EbsBlockDevice `locationName:"ebs" type:"structure"` - // Suppresses the specified device included in the block device mapping of the - // AMI. + // To omit the device from the block device mapping, specify an empty string. NoDevice *string `locationName:"noDevice" type:"string"` // The virtual device name (ephemeralN). Instance store volumes are numbered @@ -44211,6 +46445,9 @@ type CapacityReservation struct { // The ID of the AWS account that owns the Capacity Reservation. OwnerId *string `locationName:"ownerId" type:"string"` + // The date and time at which the Capacity Reservation was started. + StartDate *time.Time `locationName:"startDate" type:"timestamp"` + // The current state of the Capacity Reservation. A Capacity Reservation can // be in one of the following states: // @@ -44221,8 +46458,8 @@ type CapacityReservation struct { // and time specified in your request. The reserved capacity is no longer // available for your use. // - // * cancelled - The Capacity Reservation was manually cancelled. The reserved - // capacity is no longer available for your use. + // * cancelled - The Capacity Reservation was cancelled. The reserved capacity + // is no longer available for your use. // // * pending - The Capacity Reservation request was successful but the capacity // provisioning is still pending. @@ -44344,6 +46581,12 @@ func (s *CapacityReservation) SetOwnerId(v string) *CapacityReservation { return s } +// SetStartDate sets the StartDate field's value. +func (s *CapacityReservation) SetStartDate(v time.Time) *CapacityReservation { + s.StartDate = &v + return s +} + // SetState sets the State field's value. func (s *CapacityReservation) SetState(v string) *CapacityReservation { s.State = &v @@ -44408,9 +46651,9 @@ func (s *CapacityReservationGroup) SetOwnerId(v string) *CapacityReservationGrou // // For more information about Capacity Reservations, see On-Demand Capacity // Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) -// in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity -// Reservations in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. For examples of using Capacity Reservations +// in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// in the Amazon EC2 User Guide. type CapacityReservationOptions struct { _ struct{} `type:"structure"` @@ -44453,9 +46696,9 @@ func (s *CapacityReservationOptions) SetUsageStrategy(v string) *CapacityReserva // // For more information about Capacity Reservations, see On-Demand Capacity // Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) -// in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity -// Reservations in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. For examples of using Capacity Reservations +// in an EC2 Fleet, see EC2 Fleet example configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// in the Amazon EC2 User Guide. type CapacityReservationOptionsRequest struct { _ struct{} `type:"structure"` @@ -46456,13 +48699,23 @@ type CopyImageInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html) + // in the Amazon EC2 API Reference. ClientToken *string `type:"string"` // A description for the new AMI in the destination Region. Description *string `type:"string"` + // The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only + // specify this parameter when copying an AMI from an AWS Region to an Outpost. + // The AMI must be in the Region of the destination Outpost. You cannot copy + // an AMI from an Outpost to a Region, from one Outpost to another, or within + // the same Outpost. + // + // For more information, see Copying AMIs from an AWS Region to an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-amis) + // in the Amazon Elastic Compute Cloud User Guide. + DestinationOutpostArn *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -46558,6 +48811,12 @@ func (s *CopyImageInput) SetDescription(v string) *CopyImageInput { return s } +// SetDestinationOutpostArn sets the DestinationOutpostArn field's value. +func (s *CopyImageInput) SetDestinationOutpostArn(v string) *CopyImageInput { + s.DestinationOutpostArn = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CopyImageInput) SetDryRun(v bool) *CopyImageInput { s.DryRun = &v @@ -46624,6 +48883,17 @@ type CopySnapshotInput struct { // A description for the EBS snapshot. Description *string `type:"string"` + // The Amazon Resource Name (ARN) of the Outpost to which to copy the snapshot. + // Only specify this parameter when copying a snapshot from an AWS Region to + // an Outpost. The snapshot must be in the Region for the destination Outpost. + // You cannot copy a snapshot from an Outpost to a Region, from one Outpost + // to another, or within the same Outpost. + // + // For more information, see Copying snapshots from an AWS Region to an Outpost + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-snapshots) + // in the Amazon Elastic Compute Cloud User Guide. + DestinationOutpostArn *string `type:"string"` + // The destination Region to use in the PresignedUrl parameter of a snapshot // copy operation. This parameter is only valid for specifying the destination // Region in a PresignedUrl parameter, where it is required. @@ -46729,6 +48999,12 @@ func (s *CopySnapshotInput) SetDescription(v string) *CopySnapshotInput { return s } +// SetDestinationOutpostArn sets the DestinationOutpostArn field's value. +func (s *CopySnapshotInput) SetDestinationOutpostArn(v string) *CopySnapshotInput { + s.DestinationOutpostArn = &v + return s +} + // SetDestinationRegion sets the DestinationRegion field's value. func (s *CopySnapshotInput) SetDestinationRegion(v string) *CopySnapshotInput { s.DestinationRegion = &v @@ -46887,7 +49163,7 @@ type CreateCapacityReservationInput struct { AvailabilityZoneId *string `type:"string"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -46959,8 +49235,8 @@ type CreateCapacityReservationInput struct { InstancePlatform *string `type:"string" required:"true" enum:"CapacityReservationInstancePlatform"` // The instance type for which to reserve capacity. For more information, see - // Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. // // InstanceType is a required field InstanceType *string `type:"string" required:"true"` @@ -48125,7 +50401,10 @@ type CreateFleetInput struct { // Describes the configuration of On-Demand Instances in an EC2 Fleet. OnDemandOptions *OnDemandOptionsRequest `type:"structure"` - // Indicates whether EC2 Fleet should replace unhealthy instances. + // Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported + // only for fleets of type maintain. For more information, see EC2 Fleet health + // checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) + // in the Amazon EC2 User Guide. ReplaceUnhealthyInstances *bool `type:"boolean"` // Describes the configuration of Spot Instances in an EC2 Fleet. @@ -48148,7 +50427,7 @@ type CreateFleetInput struct { // The type of request. The default value is maintain. // - // * maintain - The EC2 Fleet plaees an asynchronous request for your desired + // * maintain - The EC2 Fleet places an asynchronous request for your desired // capacity, and continues to maintain your desired Spot capacity by replenishing // interrupted Spot Instances. // @@ -48162,7 +50441,7 @@ type CreateFleetInput struct { // be launched. // // For more information, see EC2 Fleet request types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. Type *string `type:"string" enum:"FleetType"` // The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -48923,7 +51202,7 @@ type CreateInstanceExportTaskInput struct { // maximum length is 255 characters. Description *string `locationName:"description" type:"string"` - // The format and location for an instance export task. + // The format and location for an export instance task. // // ExportToS3Task is a required field ExportToS3Task *ExportToS3TaskSpecification `locationName:"exportToS3" type:"structure" required:"true"` @@ -48933,7 +51212,7 @@ type CreateInstanceExportTaskInput struct { // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` - // The tags to apply to the instance export task during creation. + // The tags to apply to the export instance task during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The target virtualization environment. @@ -49004,7 +51283,7 @@ func (s *CreateInstanceExportTaskInput) SetTargetEnvironment(v string) *CreateIn type CreateInstanceExportTaskOutput struct { _ struct{} `type:"structure"` - // Information about the instance export task. + // Information about the export instance task. ExportTask *ExportTask `locationName:"exportTask" type:"structure"` } @@ -50201,6 +52480,156 @@ func (s *CreateNetworkAclOutput) SetNetworkAcl(v *NetworkAcl) *CreateNetworkAclO return s } +type CreateNetworkInsightsPathInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The AWS resource that is the destination of the path. + // + // Destination is a required field + Destination *string `type:"string" required:"true"` + + // The IP address of the AWS resource that is the destination of the path. + DestinationIp *string `type:"string"` + + // The destination port. + DestinationPort *int64 `min:"1" type:"integer"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The protocol. + // + // Protocol is a required field + Protocol *string `type:"string" required:"true" enum:"Protocol"` + + // The AWS resource that is the source of the path. + // + // Source is a required field + Source *string `type:"string" required:"true"` + + // The IP address of the AWS resource that is the source of the path. + SourceIp *string `type:"string"` + + // The tags to add to the path. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateNetworkInsightsPathInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateNetworkInsightsPathInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateNetworkInsightsPathInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateNetworkInsightsPathInput"} + if s.Destination == nil { + invalidParams.Add(request.NewErrParamRequired("Destination")) + } + if s.DestinationPort != nil && *s.DestinationPort < 1 { + invalidParams.Add(request.NewErrParamMinValue("DestinationPort", 1)) + } + if s.Protocol == nil { + invalidParams.Add(request.NewErrParamRequired("Protocol")) + } + if s.Source == nil { + invalidParams.Add(request.NewErrParamRequired("Source")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateNetworkInsightsPathInput) SetClientToken(v string) *CreateNetworkInsightsPathInput { + s.ClientToken = &v + return s +} + +// SetDestination sets the Destination field's value. +func (s *CreateNetworkInsightsPathInput) SetDestination(v string) *CreateNetworkInsightsPathInput { + s.Destination = &v + return s +} + +// SetDestinationIp sets the DestinationIp field's value. +func (s *CreateNetworkInsightsPathInput) SetDestinationIp(v string) *CreateNetworkInsightsPathInput { + s.DestinationIp = &v + return s +} + +// SetDestinationPort sets the DestinationPort field's value. +func (s *CreateNetworkInsightsPathInput) SetDestinationPort(v int64) *CreateNetworkInsightsPathInput { + s.DestinationPort = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateNetworkInsightsPathInput) SetDryRun(v bool) *CreateNetworkInsightsPathInput { + s.DryRun = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *CreateNetworkInsightsPathInput) SetProtocol(v string) *CreateNetworkInsightsPathInput { + s.Protocol = &v + return s +} + +// SetSource sets the Source field's value. +func (s *CreateNetworkInsightsPathInput) SetSource(v string) *CreateNetworkInsightsPathInput { + s.Source = &v + return s +} + +// SetSourceIp sets the SourceIp field's value. +func (s *CreateNetworkInsightsPathInput) SetSourceIp(v string) *CreateNetworkInsightsPathInput { + s.SourceIp = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateNetworkInsightsPathInput) SetTagSpecifications(v []*TagSpecification) *CreateNetworkInsightsPathInput { + s.TagSpecifications = v + return s +} + +type CreateNetworkInsightsPathOutput struct { + _ struct{} `type:"structure"` + + // Information about the path. + NetworkInsightsPath *NetworkInsightsPath `locationName:"networkInsightsPath" type:"structure"` +} + +// String returns the string representation +func (s CreateNetworkInsightsPathOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateNetworkInsightsPathOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsPath sets the NetworkInsightsPath field's value. +func (s *CreateNetworkInsightsPathOutput) SetNetworkInsightsPath(v *NetworkInsightsPath) *CreateNetworkInsightsPathOutput { + s.NetworkInsightsPath = v + return s +} + // Contains the parameters for CreateNetworkInterface. type CreateNetworkInterfaceInput struct { _ struct{} `type:"structure"` @@ -51101,6 +53530,25 @@ type CreateSnapshotInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The Amazon Resource Name (ARN) of the AWS Outpost on which to create a local + // snapshot. + // + // * To create a snapshot of a volume in a Region, omit this parameter. The + // snapshot is created in the same Region as the volume. + // + // * To create a snapshot of a volume on an Outpost and store the snapshot + // in the Region, omit this parameter. The snapshot is created in the Region + // for the Outpost. + // + // * To create a snapshot of a volume on an Outpost and store the snapshot + // on an Outpost, specify the ARN of the destination Outpost. The snapshot + // must be created on the same Outpost as the volume. + // + // For more information, see Creating local snapshots from volumes on an Outpost + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-snapshot) + // in the Amazon Elastic Compute Cloud User Guide. + OutpostArn *string `type:"string"` + // The tags to apply to the snapshot during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` @@ -51145,6 +53593,12 @@ func (s *CreateSnapshotInput) SetDryRun(v bool) *CreateSnapshotInput { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *CreateSnapshotInput) SetOutpostArn(v string) *CreateSnapshotInput { + s.OutpostArn = &v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateSnapshotInput) SetTagSpecifications(v []*TagSpecification) *CreateSnapshotInput { s.TagSpecifications = v @@ -51177,6 +53631,25 @@ type CreateSnapshotsInput struct { // InstanceSpecification is a required field InstanceSpecification *InstanceSpecification `type:"structure" required:"true"` + // The Amazon Resource Name (ARN) of the AWS Outpost on which to create the + // local snapshots. + // + // * To create snapshots from an instance in a Region, omit this parameter. + // The snapshots are created in the same Region as the instance. + // + // * To create snapshots from an instance on an Outpost and store the snapshots + // in the Region, omit this parameter. The snapshots are created in the Region + // for the Outpost. + // + // * To create snapshots from an instance on an Outpost and store the snapshots + // on an Outpost, specify the ARN of the destination Outpost. The snapshots + // must be created on the same Outpost as the instance. + // + // For more information, see Creating multi-volume local snapshots from instances + // on an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-multivol-snapshot) + // in the Amazon Elastic Compute Cloud User Guide. + OutpostArn *string `type:"string"` + // Tags to apply to every snapshot specified by the instance. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -51228,6 +53701,12 @@ func (s *CreateSnapshotsInput) SetInstanceSpecification(v *InstanceSpecification return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *CreateSnapshotsInput) SetOutpostArn(v string) *CreateSnapshotsInput { + s.OutpostArn = &v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateSnapshotsInput) SetTagSpecifications(v []*TagSpecification) *CreateSnapshotsInput { s.TagSpecifications = v @@ -52156,6 +54635,283 @@ func (s *CreateTrafficMirrorTargetOutput) SetTrafficMirrorTarget(v *TrafficMirro return s } +type CreateTransitGatewayConnectInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The Connect attachment options. + // + // Options is a required field + Options *CreateTransitGatewayConnectRequestOptions `type:"structure" required:"true"` + + // The tags to apply to the Connect attachment. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the transit gateway attachment. You can specify a VPC attachment + // or a AWS Direct Connect attachment. + // + // TransportTransitGatewayAttachmentId is a required field + TransportTransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTransitGatewayConnectInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayConnectInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayConnectInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayConnectInput"} + if s.Options == nil { + invalidParams.Add(request.NewErrParamRequired("Options")) + } + if s.TransportTransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransportTransitGatewayAttachmentId")) + } + if s.Options != nil { + if err := s.Options.Validate(); err != nil { + invalidParams.AddNested("Options", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTransitGatewayConnectInput) SetDryRun(v bool) *CreateTransitGatewayConnectInput { + s.DryRun = &v + return s +} + +// SetOptions sets the Options field's value. +func (s *CreateTransitGatewayConnectInput) SetOptions(v *CreateTransitGatewayConnectRequestOptions) *CreateTransitGatewayConnectInput { + s.Options = v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTransitGatewayConnectInput) SetTagSpecifications(v []*TagSpecification) *CreateTransitGatewayConnectInput { + s.TagSpecifications = v + return s +} + +// SetTransportTransitGatewayAttachmentId sets the TransportTransitGatewayAttachmentId field's value. +func (s *CreateTransitGatewayConnectInput) SetTransportTransitGatewayAttachmentId(v string) *CreateTransitGatewayConnectInput { + s.TransportTransitGatewayAttachmentId = &v + return s +} + +type CreateTransitGatewayConnectOutput struct { + _ struct{} `type:"structure"` + + // Information about the Connect attachment. + TransitGatewayConnect *TransitGatewayConnect `locationName:"transitGatewayConnect" type:"structure"` +} + +// String returns the string representation +func (s CreateTransitGatewayConnectOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayConnectOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayConnect sets the TransitGatewayConnect field's value. +func (s *CreateTransitGatewayConnectOutput) SetTransitGatewayConnect(v *TransitGatewayConnect) *CreateTransitGatewayConnectOutput { + s.TransitGatewayConnect = v + return s +} + +type CreateTransitGatewayConnectPeerInput struct { + _ struct{} `type:"structure"` + + // The BGP options for the Connect peer. + BgpOptions *TransitGatewayConnectRequestBgpOptions `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The range of inside IP addresses that are used for BGP peering. You must + // specify a size /29 IPv4 CIDR block from the 169.254.0.0/16 range. The first + // address from the range must be configured on the appliance as the BGP IP + // address. You can also optionally specify a size /125 IPv6 CIDR block from + // the fd00::/8 range. + // + // InsideCidrBlocks is a required field + InsideCidrBlocks []*string `locationNameList:"item" type:"list" required:"true"` + + // The peer IP address (GRE outer IP address) on the appliance side of the Connect + // peer. + // + // PeerAddress is a required field + PeerAddress *string `type:"string" required:"true"` + + // The tags to apply to the Connect peer. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The peer IP address (GRE outer IP address) on the transit gateway side of + // the Connect peer, which must be specified from a transit gateway CIDR block. + // If not specified, Amazon automatically assigns the first available IP address + // from the transit gateway CIDR block. + TransitGatewayAddress *string `type:"string"` + + // The ID of the Connect attachment. + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTransitGatewayConnectPeerInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayConnectPeerInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayConnectPeerInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayConnectPeerInput"} + if s.InsideCidrBlocks == nil { + invalidParams.Add(request.NewErrParamRequired("InsideCidrBlocks")) + } + if s.PeerAddress == nil { + invalidParams.Add(request.NewErrParamRequired("PeerAddress")) + } + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBgpOptions sets the BgpOptions field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetBgpOptions(v *TransitGatewayConnectRequestBgpOptions) *CreateTransitGatewayConnectPeerInput { + s.BgpOptions = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetDryRun(v bool) *CreateTransitGatewayConnectPeerInput { + s.DryRun = &v + return s +} + +// SetInsideCidrBlocks sets the InsideCidrBlocks field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetInsideCidrBlocks(v []*string) *CreateTransitGatewayConnectPeerInput { + s.InsideCidrBlocks = v + return s +} + +// SetPeerAddress sets the PeerAddress field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetPeerAddress(v string) *CreateTransitGatewayConnectPeerInput { + s.PeerAddress = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetTagSpecifications(v []*TagSpecification) *CreateTransitGatewayConnectPeerInput { + s.TagSpecifications = v + return s +} + +// SetTransitGatewayAddress sets the TransitGatewayAddress field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetTransitGatewayAddress(v string) *CreateTransitGatewayConnectPeerInput { + s.TransitGatewayAddress = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *CreateTransitGatewayConnectPeerInput) SetTransitGatewayAttachmentId(v string) *CreateTransitGatewayConnectPeerInput { + s.TransitGatewayAttachmentId = &v + return s +} + +type CreateTransitGatewayConnectPeerOutput struct { + _ struct{} `type:"structure"` + + // Information about the Connect peer. + TransitGatewayConnectPeer *TransitGatewayConnectPeer `locationName:"transitGatewayConnectPeer" type:"structure"` +} + +// String returns the string representation +func (s CreateTransitGatewayConnectPeerOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayConnectPeerOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayConnectPeer sets the TransitGatewayConnectPeer field's value. +func (s *CreateTransitGatewayConnectPeerOutput) SetTransitGatewayConnectPeer(v *TransitGatewayConnectPeer) *CreateTransitGatewayConnectPeerOutput { + s.TransitGatewayConnectPeer = v + return s +} + +// The options for a Connect attachment. +type CreateTransitGatewayConnectRequestOptions struct { + _ struct{} `type:"structure"` + + // The tunnel protocol. + // + // Protocol is a required field + Protocol *string `type:"string" required:"true" enum:"ProtocolValue"` +} + +// String returns the string representation +func (s CreateTransitGatewayConnectRequestOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayConnectRequestOptions) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayConnectRequestOptions) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayConnectRequestOptions"} + if s.Protocol == nil { + invalidParams.Add(request.NewErrParamRequired("Protocol")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetProtocol sets the Protocol field's value. +func (s *CreateTransitGatewayConnectRequestOptions) SetProtocol(v string) *CreateTransitGatewayConnectRequestOptions { + s.Protocol = &v + return s +} + type CreateTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -52218,6 +54974,9 @@ type CreateTransitGatewayMulticastDomainInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // The options for the transit gateway multicast domain. + Options *CreateTransitGatewayMulticastDomainRequestOptions `type:"structure"` + // The tags for the transit gateway multicast domain. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` @@ -52256,6 +55015,12 @@ func (s *CreateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *CreateTran return s } +// SetOptions sets the Options field's value. +func (s *CreateTransitGatewayMulticastDomainInput) SetOptions(v *CreateTransitGatewayMulticastDomainRequestOptions) *CreateTransitGatewayMulticastDomainInput { + s.Options = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateTransitGatewayMulticastDomainInput) SetTagSpecifications(v []*TagSpecification) *CreateTransitGatewayMulticastDomainInput { s.TagSpecifications = v @@ -52291,6 +55056,51 @@ func (s *CreateTransitGatewayMulticastDomainOutput) SetTransitGatewayMulticastDo return s } +// The options for the transit gateway multicast domain. +type CreateTransitGatewayMulticastDomainRequestOptions struct { + _ struct{} `type:"structure"` + + // Indicates whether to automatically accept cross-account subnet associations + // that are associated with the transit gateway multicast domain. + AutoAcceptSharedAssociations *string `type:"string" enum:"AutoAcceptSharedAssociationsValue"` + + // Specify whether to enable Internet Group Management Protocol (IGMP) version + // 2 for the transit gateway multicast domain. + Igmpv2Support *string `type:"string" enum:"Igmpv2SupportValue"` + + // Specify whether to enable support for statically configuring multicast group + // sources for a domain. + StaticSourcesSupport *string `type:"string" enum:"StaticSourcesSupportValue"` +} + +// String returns the string representation +func (s CreateTransitGatewayMulticastDomainRequestOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayMulticastDomainRequestOptions) GoString() string { + return s.String() +} + +// SetAutoAcceptSharedAssociations sets the AutoAcceptSharedAssociations field's value. +func (s *CreateTransitGatewayMulticastDomainRequestOptions) SetAutoAcceptSharedAssociations(v string) *CreateTransitGatewayMulticastDomainRequestOptions { + s.AutoAcceptSharedAssociations = &v + return s +} + +// SetIgmpv2Support sets the Igmpv2Support field's value. +func (s *CreateTransitGatewayMulticastDomainRequestOptions) SetIgmpv2Support(v string) *CreateTransitGatewayMulticastDomainRequestOptions { + s.Igmpv2Support = &v + return s +} + +// SetStaticSourcesSupport sets the StaticSourcesSupport field's value. +func (s *CreateTransitGatewayMulticastDomainRequestOptions) SetStaticSourcesSupport(v string) *CreateTransitGatewayMulticastDomainRequestOptions { + s.StaticSourcesSupport = &v + return s +} + type CreateTransitGatewayOutput struct { _ struct{} `type:"structure"` @@ -52865,7 +55675,7 @@ type CreateTransitGatewayVpcAttachmentRequestOptions struct { // Enable or disable DNS support. The default is enable. DnsSupport *string `type:"string" enum:"DnsSupportValue"` - // Enable or disable IPv6 support. + // Enable or disable IPv6 support. The default is disable. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` } @@ -52966,8 +55776,8 @@ type CreateVolumeInput struct { // Indicates whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, // you can attach the volume to up to 16 Instances built on the Nitro System // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) - // in the same Availability Zone. This parameter is supported with io1 volumes - // only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) + // in the same Availability Zone. This parameter is supported with io1 and io2 + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) // in the Amazon Elastic Compute Cloud User Guide. MultiAttachEnabled *bool `type:"boolean"` @@ -55988,6 +58798,152 @@ func (s DeleteNetworkAclOutput) GoString() string { return s.String() } +type DeleteNetworkInsightsAnalysisInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the network insights analysis. + // + // NetworkInsightsAnalysisId is a required field + NetworkInsightsAnalysisId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteNetworkInsightsAnalysisInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteNetworkInsightsAnalysisInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteNetworkInsightsAnalysisInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteNetworkInsightsAnalysisInput"} + if s.NetworkInsightsAnalysisId == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInsightsAnalysisId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteNetworkInsightsAnalysisInput) SetDryRun(v bool) *DeleteNetworkInsightsAnalysisInput { + s.DryRun = &v + return s +} + +// SetNetworkInsightsAnalysisId sets the NetworkInsightsAnalysisId field's value. +func (s *DeleteNetworkInsightsAnalysisInput) SetNetworkInsightsAnalysisId(v string) *DeleteNetworkInsightsAnalysisInput { + s.NetworkInsightsAnalysisId = &v + return s +} + +type DeleteNetworkInsightsAnalysisOutput struct { + _ struct{} `type:"structure"` + + // The ID of the network insights analysis. + NetworkInsightsAnalysisId *string `locationName:"networkInsightsAnalysisId" type:"string"` +} + +// String returns the string representation +func (s DeleteNetworkInsightsAnalysisOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteNetworkInsightsAnalysisOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsAnalysisId sets the NetworkInsightsAnalysisId field's value. +func (s *DeleteNetworkInsightsAnalysisOutput) SetNetworkInsightsAnalysisId(v string) *DeleteNetworkInsightsAnalysisOutput { + s.NetworkInsightsAnalysisId = &v + return s +} + +type DeleteNetworkInsightsPathInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the path. + // + // NetworkInsightsPathId is a required field + NetworkInsightsPathId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteNetworkInsightsPathInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteNetworkInsightsPathInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteNetworkInsightsPathInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteNetworkInsightsPathInput"} + if s.NetworkInsightsPathId == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInsightsPathId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteNetworkInsightsPathInput) SetDryRun(v bool) *DeleteNetworkInsightsPathInput { + s.DryRun = &v + return s +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *DeleteNetworkInsightsPathInput) SetNetworkInsightsPathId(v string) *DeleteNetworkInsightsPathInput { + s.NetworkInsightsPathId = &v + return s +} + +type DeleteNetworkInsightsPathOutput struct { + _ struct{} `type:"structure"` + + // The ID of the path. + NetworkInsightsPathId *string `locationName:"networkInsightsPathId" type:"string"` +} + +// String returns the string representation +func (s DeleteNetworkInsightsPathOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteNetworkInsightsPathOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *DeleteNetworkInsightsPathOutput) SetNetworkInsightsPathId(v string) *DeleteNetworkInsightsPathOutput { + s.NetworkInsightsPathId = &v + return s +} + // Contains the parameters for DeleteNetworkInterface. type DeleteNetworkInterfaceInput struct { _ struct{} `type:"structure"` @@ -57081,6 +60037,152 @@ func (s *DeleteTrafficMirrorTargetOutput) SetTrafficMirrorTargetId(v string) *De return s } +type DeleteTransitGatewayConnectInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Connect attachment. + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTransitGatewayConnectInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayConnectInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTransitGatewayConnectInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTransitGatewayConnectInput"} + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTransitGatewayConnectInput) SetDryRun(v bool) *DeleteTransitGatewayConnectInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *DeleteTransitGatewayConnectInput) SetTransitGatewayAttachmentId(v string) *DeleteTransitGatewayConnectInput { + s.TransitGatewayAttachmentId = &v + return s +} + +type DeleteTransitGatewayConnectOutput struct { + _ struct{} `type:"structure"` + + // Information about the deleted Connect attachment. + TransitGatewayConnect *TransitGatewayConnect `locationName:"transitGatewayConnect" type:"structure"` +} + +// String returns the string representation +func (s DeleteTransitGatewayConnectOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayConnectOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayConnect sets the TransitGatewayConnect field's value. +func (s *DeleteTransitGatewayConnectOutput) SetTransitGatewayConnect(v *TransitGatewayConnect) *DeleteTransitGatewayConnectOutput { + s.TransitGatewayConnect = v + return s +} + +type DeleteTransitGatewayConnectPeerInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Connect peer. + // + // TransitGatewayConnectPeerId is a required field + TransitGatewayConnectPeerId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTransitGatewayConnectPeerInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayConnectPeerInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTransitGatewayConnectPeerInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTransitGatewayConnectPeerInput"} + if s.TransitGatewayConnectPeerId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayConnectPeerId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTransitGatewayConnectPeerInput) SetDryRun(v bool) *DeleteTransitGatewayConnectPeerInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayConnectPeerId sets the TransitGatewayConnectPeerId field's value. +func (s *DeleteTransitGatewayConnectPeerInput) SetTransitGatewayConnectPeerId(v string) *DeleteTransitGatewayConnectPeerInput { + s.TransitGatewayConnectPeerId = &v + return s +} + +type DeleteTransitGatewayConnectPeerOutput struct { + _ struct{} `type:"structure"` + + // Information about the deleted Connect peer. + TransitGatewayConnectPeer *TransitGatewayConnectPeer `locationName:"transitGatewayConnectPeer" type:"structure"` +} + +// String returns the string representation +func (s DeleteTransitGatewayConnectPeerOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayConnectPeerOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayConnectPeer sets the TransitGatewayConnectPeer field's value. +func (s *DeleteTransitGatewayConnectPeerOutput) SetTransitGatewayConnectPeer(v *TransitGatewayConnectPeer) *DeleteTransitGatewayConnectPeerOutput { + s.TransitGatewayConnectPeer = v + return s +} + type DeleteTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -58683,6 +61785,115 @@ func (s *DescribeAccountAttributesOutput) SetAccountAttributes(v []*AccountAttri return s } +type DescribeAddressesAttributeInput struct { + _ struct{} `type:"structure"` + + // [EC2-VPC] The allocation IDs. + AllocationIds []*string `locationName:"AllocationId" locationNameList:"item" type:"list"` + + // The attribute of the IP address. + Attribute *string `type:"string" enum:"AddressAttributeName"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeAddressesAttributeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeAddressesAttributeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeAddressesAttributeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeAddressesAttributeInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllocationIds sets the AllocationIds field's value. +func (s *DescribeAddressesAttributeInput) SetAllocationIds(v []*string) *DescribeAddressesAttributeInput { + s.AllocationIds = v + return s +} + +// SetAttribute sets the Attribute field's value. +func (s *DescribeAddressesAttributeInput) SetAttribute(v string) *DescribeAddressesAttributeInput { + s.Attribute = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeAddressesAttributeInput) SetDryRun(v bool) *DescribeAddressesAttributeInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeAddressesAttributeInput) SetMaxResults(v int64) *DescribeAddressesAttributeInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeAddressesAttributeInput) SetNextToken(v string) *DescribeAddressesAttributeInput { + s.NextToken = &v + return s +} + +type DescribeAddressesAttributeOutput struct { + _ struct{} `type:"structure"` + + // Information about the IP addresses. + Addresses []*AddressAttribute `locationName:"addressSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeAddressesAttributeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeAddressesAttributeOutput) GoString() string { + return s.String() +} + +// SetAddresses sets the Addresses field's value. +func (s *DescribeAddressesAttributeOutput) SetAddresses(v []*AddressAttribute) *DescribeAddressesAttributeOutput { + s.Addresses = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeAddressesAttributeOutput) SetNextToken(v string) *DescribeAddressesAttributeOutput { + s.NextToken = &v + return s +} + type DescribeAddressesInput struct { _ struct{} `type:"structure"` @@ -59199,12 +62410,12 @@ type DescribeCapacityReservationsInput struct { // is active and the capacity is available for your use. expired - The Capacity // Reservation expired automatically at the date and time specified in your // request. The reserved capacity is no longer available for your use. cancelled - // - The Capacity Reservation was manually cancelled. The reserved capacity - // is no longer available for your use. pending - The Capacity Reservation - // request was successful but the capacity provisioning is still pending. - // failed - The Capacity Reservation request has failed. A request might - // fail due to invalid request parameters, capacity constraints, or instance - // limit constraints. Failed requests are retained for 60 minutes. + // - The Capacity Reservation was cancelled. The reserved capacity is no + // longer available for your use. pending - The Capacity Reservation request + // was successful but the capacity provisioning is still pending. failed + // - The Capacity Reservation request has failed. A request might fail due + // to invalid request parameters, capacity constraints, or instance limit + // constraints. Failed requests are retained for 60 minutes. // // * end-date - The date and time at which the Capacity Reservation expires. // When a Capacity Reservation expires, the reserved capacity is released @@ -62868,13 +66079,13 @@ type DescribeImagesInput struct { // // * name - The name of the AMI (provided during image creation). // - // * owner-alias - The owner alias, from an Amazon-maintained list (amazon - // | aws-marketplace). This is not the user-configured AWS account alias - // set using the IAM console. We recommend that you use the related parameter - // instead of this filter. + // * owner-alias - The owner alias (amazon | aws-marketplace). The valid + // aliases are defined in an Amazon-maintained list. This is not the AWS + // account alias that can be set using the IAM console. We recommend that + // you use the Owner request parameter instead of this filter. // // * owner-id - The AWS account ID of the owner. We recommend that you use - // the related parameter instead of this filter. + // the Owner request parameter instead of this filter. // // * platform - The platform. To only list Windows-based AMIs, use windows. // @@ -63976,8 +67187,8 @@ type DescribeInstanceTypesInput struct { // can be configured for the instance type. For example, "1" or "1,2". Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The instance types. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The instance types. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. InstanceTypes []*string `locationName:"InstanceType" type:"list"` // The maximum number of results to return for the request in a single page. @@ -64045,8 +67256,8 @@ func (s *DescribeInstanceTypesInput) SetNextToken(v string) *DescribeInstanceTyp type DescribeInstanceTypesOutput struct { _ struct{} `type:"structure"` - // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. InstanceTypes []*InstanceTypeInfo `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -66301,6 +69512,267 @@ func (s *DescribeNetworkAclsOutput) SetNextToken(v string) *DescribeNetworkAclsO return s } +type DescribeNetworkInsightsAnalysesInput struct { + _ struct{} `type:"structure"` + + // The time when the network insights analyses ended. + AnalysisEndTime *time.Time `type:"timestamp"` + + // The time when the network insights analyses started. + AnalysisStartTime *time.Time `type:"timestamp"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. The following are possible values: + // + // * PathFound - A Boolean value that indicates whether a feasible path is + // found. + // + // * Status - The status of the analysis (running | succeeded | failed). + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The ID of the network insights analyses. You must specify either analysis + // IDs or a path ID. + NetworkInsightsAnalysisIds []*string `locationName:"NetworkInsightsAnalysisId" locationNameList:"item" type:"list"` + + // The ID of the path. You must specify either a path ID or analysis IDs. + NetworkInsightsPathId *string `type:"string"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeNetworkInsightsAnalysesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeNetworkInsightsAnalysesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNetworkInsightsAnalysesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNetworkInsightsAnalysesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAnalysisEndTime sets the AnalysisEndTime field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetAnalysisEndTime(v time.Time) *DescribeNetworkInsightsAnalysesInput { + s.AnalysisEndTime = &v + return s +} + +// SetAnalysisStartTime sets the AnalysisStartTime field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetAnalysisStartTime(v time.Time) *DescribeNetworkInsightsAnalysesInput { + s.AnalysisStartTime = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetDryRun(v bool) *DescribeNetworkInsightsAnalysesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetFilters(v []*Filter) *DescribeNetworkInsightsAnalysesInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetMaxResults(v int64) *DescribeNetworkInsightsAnalysesInput { + s.MaxResults = &v + return s +} + +// SetNetworkInsightsAnalysisIds sets the NetworkInsightsAnalysisIds field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetNetworkInsightsAnalysisIds(v []*string) *DescribeNetworkInsightsAnalysesInput { + s.NetworkInsightsAnalysisIds = v + return s +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetNetworkInsightsPathId(v string) *DescribeNetworkInsightsAnalysesInput { + s.NetworkInsightsPathId = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkInsightsAnalysesInput) SetNextToken(v string) *DescribeNetworkInsightsAnalysesInput { + s.NextToken = &v + return s +} + +type DescribeNetworkInsightsAnalysesOutput struct { + _ struct{} `type:"structure"` + + // Information about the network insights analyses. + NetworkInsightsAnalyses []*NetworkInsightsAnalysis `locationName:"networkInsightsAnalysisSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeNetworkInsightsAnalysesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeNetworkInsightsAnalysesOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsAnalyses sets the NetworkInsightsAnalyses field's value. +func (s *DescribeNetworkInsightsAnalysesOutput) SetNetworkInsightsAnalyses(v []*NetworkInsightsAnalysis) *DescribeNetworkInsightsAnalysesOutput { + s.NetworkInsightsAnalyses = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkInsightsAnalysesOutput) SetNextToken(v string) *DescribeNetworkInsightsAnalysesOutput { + s.NextToken = &v + return s +} + +type DescribeNetworkInsightsPathsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. The following are possible values: + // + // * Destination - The ID of the resource. + // + // * DestinationPort - The destination port. + // + // * Name - The path name. + // + // * Protocol - The protocol. + // + // * Source - The ID of the resource. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The IDs of the paths. + NetworkInsightsPathIds []*string `locationName:"NetworkInsightsPathId" locationNameList:"item" type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeNetworkInsightsPathsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeNetworkInsightsPathsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNetworkInsightsPathsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNetworkInsightsPathsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeNetworkInsightsPathsInput) SetDryRun(v bool) *DescribeNetworkInsightsPathsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeNetworkInsightsPathsInput) SetFilters(v []*Filter) *DescribeNetworkInsightsPathsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeNetworkInsightsPathsInput) SetMaxResults(v int64) *DescribeNetworkInsightsPathsInput { + s.MaxResults = &v + return s +} + +// SetNetworkInsightsPathIds sets the NetworkInsightsPathIds field's value. +func (s *DescribeNetworkInsightsPathsInput) SetNetworkInsightsPathIds(v []*string) *DescribeNetworkInsightsPathsInput { + s.NetworkInsightsPathIds = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkInsightsPathsInput) SetNextToken(v string) *DescribeNetworkInsightsPathsInput { + s.NextToken = &v + return s +} + +type DescribeNetworkInsightsPathsOutput struct { + _ struct{} `type:"structure"` + + // Information about the paths. + NetworkInsightsPaths []*NetworkInsightsPath `locationName:"networkInsightsPathSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeNetworkInsightsPathsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeNetworkInsightsPathsOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsPaths sets the NetworkInsightsPaths field's value. +func (s *DescribeNetworkInsightsPathsOutput) SetNetworkInsightsPaths(v []*NetworkInsightsPath) *DescribeNetworkInsightsPathsOutput { + s.NetworkInsightsPaths = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkInsightsPathsOutput) SetNextToken(v string) *DescribeNetworkInsightsPathsOutput { + s.NextToken = &v + return s +} + // Contains the parameters for DescribeNetworkInterfaceAttribute. type DescribeNetworkInterfaceAttributeInput struct { _ struct{} `type:"structure"` @@ -66615,8 +70087,8 @@ type DescribeNetworkInterfacesInput struct { // // * private-dns-name - The private DNS name of the network interface (IPv4). // - // * requester-id - The ID of the entity that launched the instance on your - // behalf (for example, AWS Management Console, Auto Scaling, and so on). + // * requester-id - The alias or AWS account ID of the principal or service + // that created the network interface. // // * requester-managed - Indicates whether the network interface is being // managed by an AWS service (for example, AWS Management Console, Auto Scaling, @@ -67603,8 +71075,8 @@ type DescribeReservedInstancesOfferingsInput struct { InstanceTenancy *string `locationName:"instanceTenancy" type:"string" enum:"Tenancy"` // The instance type that the reservation will cover (for example, m1.small). - // For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. InstanceType *string `type:"string" enum:"InstanceType"` // The maximum duration (in seconds) to filter when searching for offerings. @@ -68361,7 +71833,7 @@ type DescribeSecurityGroupsInput struct { // been referenced in an outbound security group rule. // // * egress.ip-permission.group-name - The name of a security group that - // has been referenced in an outbound security group rule. + // is referenced in an outbound security group rule. // // * egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound // security group rule. @@ -68370,7 +71842,7 @@ type DescribeSecurityGroupsInput struct { // a security group rule allows outbound access. // // * egress.ip-permission.protocol - The IP protocol for an outbound security - // group rule (tcp | udp | icmp or a protocol number). + // group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols). // // * egress.ip-permission.to-port - For an outbound rule, the end of port // range for the TCP and UDP protocols, or an ICMP code. @@ -68391,8 +71863,8 @@ type DescribeSecurityGroupsInput struct { // * ip-permission.group-id - The ID of a security group that has been referenced // in an inbound security group rule. // - // * ip-permission.group-name - The name of a security group that has been - // referenced in an inbound security group rule. + // * ip-permission.group-name - The name of a security group that is referenced + // in an inbound security group rule. // // * ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security // group rule. @@ -68401,7 +71873,7 @@ type DescribeSecurityGroupsInput struct { // security group rule allows inbound access. // // * ip-permission.protocol - The IP protocol for an inbound security group - // rule (tcp | udp | icmp or a protocol number). + // rule (tcp | udp | icmp, a protocol number, or -1 for all protocols). // // * ip-permission.to-port - For an inbound rule, the end of port range for // the TCP and UDP protocols, or an ICMP code. @@ -70344,7 +73816,7 @@ type DescribeTransitGatewayAttachmentsInput struct { // * resource-owner-id - The ID of the AWS account that owns the resource. // // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway - // | peering. + // | peering | connect. // // * state - The state of the attachment. Valid values are available | deleted // | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance @@ -70455,6 +73927,244 @@ func (s *DescribeTransitGatewayAttachmentsOutput) SetTransitGatewayAttachments(v return s } +type DescribeTransitGatewayConnectPeersInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * state - The state of the Connect peer (pending | available | deleting + // | deleted). + // + // * transit-gateway-attachment-id - The ID of the attachment. + // + // * transit-gateway-connect-peer-id - The ID of the Connect peer. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The IDs of the Connect peers. + TransitGatewayConnectPeerIds []*string `locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayConnectPeersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayConnectPeersInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTransitGatewayConnectPeersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTransitGatewayConnectPeersInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTransitGatewayConnectPeersInput) SetDryRun(v bool) *DescribeTransitGatewayConnectPeersInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTransitGatewayConnectPeersInput) SetFilters(v []*Filter) *DescribeTransitGatewayConnectPeersInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTransitGatewayConnectPeersInput) SetMaxResults(v int64) *DescribeTransitGatewayConnectPeersInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayConnectPeersInput) SetNextToken(v string) *DescribeTransitGatewayConnectPeersInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayConnectPeerIds sets the TransitGatewayConnectPeerIds field's value. +func (s *DescribeTransitGatewayConnectPeersInput) SetTransitGatewayConnectPeerIds(v []*string) *DescribeTransitGatewayConnectPeersInput { + s.TransitGatewayConnectPeerIds = v + return s +} + +type DescribeTransitGatewayConnectPeersOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the Connect peers. + TransitGatewayConnectPeers []*TransitGatewayConnectPeer `locationName:"transitGatewayConnectPeerSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayConnectPeersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayConnectPeersOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayConnectPeersOutput) SetNextToken(v string) *DescribeTransitGatewayConnectPeersOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayConnectPeers sets the TransitGatewayConnectPeers field's value. +func (s *DescribeTransitGatewayConnectPeersOutput) SetTransitGatewayConnectPeers(v []*TransitGatewayConnectPeer) *DescribeTransitGatewayConnectPeersOutput { + s.TransitGatewayConnectPeers = v + return s +} + +type DescribeTransitGatewayConnectsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * options.protocol - The tunnel protocol (gre). + // + // * state - The state of the attachment (initiating | initiatingRequest + // | pendingAcceptance | rollingBack | pending | available | modifying | + // deleting | deleted | failed | rejected | rejecting | failing). + // + // * transit-gateway-attachment-id - The ID of the Connect attachment. + // + // * transit-gateway-id - The ID of the transit gateway. + // + // * transport-transit-gateway-attachment-id - The ID of the transit gateway + // attachment from which the Connect attachment was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The IDs of the attachments. + TransitGatewayAttachmentIds []*string `type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayConnectsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayConnectsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTransitGatewayConnectsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTransitGatewayConnectsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTransitGatewayConnectsInput) SetDryRun(v bool) *DescribeTransitGatewayConnectsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTransitGatewayConnectsInput) SetFilters(v []*Filter) *DescribeTransitGatewayConnectsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTransitGatewayConnectsInput) SetMaxResults(v int64) *DescribeTransitGatewayConnectsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayConnectsInput) SetNextToken(v string) *DescribeTransitGatewayConnectsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayAttachmentIds sets the TransitGatewayAttachmentIds field's value. +func (s *DescribeTransitGatewayConnectsInput) SetTransitGatewayAttachmentIds(v []*string) *DescribeTransitGatewayConnectsInput { + s.TransitGatewayAttachmentIds = v + return s +} + +type DescribeTransitGatewayConnectsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the Connect attachments. + TransitGatewayConnects []*TransitGatewayConnect `locationName:"transitGatewayConnectSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayConnectsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayConnectsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayConnectsOutput) SetNextToken(v string) *DescribeTransitGatewayConnectsOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayConnects sets the TransitGatewayConnects field's value. +func (s *DescribeTransitGatewayConnectsOutput) SetTransitGatewayConnects(v []*TransitGatewayConnect) *DescribeTransitGatewayConnectsOutput { + s.TransitGatewayConnects = v + return s +} + type DescribeTransitGatewayMulticastDomainsInput struct { _ struct{} `type:"structure"` @@ -72344,6 +76054,8 @@ type DescribeVpcEndpointServicesInput struct { // // * service-name - The name of the service. // + // * service-type - The type of service (Interface | Gateway). + // // * tag: - The key/value combination of a tag assigned to the resource. // Use the tag key in the filter name and the tag value as the filter value. // For example, to find all resources that have a tag with the key Owner @@ -75312,15 +79024,15 @@ type EbsBlockDevice struct { // Indicates whether the EBS volume is deleted on instance termination. For // more information, see Preserving Amazon EBS volumes on instance termination // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` // Indicates whether the encryption state of an EBS volume is changed while // being restored from a backing snapshot. The effect of setting the encryption // state to true depends on the volume origin (new or from a snapshot), starting // encryption state, ownership, and whether encryption by default is enabled. - // For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) - // in the Amazon Elastic Compute Cloud User Guide. + // For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) + // in the Amazon EC2 User Guide. // // In no case can you remove encryption from an encrypted volume. // @@ -75361,6 +79073,9 @@ type EbsBlockDevice struct { // and RequestSpotInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html). KmsKeyId *string `type:"string"` + // The ARN of the Outpost on which the snapshot is stored. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The ID of the snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` @@ -75382,16 +79097,14 @@ type EbsBlockDevice struct { // // * io1 and io2: 4-16,384 // - // * st1: 500-16,384 - // - // * sc1: 500-16,384 + // * st1 and sc1: 125-16,384 // // * standard: 1-1,024 VolumeSize *int64 `locationName:"volumeSize" type:"integer"` // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. If the volume type is io1 - // or io2, you must specify the IOPS that the volume supports. + // in the Amazon EC2 User Guide. If the volume type is io1 or io2, you must + // specify the IOPS that the volume supports. VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -75429,6 +79142,12 @@ func (s *EbsBlockDevice) SetKmsKeyId(v string) *EbsBlockDevice { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *EbsBlockDevice) SetOutpostArn(v string) *EbsBlockDevice { + s.OutpostArn = &v + return s +} + // SetSnapshotId sets the SnapshotId field's value. func (s *EbsBlockDevice) SetSnapshotId(v string) *EbsBlockDevice { s.SnapshotId = &v @@ -75461,8 +79180,8 @@ type EbsInfo struct { EbsOptimizedInfo *EbsOptimizedInfo `locationName:"ebsOptimizedInfo" type:"structure"` // Indicates whether the instance type is Amazon EBS-optimized. For more information, - // see Amazon EBS-Optimized Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) - // in Amazon EC2 User Guide for Linux Instances. + // see Amazon EBS-optimized instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) + // in Amazon EC2 User Guide. EbsOptimizedSupport *string `locationName:"ebsOptimizedSupport" type:"string" enum:"EbsOptimizedSupport"` // Indicates whether Amazon EBS encryption is supported. @@ -76912,6 +80631,431 @@ func (s *EventInformation) SetInstanceId(v string) *EventInformation { return s } +// Describes an explanation code for an unreachable path. For more information, +// see Reachability Analyzer explanation codes (https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html). +type Explanation struct { + _ struct{} `type:"structure"` + + // The network ACL. + Acl *AnalysisComponent `locationName:"acl" type:"structure"` + + // The network ACL rule. + AclRule *AnalysisAclRule `locationName:"aclRule" type:"structure"` + + // The IPv4 address, in CIDR notation. + Address *string `locationName:"address" type:"string"` + + // The IPv4 addresses, in CIDR notation. + Addresses []*string `locationName:"addressSet" locationNameList:"item" type:"list"` + + // The resource to which the component is attached. + AttachedTo *AnalysisComponent `locationName:"attachedTo" type:"structure"` + + // The Availability Zones. + AvailabilityZones []*string `locationName:"availabilityZoneSet" locationNameList:"item" type:"list"` + + // The CIDR ranges. + Cidrs []*string `locationName:"cidrSet" locationNameList:"item" type:"list"` + + // The listener for a Classic Load Balancer. + ClassicLoadBalancerListener *AnalysisLoadBalancerListener `locationName:"classicLoadBalancerListener" type:"structure"` + + // The component. + Component *AnalysisComponent `locationName:"component" type:"structure"` + + // The customer gateway. + CustomerGateway *AnalysisComponent `locationName:"customerGateway" type:"structure"` + + // The destination. + Destination *AnalysisComponent `locationName:"destination" type:"structure"` + + // The destination VPC. + DestinationVpc *AnalysisComponent `locationName:"destinationVpc" type:"structure"` + + // The direction. The following are possible values: + // + // * egress + // + // * ingress + Direction *string `locationName:"direction" type:"string"` + + // The load balancer listener. + ElasticLoadBalancerListener *AnalysisComponent `locationName:"elasticLoadBalancerListener" type:"structure"` + + // The explanation code. + ExplanationCode *string `locationName:"explanationCode" type:"string"` + + // The route table. + IngressRouteTable *AnalysisComponent `locationName:"ingressRouteTable" type:"structure"` + + // The internet gateway. + InternetGateway *AnalysisComponent `locationName:"internetGateway" type:"structure"` + + // The Amazon Resource Name (ARN) of the load balancer. + LoadBalancerArn *string `locationName:"loadBalancerArn" min:"1" type:"string"` + + // The listener port of the load balancer. + LoadBalancerListenerPort *int64 `locationName:"loadBalancerListenerPort" min:"1" type:"integer"` + + // The target. + LoadBalancerTarget *AnalysisLoadBalancerTarget `locationName:"loadBalancerTarget" type:"structure"` + + // The target group. + LoadBalancerTargetGroup *AnalysisComponent `locationName:"loadBalancerTargetGroup" type:"structure"` + + // The target groups. + LoadBalancerTargetGroups []*AnalysisComponent `locationName:"loadBalancerTargetGroupSet" locationNameList:"item" type:"list"` + + // The target port. + LoadBalancerTargetPort *int64 `locationName:"loadBalancerTargetPort" min:"1" type:"integer"` + + // The missing component. + MissingComponent *string `locationName:"missingComponent" type:"string"` + + // The NAT gateway. + NatGateway *AnalysisComponent `locationName:"natGateway" type:"structure"` + + // The network interface. + NetworkInterface *AnalysisComponent `locationName:"networkInterface" type:"structure"` + + // The packet field. + PacketField *string `locationName:"packetField" type:"string"` + + // The port. + Port *int64 `locationName:"port" min:"1" type:"integer"` + + // The port ranges. + PortRanges []*PortRange `locationName:"portRangeSet" locationNameList:"item" type:"list"` + + // The prefix list. + PrefixList *AnalysisComponent `locationName:"prefixList" type:"structure"` + + // The protocols. + Protocols []*string `locationName:"protocolSet" locationNameList:"item" type:"list"` + + // The route table. + RouteTable *AnalysisComponent `locationName:"routeTable" type:"structure"` + + // The route table route. + RouteTableRoute *AnalysisRouteTableRoute `locationName:"routeTableRoute" type:"structure"` + + // The security group. + SecurityGroup *AnalysisComponent `locationName:"securityGroup" type:"structure"` + + // The security group rule. + SecurityGroupRule *AnalysisSecurityGroupRule `locationName:"securityGroupRule" type:"structure"` + + // The security groups. + SecurityGroups []*AnalysisComponent `locationName:"securityGroupSet" locationNameList:"item" type:"list"` + + // The source VPC. + SourceVpc *AnalysisComponent `locationName:"sourceVpc" type:"structure"` + + // The state. + State *string `locationName:"state" type:"string"` + + // The subnet. + Subnet *AnalysisComponent `locationName:"subnet" type:"structure"` + + // The route table for the subnet. + SubnetRouteTable *AnalysisComponent `locationName:"subnetRouteTable" type:"structure"` + + // The component VPC. + Vpc *AnalysisComponent `locationName:"vpc" type:"structure"` + + // The VPC endpoint. + VpcEndpoint *AnalysisComponent `locationName:"vpcEndpoint" type:"structure"` + + // The VPC peering connection. + VpcPeeringConnection *AnalysisComponent `locationName:"vpcPeeringConnection" type:"structure"` + + // The VPN connection. + VpnConnection *AnalysisComponent `locationName:"vpnConnection" type:"structure"` + + // The VPN gateway. + VpnGateway *AnalysisComponent `locationName:"vpnGateway" type:"structure"` +} + +// String returns the string representation +func (s Explanation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Explanation) GoString() string { + return s.String() +} + +// SetAcl sets the Acl field's value. +func (s *Explanation) SetAcl(v *AnalysisComponent) *Explanation { + s.Acl = v + return s +} + +// SetAclRule sets the AclRule field's value. +func (s *Explanation) SetAclRule(v *AnalysisAclRule) *Explanation { + s.AclRule = v + return s +} + +// SetAddress sets the Address field's value. +func (s *Explanation) SetAddress(v string) *Explanation { + s.Address = &v + return s +} + +// SetAddresses sets the Addresses field's value. +func (s *Explanation) SetAddresses(v []*string) *Explanation { + s.Addresses = v + return s +} + +// SetAttachedTo sets the AttachedTo field's value. +func (s *Explanation) SetAttachedTo(v *AnalysisComponent) *Explanation { + s.AttachedTo = v + return s +} + +// SetAvailabilityZones sets the AvailabilityZones field's value. +func (s *Explanation) SetAvailabilityZones(v []*string) *Explanation { + s.AvailabilityZones = v + return s +} + +// SetCidrs sets the Cidrs field's value. +func (s *Explanation) SetCidrs(v []*string) *Explanation { + s.Cidrs = v + return s +} + +// SetClassicLoadBalancerListener sets the ClassicLoadBalancerListener field's value. +func (s *Explanation) SetClassicLoadBalancerListener(v *AnalysisLoadBalancerListener) *Explanation { + s.ClassicLoadBalancerListener = v + return s +} + +// SetComponent sets the Component field's value. +func (s *Explanation) SetComponent(v *AnalysisComponent) *Explanation { + s.Component = v + return s +} + +// SetCustomerGateway sets the CustomerGateway field's value. +func (s *Explanation) SetCustomerGateway(v *AnalysisComponent) *Explanation { + s.CustomerGateway = v + return s +} + +// SetDestination sets the Destination field's value. +func (s *Explanation) SetDestination(v *AnalysisComponent) *Explanation { + s.Destination = v + return s +} + +// SetDestinationVpc sets the DestinationVpc field's value. +func (s *Explanation) SetDestinationVpc(v *AnalysisComponent) *Explanation { + s.DestinationVpc = v + return s +} + +// SetDirection sets the Direction field's value. +func (s *Explanation) SetDirection(v string) *Explanation { + s.Direction = &v + return s +} + +// SetElasticLoadBalancerListener sets the ElasticLoadBalancerListener field's value. +func (s *Explanation) SetElasticLoadBalancerListener(v *AnalysisComponent) *Explanation { + s.ElasticLoadBalancerListener = v + return s +} + +// SetExplanationCode sets the ExplanationCode field's value. +func (s *Explanation) SetExplanationCode(v string) *Explanation { + s.ExplanationCode = &v + return s +} + +// SetIngressRouteTable sets the IngressRouteTable field's value. +func (s *Explanation) SetIngressRouteTable(v *AnalysisComponent) *Explanation { + s.IngressRouteTable = v + return s +} + +// SetInternetGateway sets the InternetGateway field's value. +func (s *Explanation) SetInternetGateway(v *AnalysisComponent) *Explanation { + s.InternetGateway = v + return s +} + +// SetLoadBalancerArn sets the LoadBalancerArn field's value. +func (s *Explanation) SetLoadBalancerArn(v string) *Explanation { + s.LoadBalancerArn = &v + return s +} + +// SetLoadBalancerListenerPort sets the LoadBalancerListenerPort field's value. +func (s *Explanation) SetLoadBalancerListenerPort(v int64) *Explanation { + s.LoadBalancerListenerPort = &v + return s +} + +// SetLoadBalancerTarget sets the LoadBalancerTarget field's value. +func (s *Explanation) SetLoadBalancerTarget(v *AnalysisLoadBalancerTarget) *Explanation { + s.LoadBalancerTarget = v + return s +} + +// SetLoadBalancerTargetGroup sets the LoadBalancerTargetGroup field's value. +func (s *Explanation) SetLoadBalancerTargetGroup(v *AnalysisComponent) *Explanation { + s.LoadBalancerTargetGroup = v + return s +} + +// SetLoadBalancerTargetGroups sets the LoadBalancerTargetGroups field's value. +func (s *Explanation) SetLoadBalancerTargetGroups(v []*AnalysisComponent) *Explanation { + s.LoadBalancerTargetGroups = v + return s +} + +// SetLoadBalancerTargetPort sets the LoadBalancerTargetPort field's value. +func (s *Explanation) SetLoadBalancerTargetPort(v int64) *Explanation { + s.LoadBalancerTargetPort = &v + return s +} + +// SetMissingComponent sets the MissingComponent field's value. +func (s *Explanation) SetMissingComponent(v string) *Explanation { + s.MissingComponent = &v + return s +} + +// SetNatGateway sets the NatGateway field's value. +func (s *Explanation) SetNatGateway(v *AnalysisComponent) *Explanation { + s.NatGateway = v + return s +} + +// SetNetworkInterface sets the NetworkInterface field's value. +func (s *Explanation) SetNetworkInterface(v *AnalysisComponent) *Explanation { + s.NetworkInterface = v + return s +} + +// SetPacketField sets the PacketField field's value. +func (s *Explanation) SetPacketField(v string) *Explanation { + s.PacketField = &v + return s +} + +// SetPort sets the Port field's value. +func (s *Explanation) SetPort(v int64) *Explanation { + s.Port = &v + return s +} + +// SetPortRanges sets the PortRanges field's value. +func (s *Explanation) SetPortRanges(v []*PortRange) *Explanation { + s.PortRanges = v + return s +} + +// SetPrefixList sets the PrefixList field's value. +func (s *Explanation) SetPrefixList(v *AnalysisComponent) *Explanation { + s.PrefixList = v + return s +} + +// SetProtocols sets the Protocols field's value. +func (s *Explanation) SetProtocols(v []*string) *Explanation { + s.Protocols = v + return s +} + +// SetRouteTable sets the RouteTable field's value. +func (s *Explanation) SetRouteTable(v *AnalysisComponent) *Explanation { + s.RouteTable = v + return s +} + +// SetRouteTableRoute sets the RouteTableRoute field's value. +func (s *Explanation) SetRouteTableRoute(v *AnalysisRouteTableRoute) *Explanation { + s.RouteTableRoute = v + return s +} + +// SetSecurityGroup sets the SecurityGroup field's value. +func (s *Explanation) SetSecurityGroup(v *AnalysisComponent) *Explanation { + s.SecurityGroup = v + return s +} + +// SetSecurityGroupRule sets the SecurityGroupRule field's value. +func (s *Explanation) SetSecurityGroupRule(v *AnalysisSecurityGroupRule) *Explanation { + s.SecurityGroupRule = v + return s +} + +// SetSecurityGroups sets the SecurityGroups field's value. +func (s *Explanation) SetSecurityGroups(v []*AnalysisComponent) *Explanation { + s.SecurityGroups = v + return s +} + +// SetSourceVpc sets the SourceVpc field's value. +func (s *Explanation) SetSourceVpc(v *AnalysisComponent) *Explanation { + s.SourceVpc = v + return s +} + +// SetState sets the State field's value. +func (s *Explanation) SetState(v string) *Explanation { + s.State = &v + return s +} + +// SetSubnet sets the Subnet field's value. +func (s *Explanation) SetSubnet(v *AnalysisComponent) *Explanation { + s.Subnet = v + return s +} + +// SetSubnetRouteTable sets the SubnetRouteTable field's value. +func (s *Explanation) SetSubnetRouteTable(v *AnalysisComponent) *Explanation { + s.SubnetRouteTable = v + return s +} + +// SetVpc sets the Vpc field's value. +func (s *Explanation) SetVpc(v *AnalysisComponent) *Explanation { + s.Vpc = v + return s +} + +// SetVpcEndpoint sets the VpcEndpoint field's value. +func (s *Explanation) SetVpcEndpoint(v *AnalysisComponent) *Explanation { + s.VpcEndpoint = v + return s +} + +// SetVpcPeeringConnection sets the VpcPeeringConnection field's value. +func (s *Explanation) SetVpcPeeringConnection(v *AnalysisComponent) *Explanation { + s.VpcPeeringConnection = v + return s +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *Explanation) SetVpnConnection(v *AnalysisComponent) *Explanation { + s.VpnConnection = v + return s +} + +// SetVpnGateway sets the VpnGateway field's value. +func (s *Explanation) SetVpnGateway(v *AnalysisComponent) *Explanation { + s.VpnGateway = v + return s +} + type ExportClientVpnClientCertificateRevocationListInput struct { _ struct{} `type:"structure"` @@ -77103,7 +81247,7 @@ type ExportImageInput struct { // S3ExportLocation is a required field S3ExportLocation *ExportTaskS3LocationRequest `type:"structure" required:"true"` - // The tags to apply to the image being exported. + // The tags to apply to the export image task during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -77221,7 +81365,7 @@ type ExportImageOutput struct { // The status message for the export image task. StatusMessage *string `locationName:"statusMessage" type:"string"` - // Any tags assigned to the image being exported. + // Any tags assigned to the export image task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -77321,7 +81465,7 @@ type ExportImageTask struct { // The status message for the export image task. StatusMessage *string `locationName:"statusMessage" type:"string"` - // Any tags assigned to the image being exported. + // Any tags assigned to the export image task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -77383,7 +81527,7 @@ func (s *ExportImageTask) SetTags(v []*Tag) *ExportImageTask { return s } -// Describes an instance export task. +// Describes an export instance task. type ExportTask struct { _ struct{} `type:"structure"` @@ -77542,7 +81686,7 @@ func (s *ExportTaskS3LocationRequest) SetS3Prefix(v string) *ExportTaskS3Locatio return s } -// Describes the format and location for an instance export task. +// Describes the format and location for the export task. type ExportToS3Task struct { _ struct{} `type:"structure"` @@ -77595,7 +81739,7 @@ func (s *ExportToS3Task) SetS3Key(v string) *ExportToS3Task { return s } -// Describes an instance export task. +// Describes an export instance task. type ExportToS3TaskSpecification struct { _ struct{} `type:"structure"` @@ -77872,29 +82016,7 @@ func (s *FederatedAuthenticationRequest) SetSelfServiceSAMLProviderArn(v string) // A filter name and value pair that is used to return a more specific list // of results from a describe operation. Filters can be used to match a set -// of resources by specific criteria, such as tags, attributes, or IDs. The -// filters supported by a describe operation are documented with the describe -// operation. For example: -// -// * DescribeAvailabilityZones -// -// * DescribeImages -// -// * DescribeInstances -// -// * DescribeKeyPairs -// -// * DescribeSecurityGroups -// -// * DescribeSnapshots -// -// * DescribeSubnets -// -// * DescribeTags -// -// * DescribeVolumes -// -// * DescribeVpcs +// of resources by specific criteria, such as tags, attributes, or IDs. type Filter struct { _ struct{} `type:"structure"` @@ -77979,7 +82101,10 @@ type FleetData struct { // The allocation strategy of On-Demand Instances in an EC2 Fleet. OnDemandOptions *OnDemandOptions `locationName:"onDemandOptions" type:"structure"` - // Indicates whether EC2 Fleet should replace unhealthy instances. + // Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported + // only for fleets of type maintain. For more information, see EC2 Fleet health + // checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) + // in the Amazon EC2 User Guide. ReplaceUnhealthyInstances *bool `locationName:"replaceUnhealthyInstances" type:"boolean"` // The configuration of Spot Instances in an EC2 Fleet. @@ -78473,7 +82598,7 @@ func (s *FleetLaunchTemplateSpecification) SetVersion(v string) *FleetLaunchTemp // that can be used by an EC2 Fleet to configure Amazon EC2 instances. For information // about launch templates, see Launching an instance from a launch template // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. type FleetLaunchTemplateSpecificationRequest struct { _ struct{} `type:"structure"` @@ -78571,7 +82696,7 @@ func (s *FleetSpotCapacityRebalance) SetReplacementStrategy(v string) *FleetSpot // The Spot Instance replacement strategy to use when Amazon EC2 emits a signal // that your Spot Instance is at an elevated risk of being interrupted. For // more information, see Capacity rebalancing (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-capacity-rebalance) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. type FleetSpotCapacityRebalanceRequest struct { _ struct{} `type:"structure"` @@ -79457,8 +83582,8 @@ type GetCapacityReservationUsageOutput struct { // and time specified in your request. The reserved capacity is no longer // available for your use. // - // * cancelled - The Capacity Reservation was manually cancelled. The reserved - // capacity is no longer available for your use. + // * cancelled - The Capacity Reservation was cancelled. The reserved capacity + // is no longer available for your use. // // * pending - The Capacity Reservation request was successful but the capacity // provisioning is still pending. @@ -81166,7 +85291,7 @@ type GetTransitGatewayRouteTableAssociationsInput struct { // * resource-id - The ID of the resource. // // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway - // | peering. + // | peering | connect. // // * transit-gateway-attachment-id - The ID of the attachment. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -81287,7 +85412,7 @@ type GetTransitGatewayRouteTablePropagationsInput struct { // * resource-id - The ID of the resource. // // * resource-type - The resource type. Valid values are vpc | vpn | direct-connect-gateway - // | peering. + // | peering | connect. // // * transit-gateway-attachment-id - The ID of the attachment. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -81539,7 +85664,7 @@ func (s *GroupIdentifier) SetGroupName(v string) *GroupIdentifier { // Indicates whether your instance is configured for hibernation. This parameter // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. type HibernationOptions struct { _ struct{} `type:"structure"` @@ -81567,7 +85692,7 @@ func (s *HibernationOptions) SetConfigured(v bool) *HibernationOptions { // Indicates whether your instance is configured for hibernation. This parameter // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. type HibernationOptionsRequest struct { _ struct{} `type:"structure"` @@ -81694,10 +85819,9 @@ type Host struct { AllocationTime *time.Time `locationName:"allocationTime" type:"timestamp"` // Indicates whether the Dedicated Host supports multiple instance types of - // the same instance family, or a specific instance type only. one indicates - // that the Dedicated Host supports multiple instance types in the instance - // family. off indicates that the Dedicated Host supports a single instance - // type only. + // the same instance family. If the value is on, the Dedicated Host supports + // multiple instance types in the instance family. If the value is off, the + // Dedicated Host supports a single instance type only. AllowsMultipleInstanceTypes *string `locationName:"allowsMultipleInstanceTypes" type:"string" enum:"AllowsMultipleInstanceTypes"` // Whether auto-placement is on or off. @@ -81713,7 +85837,7 @@ type Host struct { AvailableCapacity *AvailableCapacity `locationName:"availableCapacity" type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The ID of the Dedicated Host. @@ -82716,7 +86840,7 @@ type ImageDiskContainer struct { // The format of the disk image being imported. // - // Valid values: OVA | VHD | VHDX |VMDK + // Valid values: OVA | VHD | VHDX | VMDK | RAW Format *string `type:"string"` // The ID of the EBS snapshot to be used for importing the snapshot. @@ -82959,7 +87083,7 @@ type ImportImageInput struct { // The name of the role to use when not using the default role, 'vmimport'. RoleName *string `type:"string"` - // The tags to apply to the image being imported. + // The tags to apply to the import image task during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -83151,7 +87275,7 @@ type ImportImageOutput struct { // A detailed status message of the import task. StatusMessage *string `locationName:"statusMessage" type:"string"` - // Any tags assigned to the image being imported. + // Any tags assigned to the import image task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -83956,7 +88080,7 @@ type ImportSnapshotInput struct { // The name of the role to use when not using the default role, 'vmimport'. RoleName *string `type:"string"` - // The tags to apply to the snapshot being imported. + // The tags to apply to the import snapshot task during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -84036,7 +88160,7 @@ type ImportSnapshotOutput struct { // Information about the import snapshot task. SnapshotTaskDetail *SnapshotTaskDetail `locationName:"snapshotTaskDetail" type:"structure"` - // Any tags assigned to the snapshot being imported. + // Any tags assigned to the import snapshot task. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -84514,8 +88638,8 @@ type Instance struct { // This controls whether source/destination checking is enabled on the instance. // A value of true means that checking is enabled, and false means that checking // is disabled. The value must be false for the instance to perform NAT. For - // more information, see NAT Instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) - // in the Amazon Virtual Private Cloud User Guide. + // more information, see NAT instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) + // in the Amazon VPC User Guide. SourceDestCheck *bool `locationName:"sourceDestCheck" type:"boolean"` // If the request is a Spot Instance request, the ID of the request. @@ -86419,8 +90543,8 @@ type InstanceTypeInfo struct { // Indicates whether instance storage is supported. InstanceStorageSupported *bool `locationName:"instanceStorageSupported" type:"boolean"` - // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` // Describes the memory for the instance type. @@ -86600,8 +90724,8 @@ func (s *InstanceTypeInfo) SetVCpuInfo(v *VCpuInfo) *InstanceTypeInfo { type InstanceTypeOffering struct { _ struct{} `type:"structure"` - // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` // The identifier for the location. This depends on the location type. For example, @@ -87129,6 +91253,8 @@ type LaunchPermission struct { Group *string `locationName:"group" type:"string" enum:"PermissionGroup"` // The AWS account ID. + // + // Constraints: Up to 10 000 account IDs can be specified in a single request. UserId *string `locationName:"userId" type:"string"` } @@ -87469,8 +91595,7 @@ type LaunchTemplateBlockDeviceMapping struct { // Information about the block device for an EBS volume. Ebs *LaunchTemplateEbsBlockDevice `locationName:"ebs" type:"structure"` - // Suppresses the specified device included in the block device mapping of the - // AMI. + // To omit the device from the block device mapping, specify an empty string. NoDevice *string `locationName:"noDevice" type:"string"` // The virtual device name (ephemeralN). @@ -87522,8 +91647,7 @@ type LaunchTemplateBlockDeviceMappingRequest struct { // launched. Ebs *LaunchTemplateEbsBlockDeviceRequest `type:"structure"` - // Suppresses the specified device included in the block device mapping of the - // AMI. + // To omit the device from the block device mapping, specify an empty string. NoDevice *string `type:"string"` // The virtual device name (ephemeralN). Instance store volumes are numbered @@ -87888,9 +92012,8 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. // - // This parameter is required for io1 and io2 volumes. The default for gp3 volumes - // is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard - // volumes. + // This parameter is supported for io1, io2, and gp3 volumes only. This parameter + // is not supported for gp2, st1, sc1, or standard volumes. Iops *int64 `type:"integer"` // The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for @@ -87906,11 +92029,8 @@ type LaunchTemplateEbsBlockDeviceRequest struct { Throughput *int64 `type:"integer"` // The size of the volume, in GiBs. You must specify either a snapshot ID or - // a volume size. If you specify a snapshot, the default is the snapshot size. - // You can specify a volume size that is equal to or larger than the snapshot - // size. - // - // The following are the supported volumes sizes for each volume type: + // a volume size. The following are the supported volumes sizes for each volume + // type: // // * gp2 and gp3: 1-16,384 // @@ -87921,8 +92041,7 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // * standard: 1-1,024 VolumeSize *int64 `type:"integer"` - // The volume type. The default is gp2. For more information, see Amazon EBS - // volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. VolumeType *string `type:"string" enum:"VolumeType"` } @@ -90339,6 +94458,88 @@ func (s *MemoryInfo) SetSizeInMiB(v int64) *MemoryInfo { return s } +type ModifyAddressAttributeInput struct { + _ struct{} `type:"structure"` + + // [EC2-VPC] The allocation ID. + // + // AllocationId is a required field + AllocationId *string `type:"string" required:"true"` + + // The domain name to modify for the IP address. + DomainName *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s ModifyAddressAttributeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyAddressAttributeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyAddressAttributeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyAddressAttributeInput"} + if s.AllocationId == nil { + invalidParams.Add(request.NewErrParamRequired("AllocationId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllocationId sets the AllocationId field's value. +func (s *ModifyAddressAttributeInput) SetAllocationId(v string) *ModifyAddressAttributeInput { + s.AllocationId = &v + return s +} + +// SetDomainName sets the DomainName field's value. +func (s *ModifyAddressAttributeInput) SetDomainName(v string) *ModifyAddressAttributeInput { + s.DomainName = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyAddressAttributeInput) SetDryRun(v bool) *ModifyAddressAttributeInput { + s.DryRun = &v + return s +} + +type ModifyAddressAttributeOutput struct { + _ struct{} `type:"structure"` + + // Information about the Elastic IP address. + Address *AddressAttribute `locationName:"address" type:"structure"` +} + +// String returns the string representation +func (s ModifyAddressAttributeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyAddressAttributeOutput) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *ModifyAddressAttributeOutput) SetAddress(v *AddressAttribute) *ModifyAddressAttributeOutput { + s.Address = v + return s +} + type ModifyAvailabilityZoneGroupInput struct { _ struct{} `type:"structure"` @@ -90433,6 +94634,9 @@ func (s *ModifyAvailabilityZoneGroupOutput) SetReturn(v bool) *ModifyAvailabilit type ModifyCapacityReservationInput struct { _ struct{} `type:"structure"` + // Reserved. Capacity Reservations you have created are accepted by default. + Accept *bool `type:"boolean"` + // The ID of the Capacity Reservation. // // CapacityReservationId is a required field @@ -90494,6 +94698,12 @@ func (s *ModifyCapacityReservationInput) Validate() error { return nil } +// SetAccept sets the Accept field's value. +func (s *ModifyCapacityReservationInput) SetAccept(v bool) *ModifyCapacityReservationInput { + s.Accept = &v + return s +} + // SetCapacityReservationId sets the CapacityReservationId field's value. func (s *ModifyCapacityReservationInput) SetCapacityReservationId(v string) *ModifyCapacityReservationInput { s.CapacityReservationId = &v @@ -91189,8 +95399,8 @@ type ModifyHostsInput struct { HostIds []*string `locationName:"hostId" locationNameList:"item" type:"list" required:"true"` // Indicates whether to enable or disable host recovery for the Dedicated Host. - // For more information, see Host Recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) - // in the Amazon Elastic Compute Cloud User Guide. + // For more information, see Host recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) + // in the Amazon EC2 User Guide. HostRecovery *string `type:"string" enum:"HostRecovery"` // Specifies the instance family to be supported by the Dedicated Host. Specify @@ -91621,7 +95831,7 @@ type ModifyInstanceAttributeInput struct { // To add instance store volumes to an Amazon EBS-backed instance, you must // add them when you launch the instance. For more information, see Updating // the block device mapping when launching an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. BlockDeviceMappings []*InstanceBlockDeviceMappingSpecification `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` // If the value is true, you can't terminate the instance using the Amazon EC2 @@ -91663,8 +95873,9 @@ type ModifyInstanceAttributeInput struct { InstanceInitiatedShutdownBehavior *AttributeValue `locationName:"instanceInitiatedShutdownBehavior" type:"structure"` // Changes the instance type to the specified value. For more information, see - // Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). - // If the instance type is not valid, the error returned is InvalidInstanceAttributeValue. + // Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon EC2 User Guide. If the instance type is not valid, the error + // returned is InvalidInstanceAttributeValue. InstanceType *AttributeValue `locationName:"instanceType" type:"structure"` // Changes the instance's kernel to the specified value. We recommend that you @@ -93601,6 +97812,10 @@ func (s *ModifyTransitGatewayInput) SetTransitGatewayId(v string) *ModifyTransit type ModifyTransitGatewayOptions struct { _ struct{} `type:"structure"` + // Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 + // CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6. + AddTransitGatewayCidrBlocks []*string `locationNameList:"item" type:"list"` + // The ID of the default association route table. AssociationDefaultRouteTableId *string `type:"string"` @@ -93621,6 +97836,9 @@ type ModifyTransitGatewayOptions struct { // The ID of the default propagation route table. PropagationDefaultRouteTableId *string `type:"string"` + // Removes CIDR blocks for the transit gateway. + RemoveTransitGatewayCidrBlocks []*string `locationNameList:"item" type:"list"` + // Enable or disable Equal Cost Multipath Protocol support. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -93635,6 +97853,12 @@ func (s ModifyTransitGatewayOptions) GoString() string { return s.String() } +// SetAddTransitGatewayCidrBlocks sets the AddTransitGatewayCidrBlocks field's value. +func (s *ModifyTransitGatewayOptions) SetAddTransitGatewayCidrBlocks(v []*string) *ModifyTransitGatewayOptions { + s.AddTransitGatewayCidrBlocks = v + return s +} + // SetAssociationDefaultRouteTableId sets the AssociationDefaultRouteTableId field's value. func (s *ModifyTransitGatewayOptions) SetAssociationDefaultRouteTableId(v string) *ModifyTransitGatewayOptions { s.AssociationDefaultRouteTableId = &v @@ -93671,6 +97895,12 @@ func (s *ModifyTransitGatewayOptions) SetPropagationDefaultRouteTableId(v string return s } +// SetRemoveTransitGatewayCidrBlocks sets the RemoveTransitGatewayCidrBlocks field's value. +func (s *ModifyTransitGatewayOptions) SetRemoveTransitGatewayCidrBlocks(v []*string) *ModifyTransitGatewayOptions { + s.RemoveTransitGatewayCidrBlocks = v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *ModifyTransitGatewayOptions) SetVpnEcmpSupport(v string) *ModifyTransitGatewayOptions { s.VpnEcmpSupport = &v @@ -94048,6 +98278,13 @@ type ModifyVolumeInput struct { // Default: If no IOPS value is specified, the existing value is retained. Iops *int64 `type:"integer"` + // Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, + // you can attach the volume to up to 16 Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) + // in the same Availability Zone. This parameter is supported with io1 and io2 + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) + // in the Amazon Elastic Compute Cloud User Guide. + MultiAttachEnabled *bool `type:"boolean"` + // The target size of the volume, in GiB. The target volume size must be greater // than or equal to the existing size of the volume. // @@ -94120,6 +98357,12 @@ func (s *ModifyVolumeInput) SetIops(v int64) *ModifyVolumeInput { return s } +// SetMultiAttachEnabled sets the MultiAttachEnabled field's value. +func (s *ModifyVolumeInput) SetMultiAttachEnabled(v bool) *ModifyVolumeInput { + s.MultiAttachEnabled = &v + return s +} + // SetSize sets the Size field's value. func (s *ModifyVolumeInput) SetSize(v int64) *ModifyVolumeInput { s.Size = &v @@ -96372,6 +100615,244 @@ func (s *NetworkInfo) SetNetworkPerformance(v string) *NetworkInfo { return s } +// Describes a network insights analysis. +type NetworkInsightsAnalysis struct { + _ struct{} `type:"structure"` + + // Potential intermediate components. + AlternatePathHints []*AlternatePathHint `locationName:"alternatePathHintSet" locationNameList:"item" type:"list"` + + // The explanations. For more information, see Reachability Analyzer explanation + // codes (https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html). + Explanations []*Explanation `locationName:"explanationSet" locationNameList:"item" type:"list"` + + // The Amazon Resource Names (ARN) of the AWS resources that the path must traverse. + FilterInArns []*string `locationName:"filterInArnSet" locationNameList:"item" type:"list"` + + // The components in the path from source to destination. + ForwardPathComponents []*PathComponent `locationName:"forwardPathComponentSet" locationNameList:"item" type:"list"` + + // The Amazon Resource Name (ARN) of the network insights analysis. + NetworkInsightsAnalysisArn *string `locationName:"networkInsightsAnalysisArn" min:"1" type:"string"` + + // The ID of the network insights analysis. + NetworkInsightsAnalysisId *string `locationName:"networkInsightsAnalysisId" type:"string"` + + // The ID of the path. + NetworkInsightsPathId *string `locationName:"networkInsightsPathId" type:"string"` + + // Indicates whether the destination is reachable from the source. + NetworkPathFound *bool `locationName:"networkPathFound" type:"boolean"` + + // The components in the path from destination to source. + ReturnPathComponents []*PathComponent `locationName:"returnPathComponentSet" locationNameList:"item" type:"list"` + + // The time the analysis started. + StartDate *time.Time `locationName:"startDate" type:"timestamp"` + + // The status of the network insights analysis. + Status *string `locationName:"status" type:"string" enum:"AnalysisStatus"` + + // The status message, if the status is failed. + StatusMessage *string `locationName:"statusMessage" type:"string"` + + // The tags. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s NetworkInsightsAnalysis) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s NetworkInsightsAnalysis) GoString() string { + return s.String() +} + +// SetAlternatePathHints sets the AlternatePathHints field's value. +func (s *NetworkInsightsAnalysis) SetAlternatePathHints(v []*AlternatePathHint) *NetworkInsightsAnalysis { + s.AlternatePathHints = v + return s +} + +// SetExplanations sets the Explanations field's value. +func (s *NetworkInsightsAnalysis) SetExplanations(v []*Explanation) *NetworkInsightsAnalysis { + s.Explanations = v + return s +} + +// SetFilterInArns sets the FilterInArns field's value. +func (s *NetworkInsightsAnalysis) SetFilterInArns(v []*string) *NetworkInsightsAnalysis { + s.FilterInArns = v + return s +} + +// SetForwardPathComponents sets the ForwardPathComponents field's value. +func (s *NetworkInsightsAnalysis) SetForwardPathComponents(v []*PathComponent) *NetworkInsightsAnalysis { + s.ForwardPathComponents = v + return s +} + +// SetNetworkInsightsAnalysisArn sets the NetworkInsightsAnalysisArn field's value. +func (s *NetworkInsightsAnalysis) SetNetworkInsightsAnalysisArn(v string) *NetworkInsightsAnalysis { + s.NetworkInsightsAnalysisArn = &v + return s +} + +// SetNetworkInsightsAnalysisId sets the NetworkInsightsAnalysisId field's value. +func (s *NetworkInsightsAnalysis) SetNetworkInsightsAnalysisId(v string) *NetworkInsightsAnalysis { + s.NetworkInsightsAnalysisId = &v + return s +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *NetworkInsightsAnalysis) SetNetworkInsightsPathId(v string) *NetworkInsightsAnalysis { + s.NetworkInsightsPathId = &v + return s +} + +// SetNetworkPathFound sets the NetworkPathFound field's value. +func (s *NetworkInsightsAnalysis) SetNetworkPathFound(v bool) *NetworkInsightsAnalysis { + s.NetworkPathFound = &v + return s +} + +// SetReturnPathComponents sets the ReturnPathComponents field's value. +func (s *NetworkInsightsAnalysis) SetReturnPathComponents(v []*PathComponent) *NetworkInsightsAnalysis { + s.ReturnPathComponents = v + return s +} + +// SetStartDate sets the StartDate field's value. +func (s *NetworkInsightsAnalysis) SetStartDate(v time.Time) *NetworkInsightsAnalysis { + s.StartDate = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *NetworkInsightsAnalysis) SetStatus(v string) *NetworkInsightsAnalysis { + s.Status = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *NetworkInsightsAnalysis) SetStatusMessage(v string) *NetworkInsightsAnalysis { + s.StatusMessage = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *NetworkInsightsAnalysis) SetTags(v []*Tag) *NetworkInsightsAnalysis { + s.Tags = v + return s +} + +// Describes a path. +type NetworkInsightsPath struct { + _ struct{} `type:"structure"` + + // The time stamp when the path was created. + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp"` + + // The AWS resource that is the destination of the path. + Destination *string `locationName:"destination" type:"string"` + + // The IP address of the AWS resource that is the destination of the path. + DestinationIp *string `locationName:"destinationIp" type:"string"` + + // The destination port. + DestinationPort *int64 `locationName:"destinationPort" type:"integer"` + + // The Amazon Resource Name (ARN) of the path. + NetworkInsightsPathArn *string `locationName:"networkInsightsPathArn" min:"1" type:"string"` + + // The ID of the path. + NetworkInsightsPathId *string `locationName:"networkInsightsPathId" type:"string"` + + // The protocol. + Protocol *string `locationName:"protocol" type:"string" enum:"Protocol"` + + // The AWS resource that is the source of the path. + Source *string `locationName:"source" type:"string"` + + // The IP address of the AWS resource that is the source of the path. + SourceIp *string `locationName:"sourceIp" type:"string"` + + // The tags associated with the path. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s NetworkInsightsPath) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s NetworkInsightsPath) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *NetworkInsightsPath) SetCreatedDate(v time.Time) *NetworkInsightsPath { + s.CreatedDate = &v + return s +} + +// SetDestination sets the Destination field's value. +func (s *NetworkInsightsPath) SetDestination(v string) *NetworkInsightsPath { + s.Destination = &v + return s +} + +// SetDestinationIp sets the DestinationIp field's value. +func (s *NetworkInsightsPath) SetDestinationIp(v string) *NetworkInsightsPath { + s.DestinationIp = &v + return s +} + +// SetDestinationPort sets the DestinationPort field's value. +func (s *NetworkInsightsPath) SetDestinationPort(v int64) *NetworkInsightsPath { + s.DestinationPort = &v + return s +} + +// SetNetworkInsightsPathArn sets the NetworkInsightsPathArn field's value. +func (s *NetworkInsightsPath) SetNetworkInsightsPathArn(v string) *NetworkInsightsPath { + s.NetworkInsightsPathArn = &v + return s +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *NetworkInsightsPath) SetNetworkInsightsPathId(v string) *NetworkInsightsPath { + s.NetworkInsightsPathId = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *NetworkInsightsPath) SetProtocol(v string) *NetworkInsightsPath { + s.Protocol = &v + return s +} + +// SetSource sets the Source field's value. +func (s *NetworkInsightsPath) SetSource(v string) *NetworkInsightsPath { + s.Source = &v + return s +} + +// SetSourceIp sets the SourceIp field's value. +func (s *NetworkInsightsPath) SetSourceIp(v string) *NetworkInsightsPath { + s.SourceIp = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *NetworkInsightsPath) SetTags(v []*Tag) *NetworkInsightsPath { + s.Tags = v + return s +} + // Describes a network interface. type NetworkInterface struct { _ struct{} `type:"structure"` @@ -96419,8 +100900,8 @@ type NetworkInterface struct { // The private IPv4 addresses associated with the network interface. PrivateIpAddresses []*NetworkInterfacePrivateIpAddress `locationName:"privateIpAddressesSet" locationNameList:"item" type:"list"` - // The ID of the entity that launched the instance on your behalf (for example, - // AWS Management Console or Auto Scaling). + // The alias or AWS account ID of the principal or service that created the + // network interface. RequesterId *string `locationName:"requesterId" type:"string"` // Indicates whether the network interface is being managed by AWS. @@ -97148,6 +101629,120 @@ func (s *OnDemandOptionsRequest) SetSingleInstanceType(v bool) *OnDemandOptionsR return s } +// Describes a path component. +type PathComponent struct { + _ struct{} `type:"structure"` + + // The network ACL rule. + AclRule *AnalysisAclRule `locationName:"aclRule" type:"structure"` + + // The component. + Component *AnalysisComponent `locationName:"component" type:"structure"` + + // The destination VPC. + DestinationVpc *AnalysisComponent `locationName:"destinationVpc" type:"structure"` + + // The inbound header. + InboundHeader *AnalysisPacketHeader `locationName:"inboundHeader" type:"structure"` + + // The outbound header. + OutboundHeader *AnalysisPacketHeader `locationName:"outboundHeader" type:"structure"` + + // The route table route. + RouteTableRoute *AnalysisRouteTableRoute `locationName:"routeTableRoute" type:"structure"` + + // The security group rule. + SecurityGroupRule *AnalysisSecurityGroupRule `locationName:"securityGroupRule" type:"structure"` + + // The sequence number. + SequenceNumber *int64 `locationName:"sequenceNumber" type:"integer"` + + // The source VPC. + SourceVpc *AnalysisComponent `locationName:"sourceVpc" type:"structure"` + + // The subnet. + Subnet *AnalysisComponent `locationName:"subnet" type:"structure"` + + // The component VPC. + Vpc *AnalysisComponent `locationName:"vpc" type:"structure"` +} + +// String returns the string representation +func (s PathComponent) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PathComponent) GoString() string { + return s.String() +} + +// SetAclRule sets the AclRule field's value. +func (s *PathComponent) SetAclRule(v *AnalysisAclRule) *PathComponent { + s.AclRule = v + return s +} + +// SetComponent sets the Component field's value. +func (s *PathComponent) SetComponent(v *AnalysisComponent) *PathComponent { + s.Component = v + return s +} + +// SetDestinationVpc sets the DestinationVpc field's value. +func (s *PathComponent) SetDestinationVpc(v *AnalysisComponent) *PathComponent { + s.DestinationVpc = v + return s +} + +// SetInboundHeader sets the InboundHeader field's value. +func (s *PathComponent) SetInboundHeader(v *AnalysisPacketHeader) *PathComponent { + s.InboundHeader = v + return s +} + +// SetOutboundHeader sets the OutboundHeader field's value. +func (s *PathComponent) SetOutboundHeader(v *AnalysisPacketHeader) *PathComponent { + s.OutboundHeader = v + return s +} + +// SetRouteTableRoute sets the RouteTableRoute field's value. +func (s *PathComponent) SetRouteTableRoute(v *AnalysisRouteTableRoute) *PathComponent { + s.RouteTableRoute = v + return s +} + +// SetSecurityGroupRule sets the SecurityGroupRule field's value. +func (s *PathComponent) SetSecurityGroupRule(v *AnalysisSecurityGroupRule) *PathComponent { + s.SecurityGroupRule = v + return s +} + +// SetSequenceNumber sets the SequenceNumber field's value. +func (s *PathComponent) SetSequenceNumber(v int64) *PathComponent { + s.SequenceNumber = &v + return s +} + +// SetSourceVpc sets the SourceVpc field's value. +func (s *PathComponent) SetSourceVpc(v *AnalysisComponent) *PathComponent { + s.SourceVpc = v + return s +} + +// SetSubnet sets the Subnet field's value. +func (s *PathComponent) SetSubnet(v *AnalysisComponent) *PathComponent { + s.Subnet = v + return s +} + +// SetVpc sets the Vpc field's value. +func (s *PathComponent) SetVpc(v *AnalysisComponent) *PathComponent { + s.Vpc = v + return s +} + // Describes the data that identifies an Amazon FPGA image (AFI) on the PCI // bus. type PciId struct { @@ -98660,6 +103255,48 @@ func (s *ProvisionedBandwidth) SetStatus(v string) *ProvisionedBandwidth { return s } +// The status of an updated pointer (PTR) record for an Elastic IP address. +type PtrUpdateStatus struct { + _ struct{} `type:"structure"` + + // The reason for the PTR record update. + Reason *string `locationName:"reason" type:"string"` + + // The status of the PTR record update. + Status *string `locationName:"status" type:"string"` + + // The value for the PTR record update. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s PtrUpdateStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PtrUpdateStatus) GoString() string { + return s.String() +} + +// SetReason sets the Reason field's value. +func (s *PtrUpdateStatus) SetReason(v string) *PtrUpdateStatus { + s.Reason = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *PtrUpdateStatus) SetStatus(v string) *PtrUpdateStatus { + s.Status = &v + return s +} + +// SetValue sets the Value field's value. +func (s *PtrUpdateStatus) SetValue(v string) *PtrUpdateStatus { + s.Value = &v + return s +} + // Describes an IPv4 address pool. type PublicIpv4Pool struct { _ struct{} `type:"structure"` @@ -98884,7 +103521,7 @@ type PurchaseHostReservationInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // The currency in which the totalUpfrontPrice, LimitPrice, and totalHourlyPrice @@ -98979,7 +103616,7 @@ type PurchaseHostReservationOutput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The currency in which the totalUpfrontPrice and totalHourlyPrice amounts @@ -99453,6 +104090,15 @@ type RegisterImageInput struct { BillingProducts []*string `locationName:"BillingProduct" locationNameList:"item" type:"list"` // The block device mapping entries. + // + // If you specify an EBS volume using the ID of an EBS snapshot, you can't specify + // the encryption state of the volume. + // + // If you create an AMI on an Outpost, then all backing snapshots must be on + // the same Outpost or in the Region of that Outpost. AMIs on an Outpost that + // include local snapshots can be used to launch instances on the same Outpost + // only. For more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) + // in the Amazon Elastic Compute Cloud User Guide. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // A description for your AMI. @@ -99885,6 +104531,82 @@ func (s *RegisterTransitGatewayMulticastGroupSourcesOutput) SetRegisteredMultica return s } +type RejectTransitGatewayMulticastDomainAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the subnets to associate with the transit gateway multicast domain. + SubnetIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway attachment. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s RejectTransitGatewayMulticastDomainAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RejectTransitGatewayMulticastDomainAssociationsInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *RejectTransitGatewayMulticastDomainAssociationsInput) SetDryRun(v bool) *RejectTransitGatewayMulticastDomainAssociationsInput { + s.DryRun = &v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *RejectTransitGatewayMulticastDomainAssociationsInput) SetSubnetIds(v []*string) *RejectTransitGatewayMulticastDomainAssociationsInput { + s.SubnetIds = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *RejectTransitGatewayMulticastDomainAssociationsInput) SetTransitGatewayAttachmentId(v string) *RejectTransitGatewayMulticastDomainAssociationsInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *RejectTransitGatewayMulticastDomainAssociationsInput) SetTransitGatewayMulticastDomainId(v string) *RejectTransitGatewayMulticastDomainAssociationsInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type RejectTransitGatewayMulticastDomainAssociationsOutput struct { + _ struct{} `type:"structure"` + + // Describes the multicast domain associations. + Associations *TransitGatewayMulticastDomainAssociations `locationName:"associations" type:"structure"` +} + +// String returns the string representation +func (s RejectTransitGatewayMulticastDomainAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RejectTransitGatewayMulticastDomainAssociationsOutput) GoString() string { + return s.String() +} + +// SetAssociations sets the Associations field's value. +func (s *RejectTransitGatewayMulticastDomainAssociationsOutput) SetAssociations(v *TransitGatewayMulticastDomainAssociations) *RejectTransitGatewayMulticastDomainAssociationsOutput { + s.Associations = v + return s +} + type RejectTransitGatewayPeeringAttachmentInput struct { _ struct{} `type:"structure"` @@ -101294,7 +106016,7 @@ type RequestLaunchTemplateData struct { // in the Amazon Elastic Compute Cloud User Guide. HibernationOptions *LaunchTemplateHibernationOptionsRequest `type:"structure"` - // The IAM instance profile. + // The name or Amazon Resource Name (ARN) of an IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecificationRequest `type:"structure"` // The ID of the AMI. @@ -102927,6 +107649,93 @@ func (s *ReservedInstancesOffering) SetUsagePrice(v float64) *ReservedInstancesO return s } +type ResetAddressAttributeInput struct { + _ struct{} `type:"structure"` + + // [EC2-VPC] The allocation ID. + // + // AllocationId is a required field + AllocationId *string `type:"string" required:"true"` + + // The attribute of the IP address. + // + // Attribute is a required field + Attribute *string `type:"string" required:"true" enum:"AddressAttributeName"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s ResetAddressAttributeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResetAddressAttributeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResetAddressAttributeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResetAddressAttributeInput"} + if s.AllocationId == nil { + invalidParams.Add(request.NewErrParamRequired("AllocationId")) + } + if s.Attribute == nil { + invalidParams.Add(request.NewErrParamRequired("Attribute")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllocationId sets the AllocationId field's value. +func (s *ResetAddressAttributeInput) SetAllocationId(v string) *ResetAddressAttributeInput { + s.AllocationId = &v + return s +} + +// SetAttribute sets the Attribute field's value. +func (s *ResetAddressAttributeInput) SetAttribute(v string) *ResetAddressAttributeInput { + s.Attribute = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ResetAddressAttributeInput) SetDryRun(v bool) *ResetAddressAttributeInput { + s.DryRun = &v + return s +} + +type ResetAddressAttributeOutput struct { + _ struct{} `type:"structure"` + + // Information about the IP address. + Address *AddressAttribute `locationName:"address" type:"structure"` +} + +// String returns the string representation +func (s ResetAddressAttributeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResetAddressAttributeOutput) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *ResetAddressAttributeOutput) SetAddress(v *AddressAttribute) *ResetAddressAttributeOutput { + s.Address = v + return s +} + type ResetEbsDefaultKmsKeyIdInput struct { _ struct{} `type:"structure"` @@ -104635,14 +109444,14 @@ type RunInstancesInput struct { // The CPU options for the instance. For more information, see Optimizing CPU // options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. CpuOptions *CpuOptionsRequest `type:"structure"` // The credit option for CPU usage of the burstable performance instance. Valid // values are standard and unlimited. To change this attribute after launch, // use ModifyInstanceCreditSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html). // For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. // // Default: standard (T2 instances) or unlimited (T3/T3a instances) CreditSpecification *CreditSpecificationRequest `type:"structure"` @@ -104674,7 +109483,7 @@ type RunInstancesInput struct { // An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource // that you can attach to your Windows instance to accelerate the graphics performance // of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. ElasticGpuSpecification []*ElasticGpuSpecification `locationNameList:"item" type:"list"` // An elastic inference accelerator to associate with the instance. Elastic @@ -104693,12 +109502,12 @@ type RunInstancesInput struct { // Indicates whether an instance is enabled for hibernation. For more information, // see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. // // You can't enable hibernation and AWS Nitro Enclaves on the same instance. HibernationOptions *HibernationOptionsRequest `type:"structure"` - // The IAM instance profile. + // The name or Amazon Resource Name (ARN) of an IAM instance profile. IamInstanceProfile *IamInstanceProfileSpecification `locationName:"iamInstanceProfile" type:"structure"` // The ID of the AMI. An AMI ID is required to launch an instance and must be @@ -104718,7 +109527,7 @@ type RunInstancesInput struct { InstanceMarketOptions *InstanceMarketOptionsRequest `type:"structure"` // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. // // Default: m1.small InstanceType *string `type:"string" enum:"InstanceType"` @@ -104746,7 +109555,7 @@ type RunInstancesInput struct { // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more // information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. KernelId *string `type:"string"` // The name of the key pair. You can create a key pair using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) @@ -104822,7 +109631,7 @@ type RunInstancesInput struct { // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more // information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. RamdiskId *string `type:"string"` // The IDs of the security groups. You can create a security group using CreateSecurityGroup @@ -105789,8 +110598,7 @@ type ScheduledInstancesBlockDeviceMapping struct { // launched. Ebs *ScheduledInstancesEbs `type:"structure"` - // Suppresses the specified device included in the block device mapping of the - // AMI. + // To omit the device from the block device mapping, specify an empty string. NoDevice *string `type:"string"` // The virtual device name (ephemeralN). Instance store volumes are numbered @@ -105854,10 +110662,11 @@ type ScheduledInstancesEbs struct { // The number of I/O operations per second (IOPS) to provision for an io1 or // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum - // IOPS of 64,000 is guaranteed only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // IOPS of 64,000 is guaranteed only on instances built on the Nitro System + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // in the Amazon EC2 User Guide. // // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. Iops *int64 `type:"integer"` @@ -106633,7 +111442,7 @@ type SearchTransitGatewayRoutesInput struct { // * attachment.resource-id - The resource id of the transit gateway attachment. // // * attachment.resource-type - The attachment resource type. Valid values - // are vpc | vpn | direct-connect-gateway | peering. + // are vpc | vpn | direct-connect-gateway | peering | connect. // // * prefix-list-id - The ID of the prefix list. // @@ -107384,6 +112193,11 @@ type Snapshot struct { // key for the parent volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + // The ARN of the AWS Outpost on which the snapshot is stored. For more information, + // see EBS Local Snapshot on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) + // in the Amazon Elastic Compute Cloud User Guide. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The AWS owner alias, from an Amazon-maintained list (amazon). This is not // the user-configured AWS account alias set using the IAM console. OwnerAlias *string `locationName:"ownerAlias" type:"string"` @@ -107457,6 +112271,12 @@ func (s *Snapshot) SetKmsKeyId(v string) *Snapshot { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *Snapshot) SetOutpostArn(v string) *Snapshot { + s.OutpostArn = &v + return s +} + // SetOwnerAlias sets the OwnerAlias field's value. func (s *Snapshot) SetOwnerAlias(v string) *Snapshot { s.OwnerAlias = &v @@ -107631,7 +112451,7 @@ type SnapshotDiskContainer struct { // The format of the disk image being imported. // - // Valid values: VHD | VMDK + // Valid values: VHD | VMDK | RAW Format *string `type:"string"` // The URL to the Amazon S3-based disk image being imported. It can either be @@ -107687,6 +112507,11 @@ type SnapshotInfo struct { // Indicates whether the snapshot is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` + // The ARN of the AWS Outpost on which the snapshot is stored. For more information, + // see EBS Local Snapshot on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) + // in the Amazon Elastic Compute Cloud User Guide. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // Account id used when creating this snapshot. OwnerId *string `locationName:"ownerId" type:"string"` @@ -107735,6 +112560,12 @@ func (s *SnapshotInfo) SetEncrypted(v bool) *SnapshotInfo { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *SnapshotInfo) SetOutpostArn(v string) *SnapshotInfo { + s.OutpostArn = &v + return s +} + // SetOwnerId sets the OwnerId field's value. func (s *SnapshotInfo) SetOwnerId(v string) *SnapshotInfo { s.OwnerId = &v @@ -109025,8 +113856,8 @@ type SpotMarketOptions struct { MaxPrice *string `type:"string"` // The Spot Instance request type. For RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances), - // persistent Spot Instance requests are only supported when InstanceInterruptionBehavior - // is set to either hibernate or stop. + // persistent Spot Instance requests are only supported when the instance interruption + // behavior is either hibernate or stop. SpotInstanceType *string `type:"string" enum:"SpotInstanceType"` // The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported @@ -109625,6 +114456,107 @@ func (s *StartInstancesOutput) SetStartingInstances(v []*InstanceStateChange) *S return s } +type StartNetworkInsightsAnalysisInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The Amazon Resource Names (ARN) of the resources that the path must traverse. + FilterInArns []*string `locationName:"FilterInArn" locationNameList:"item" type:"list"` + + // The ID of the path. + // + // NetworkInsightsPathId is a required field + NetworkInsightsPathId *string `type:"string" required:"true"` + + // The tags to apply. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s StartNetworkInsightsAnalysisInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartNetworkInsightsAnalysisInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartNetworkInsightsAnalysisInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartNetworkInsightsAnalysisInput"} + if s.NetworkInsightsPathId == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInsightsPathId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *StartNetworkInsightsAnalysisInput) SetClientToken(v string) *StartNetworkInsightsAnalysisInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *StartNetworkInsightsAnalysisInput) SetDryRun(v bool) *StartNetworkInsightsAnalysisInput { + s.DryRun = &v + return s +} + +// SetFilterInArns sets the FilterInArns field's value. +func (s *StartNetworkInsightsAnalysisInput) SetFilterInArns(v []*string) *StartNetworkInsightsAnalysisInput { + s.FilterInArns = v + return s +} + +// SetNetworkInsightsPathId sets the NetworkInsightsPathId field's value. +func (s *StartNetworkInsightsAnalysisInput) SetNetworkInsightsPathId(v string) *StartNetworkInsightsAnalysisInput { + s.NetworkInsightsPathId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *StartNetworkInsightsAnalysisInput) SetTagSpecifications(v []*TagSpecification) *StartNetworkInsightsAnalysisInput { + s.TagSpecifications = v + return s +} + +type StartNetworkInsightsAnalysisOutput struct { + _ struct{} `type:"structure"` + + // Information about the network insights analysis. + NetworkInsightsAnalysis *NetworkInsightsAnalysis `locationName:"networkInsightsAnalysis" type:"structure"` +} + +// String returns the string representation +func (s StartNetworkInsightsAnalysisOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartNetworkInsightsAnalysisOutput) GoString() string { + return s.String() +} + +// SetNetworkInsightsAnalysis sets the NetworkInsightsAnalysis field's value. +func (s *StartNetworkInsightsAnalysisOutput) SetNetworkInsightsAnalysis(v *NetworkInsightsAnalysis) *StartNetworkInsightsAnalysisOutput { + s.NetworkInsightsAnalysis = v + return s +} + type StartVpcEndpointServicePrivateDnsVerificationInput struct { _ struct{} `type:"structure"` @@ -109789,7 +114721,7 @@ type StopInstancesInput struct { // Hibernates the instance if the instance was enabled for hibernation at launch. // If the instance cannot hibernate successfully, a normal shutdown occurs. // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) - // in the Amazon Elastic Compute Cloud User Guide. + // in the Amazon EC2 User Guide. // // Default: false Hibernate *bool `type:"boolean"` @@ -110353,14 +115285,16 @@ type TagSpecification struct { // The type of resource to tag. Currently, the resource types that support tagging // on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint - // | customer-gateway | dedicated-host | dhcp-options | export-image-task | - // export-instance-task | fleet | fpga-image | host-reservation | image| import-image-task - // | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 - // | key-pair | launch-template | placement-group | prefix-list | natgateway - // | network-acl | route-table | security-group| snapshot | spot-fleet-request - // | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session - // | traffic-mirror-target | transit-gateway | transit-gateway-attachment | - // transit-gateway-route-table | volume |vpc | vpc-peering-connection | vpc-endpoint + // | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway + // | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet + // | fpga-image | host-reservation | image| import-image-task | import-snapshot-task + // | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | + // launch-template | local-gateway-route-table-vpc-association | placement-group + // | prefix-list | natgateway | network-acl | network-interface | reserved-instances + // |route-table | security-group| snapshot | spot-fleet-request | spot-instances-request + // | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target + // | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain + // | transit-gateway-route-table | volume |vpc | vpc-peering-connection | vpc-endpoint // (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) // | vpc-flow-log | vpn-connection | vpn-gateway. // @@ -110407,7 +115341,7 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { // you're willing to pay is reached, the fleet stops launching instances even // if it hasn’t met the target capacity. The MaxTotalPrice parameters are // located in OnDemandOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptions.html) -// and SpotOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptions) +// and SpotOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptions). type TargetCapacitySpecification struct { _ struct{} `type:"structure"` @@ -111751,6 +116685,66 @@ func (s *TransitGatewayAttachmentAssociation) SetTransitGatewayRouteTableId(v st return s } +// The BGP configuration information. +type TransitGatewayAttachmentBgpConfiguration struct { + _ struct{} `type:"structure"` + + // The BGP status. + BgpStatus *string `locationName:"bgpStatus" type:"string" enum:"BgpStatus"` + + // The interior BGP peer IP address for the appliance. + PeerAddress *string `locationName:"peerAddress" type:"string"` + + // The peer Autonomous System Number (ASN). + PeerAsn *int64 `locationName:"peerAsn" type:"long"` + + // The interior BGP peer IP address for the transit gateway. + TransitGatewayAddress *string `locationName:"transitGatewayAddress" type:"string"` + + // The transit gateway Autonomous System Number (ASN). + TransitGatewayAsn *int64 `locationName:"transitGatewayAsn" type:"long"` +} + +// String returns the string representation +func (s TransitGatewayAttachmentBgpConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayAttachmentBgpConfiguration) GoString() string { + return s.String() +} + +// SetBgpStatus sets the BgpStatus field's value. +func (s *TransitGatewayAttachmentBgpConfiguration) SetBgpStatus(v string) *TransitGatewayAttachmentBgpConfiguration { + s.BgpStatus = &v + return s +} + +// SetPeerAddress sets the PeerAddress field's value. +func (s *TransitGatewayAttachmentBgpConfiguration) SetPeerAddress(v string) *TransitGatewayAttachmentBgpConfiguration { + s.PeerAddress = &v + return s +} + +// SetPeerAsn sets the PeerAsn field's value. +func (s *TransitGatewayAttachmentBgpConfiguration) SetPeerAsn(v int64) *TransitGatewayAttachmentBgpConfiguration { + s.PeerAsn = &v + return s +} + +// SetTransitGatewayAddress sets the TransitGatewayAddress field's value. +func (s *TransitGatewayAttachmentBgpConfiguration) SetTransitGatewayAddress(v string) *TransitGatewayAttachmentBgpConfiguration { + s.TransitGatewayAddress = &v + return s +} + +// SetTransitGatewayAsn sets the TransitGatewayAsn field's value. +func (s *TransitGatewayAttachmentBgpConfiguration) SetTransitGatewayAsn(v int64) *TransitGatewayAttachmentBgpConfiguration { + s.TransitGatewayAsn = &v + return s +} + // Describes a propagation route table. type TransitGatewayAttachmentPropagation struct { _ struct{} `type:"structure"` @@ -111784,6 +116778,261 @@ func (s *TransitGatewayAttachmentPropagation) SetTransitGatewayRouteTableId(v st return s } +// Describes a transit gateway Connect attachment. +type TransitGatewayConnect struct { + _ struct{} `type:"structure"` + + // The creation time. + CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` + + // The Connect attachment options. + Options *TransitGatewayConnectOptions `locationName:"options" type:"structure"` + + // The state of the attachment. + State *string `locationName:"state" type:"string" enum:"TransitGatewayAttachmentState"` + + // The tags for the attachment. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Connect attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` + + // The ID of the transit gateway. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the attachment from which the Connect attachment was created. + TransportTransitGatewayAttachmentId *string `locationName:"transportTransitGatewayAttachmentId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayConnect) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayConnect) GoString() string { + return s.String() +} + +// SetCreationTime sets the CreationTime field's value. +func (s *TransitGatewayConnect) SetCreationTime(v time.Time) *TransitGatewayConnect { + s.CreationTime = &v + return s +} + +// SetOptions sets the Options field's value. +func (s *TransitGatewayConnect) SetOptions(v *TransitGatewayConnectOptions) *TransitGatewayConnect { + s.Options = v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayConnect) SetState(v string) *TransitGatewayConnect { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TransitGatewayConnect) SetTags(v []*Tag) *TransitGatewayConnect { + s.Tags = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayConnect) SetTransitGatewayAttachmentId(v string) *TransitGatewayConnect { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *TransitGatewayConnect) SetTransitGatewayId(v string) *TransitGatewayConnect { + s.TransitGatewayId = &v + return s +} + +// SetTransportTransitGatewayAttachmentId sets the TransportTransitGatewayAttachmentId field's value. +func (s *TransitGatewayConnect) SetTransportTransitGatewayAttachmentId(v string) *TransitGatewayConnect { + s.TransportTransitGatewayAttachmentId = &v + return s +} + +// Describes the Connect attachment options. +type TransitGatewayConnectOptions struct { + _ struct{} `type:"structure"` + + // The tunnel protocol. + Protocol *string `locationName:"protocol" type:"string" enum:"ProtocolValue"` +} + +// String returns the string representation +func (s TransitGatewayConnectOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayConnectOptions) GoString() string { + return s.String() +} + +// SetProtocol sets the Protocol field's value. +func (s *TransitGatewayConnectOptions) SetProtocol(v string) *TransitGatewayConnectOptions { + s.Protocol = &v + return s +} + +// Describes a transit gateway Connect peer. +type TransitGatewayConnectPeer struct { + _ struct{} `type:"structure"` + + // The Connect peer details. + ConnectPeerConfiguration *TransitGatewayConnectPeerConfiguration `locationName:"connectPeerConfiguration" type:"structure"` + + // The creation time. + CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` + + // The state of the Connect peer. + State *string `locationName:"state" type:"string" enum:"TransitGatewayConnectPeerState"` + + // The tags for the Connect peer. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Connect attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` + + // The ID of the Connect peer. + TransitGatewayConnectPeerId *string `locationName:"transitGatewayConnectPeerId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayConnectPeer) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayConnectPeer) GoString() string { + return s.String() +} + +// SetConnectPeerConfiguration sets the ConnectPeerConfiguration field's value. +func (s *TransitGatewayConnectPeer) SetConnectPeerConfiguration(v *TransitGatewayConnectPeerConfiguration) *TransitGatewayConnectPeer { + s.ConnectPeerConfiguration = v + return s +} + +// SetCreationTime sets the CreationTime field's value. +func (s *TransitGatewayConnectPeer) SetCreationTime(v time.Time) *TransitGatewayConnectPeer { + s.CreationTime = &v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayConnectPeer) SetState(v string) *TransitGatewayConnectPeer { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TransitGatewayConnectPeer) SetTags(v []*Tag) *TransitGatewayConnectPeer { + s.Tags = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayConnectPeer) SetTransitGatewayAttachmentId(v string) *TransitGatewayConnectPeer { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayConnectPeerId sets the TransitGatewayConnectPeerId field's value. +func (s *TransitGatewayConnectPeer) SetTransitGatewayConnectPeerId(v string) *TransitGatewayConnectPeer { + s.TransitGatewayConnectPeerId = &v + return s +} + +// Describes the Connect peer details. +type TransitGatewayConnectPeerConfiguration struct { + _ struct{} `type:"structure"` + + // The BGP configuration details. + BgpConfigurations []*TransitGatewayAttachmentBgpConfiguration `locationName:"bgpConfigurations" locationNameList:"item" type:"list"` + + // The range of interior BGP peer IP addresses. + InsideCidrBlocks []*string `locationName:"insideCidrBlocks" locationNameList:"item" type:"list"` + + // The Connect peer IP address on the appliance side of the tunnel. + PeerAddress *string `locationName:"peerAddress" type:"string"` + + // The tunnel protocol. + Protocol *string `locationName:"protocol" type:"string" enum:"ProtocolValue"` + + // The Connect peer IP address on the transit gateway side of the tunnel. + TransitGatewayAddress *string `locationName:"transitGatewayAddress" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayConnectPeerConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayConnectPeerConfiguration) GoString() string { + return s.String() +} + +// SetBgpConfigurations sets the BgpConfigurations field's value. +func (s *TransitGatewayConnectPeerConfiguration) SetBgpConfigurations(v []*TransitGatewayAttachmentBgpConfiguration) *TransitGatewayConnectPeerConfiguration { + s.BgpConfigurations = v + return s +} + +// SetInsideCidrBlocks sets the InsideCidrBlocks field's value. +func (s *TransitGatewayConnectPeerConfiguration) SetInsideCidrBlocks(v []*string) *TransitGatewayConnectPeerConfiguration { + s.InsideCidrBlocks = v + return s +} + +// SetPeerAddress sets the PeerAddress field's value. +func (s *TransitGatewayConnectPeerConfiguration) SetPeerAddress(v string) *TransitGatewayConnectPeerConfiguration { + s.PeerAddress = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *TransitGatewayConnectPeerConfiguration) SetProtocol(v string) *TransitGatewayConnectPeerConfiguration { + s.Protocol = &v + return s +} + +// SetTransitGatewayAddress sets the TransitGatewayAddress field's value. +func (s *TransitGatewayConnectPeerConfiguration) SetTransitGatewayAddress(v string) *TransitGatewayConnectPeerConfiguration { + s.TransitGatewayAddress = &v + return s +} + +// The BGP options for the Connect attachment. +type TransitGatewayConnectRequestBgpOptions struct { + _ struct{} `type:"structure"` + + // The peer Autonomous System Number (ASN). + PeerAsn *int64 `type:"long"` +} + +// String returns the string representation +func (s TransitGatewayConnectRequestBgpOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayConnectRequestBgpOptions) GoString() string { + return s.String() +} + +// SetPeerAsn sets the PeerAsn field's value. +func (s *TransitGatewayConnectRequestBgpOptions) SetPeerAsn(v int64) *TransitGatewayConnectRequestBgpOptions { + s.PeerAsn = &v + return s +} + // Describes the deregistered transit gateway multicast group members. type TransitGatewayMulticastDeregisteredGroupMembers struct { _ struct{} `type:"structure"` @@ -111875,6 +117124,12 @@ type TransitGatewayMulticastDomain struct { // The time the transit gateway multicast domain was created. CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` + // The options for the transit gateway multicast domain. + Options *TransitGatewayMulticastDomainOptions `locationName:"options" type:"structure"` + + // The ID of the AWS account that owns the transit gateway multiicast domain. + OwnerId *string `locationName:"ownerId" type:"string"` + // The state of the transit gateway multicast domain. State *string `locationName:"state" type:"string" enum:"TransitGatewayMulticastDomainState"` @@ -111884,6 +117139,9 @@ type TransitGatewayMulticastDomain struct { // The ID of the transit gateway. TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + // The Amazon Resource Name (ARN) of the transit gateway multicast domain. + TransitGatewayMulticastDomainArn *string `locationName:"transitGatewayMulticastDomainArn" type:"string"` + // The ID of the transit gateway multicast domain. TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` } @@ -111904,6 +117162,18 @@ func (s *TransitGatewayMulticastDomain) SetCreationTime(v time.Time) *TransitGat return s } +// SetOptions sets the Options field's value. +func (s *TransitGatewayMulticastDomain) SetOptions(v *TransitGatewayMulticastDomainOptions) *TransitGatewayMulticastDomain { + s.Options = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *TransitGatewayMulticastDomain) SetOwnerId(v string) *TransitGatewayMulticastDomain { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *TransitGatewayMulticastDomain) SetState(v string) *TransitGatewayMulticastDomain { s.State = &v @@ -111922,6 +117192,12 @@ func (s *TransitGatewayMulticastDomain) SetTransitGatewayId(v string) *TransitGa return s } +// SetTransitGatewayMulticastDomainArn sets the TransitGatewayMulticastDomainArn field's value. +func (s *TransitGatewayMulticastDomain) SetTransitGatewayMulticastDomainArn(v string) *TransitGatewayMulticastDomain { + s.TransitGatewayMulticastDomainArn = &v + return s +} + // SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. func (s *TransitGatewayMulticastDomain) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastDomain { s.TransitGatewayMulticastDomainId = &v @@ -111935,6 +117211,10 @@ type TransitGatewayMulticastDomainAssociation struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` + // The ID of the AWS account that owns the transit gateway multicast domain + // association resource. + ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` + // The type of resource, for example a VPC attachment. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` @@ -111961,6 +117241,12 @@ func (s *TransitGatewayMulticastDomainAssociation) SetResourceId(v string) *Tran return s } +// SetResourceOwnerId sets the ResourceOwnerId field's value. +func (s *TransitGatewayMulticastDomainAssociation) SetResourceOwnerId(v string) *TransitGatewayMulticastDomainAssociation { + s.ResourceOwnerId = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *TransitGatewayMulticastDomainAssociation) SetResourceType(v string) *TransitGatewayMulticastDomainAssociation { s.ResourceType = &v @@ -111986,6 +117272,9 @@ type TransitGatewayMulticastDomainAssociations struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` + // The ID of the AWS account that owns the resource. + ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` + // The type of resource, for example a VPC attachment. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` @@ -112015,6 +117304,12 @@ func (s *TransitGatewayMulticastDomainAssociations) SetResourceId(v string) *Tra return s } +// SetResourceOwnerId sets the ResourceOwnerId field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetResourceOwnerId(v string) *TransitGatewayMulticastDomainAssociations { + s.ResourceOwnerId = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *TransitGatewayMulticastDomainAssociations) SetResourceType(v string) *TransitGatewayMulticastDomainAssociations { s.ResourceType = &v @@ -112039,6 +117334,51 @@ func (s *TransitGatewayMulticastDomainAssociations) SetTransitGatewayMulticastDo return s } +// Describes the options for a transit gateway multicast domain. +type TransitGatewayMulticastDomainOptions struct { + _ struct{} `type:"structure"` + + // Indicates whether to automatically cross-account subnet associations that + // are associated with the transit gateway multicast domain. + AutoAcceptSharedAssociations *string `locationName:"autoAcceptSharedAssociations" type:"string" enum:"AutoAcceptSharedAssociationsValue"` + + // Indicates whether Internet Group Management Protocol (IGMP) version 2 is + // turned on for the transit gateway multicast domain. + Igmpv2Support *string `locationName:"igmpv2Support" type:"string" enum:"Igmpv2SupportValue"` + + // Indicates whether support for statically configuring transit gateway multicast + // group sources is turned on. + StaticSourcesSupport *string `locationName:"staticSourcesSupport" type:"string" enum:"StaticSourcesSupportValue"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDomainOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDomainOptions) GoString() string { + return s.String() +} + +// SetAutoAcceptSharedAssociations sets the AutoAcceptSharedAssociations field's value. +func (s *TransitGatewayMulticastDomainOptions) SetAutoAcceptSharedAssociations(v string) *TransitGatewayMulticastDomainOptions { + s.AutoAcceptSharedAssociations = &v + return s +} + +// SetIgmpv2Support sets the Igmpv2Support field's value. +func (s *TransitGatewayMulticastDomainOptions) SetIgmpv2Support(v string) *TransitGatewayMulticastDomainOptions { + s.Igmpv2Support = &v + return s +} + +// SetStaticSourcesSupport sets the StaticSourcesSupport field's value. +func (s *TransitGatewayMulticastDomainOptions) SetStaticSourcesSupport(v string) *TransitGatewayMulticastDomainOptions { + s.StaticSourcesSupport = &v + return s +} + // Describes the transit gateway multicast group resources. type TransitGatewayMulticastGroup struct { _ struct{} `type:"structure"` @@ -112061,6 +117401,10 @@ type TransitGatewayMulticastGroup struct { // The ID of the resource. ResourceId *string `locationName:"resourceId" type:"string"` + // The ID of the AWS account that owns the transit gateway multicast domain + // group resource. + ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` + // The type of resource, for example a VPC attachment. ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` @@ -112120,6 +117464,12 @@ func (s *TransitGatewayMulticastGroup) SetResourceId(v string) *TransitGatewayMu return s } +// SetResourceOwnerId sets the ResourceOwnerId field's value. +func (s *TransitGatewayMulticastGroup) SetResourceOwnerId(v string) *TransitGatewayMulticastGroup { + s.ResourceOwnerId = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *TransitGatewayMulticastGroup) SetResourceType(v string) *TransitGatewayMulticastGroup { s.ResourceType = &v @@ -112261,6 +117611,9 @@ type TransitGatewayOptions struct { // The ID of the default propagation route table. PropagationDefaultRouteTableId *string `locationName:"propagationDefaultRouteTableId" type:"string"` + // The transit gateway CIDR blocks. + TransitGatewayCidrBlocks []*string `locationName:"transitGatewayCidrBlocks" locationNameList:"item" type:"list"` + // Indicates whether Equal Cost Multipath Protocol support is enabled. VpnEcmpSupport *string `locationName:"vpnEcmpSupport" type:"string" enum:"VpnEcmpSupportValue"` } @@ -112323,6 +117676,12 @@ func (s *TransitGatewayOptions) SetPropagationDefaultRouteTableId(v string) *Tra return s } +// SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. +func (s *TransitGatewayOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayOptions { + s.TransitGatewayCidrBlocks = v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *TransitGatewayOptions) SetVpnEcmpSupport(v string) *TransitGatewayOptions { s.VpnEcmpSupport = &v @@ -112606,6 +117965,11 @@ type TransitGatewayRequestOptions struct { // Indicates whether multicast is enabled on the transit gateway MulticastSupport *string `type:"string" enum:"MulticastSupportValue"` + // One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size + // /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for + // IPv6. + TransitGatewayCidrBlocks []*string `locationNameList:"item" type:"list"` + // Enable or disable Equal Cost Multipath Protocol support. Enabled by default. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -112656,6 +118020,12 @@ func (s *TransitGatewayRequestOptions) SetMulticastSupport(v string) *TransitGat return s } +// SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. +func (s *TransitGatewayRequestOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayRequestOptions { + s.TransitGatewayCidrBlocks = v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *TransitGatewayRequestOptions) SetVpnEcmpSupport(v string) *TransitGatewayRequestOptions { s.VpnEcmpSupport = &v @@ -114494,6 +119864,9 @@ type VolumeModification struct { // The original IOPS rate of the volume. OriginalIops *int64 `locationName:"originalIops" type:"integer"` + // The original setting for Amazon EBS Multi-Attach. + OriginalMultiAttachEnabled *bool `locationName:"originalMultiAttachEnabled" type:"boolean"` + // The original size of the volume, in GiB. OriginalSize *int64 `locationName:"originalSize" type:"integer"` @@ -114515,6 +119888,9 @@ type VolumeModification struct { // The target IOPS rate of the volume. TargetIops *int64 `locationName:"targetIops" type:"integer"` + // The target setting for Amazon EBS Multi-Attach. + TargetMultiAttachEnabled *bool `locationName:"targetMultiAttachEnabled" type:"boolean"` + // The target size of the volume, in GiB. TargetSize *int64 `locationName:"targetSize" type:"integer"` @@ -114556,6 +119932,12 @@ func (s *VolumeModification) SetOriginalIops(v int64) *VolumeModification { return s } +// SetOriginalMultiAttachEnabled sets the OriginalMultiAttachEnabled field's value. +func (s *VolumeModification) SetOriginalMultiAttachEnabled(v bool) *VolumeModification { + s.OriginalMultiAttachEnabled = &v + return s +} + // SetOriginalSize sets the OriginalSize field's value. func (s *VolumeModification) SetOriginalSize(v int64) *VolumeModification { s.OriginalSize = &v @@ -114598,6 +119980,12 @@ func (s *VolumeModification) SetTargetIops(v int64) *VolumeModification { return s } +// SetTargetMultiAttachEnabled sets the TargetMultiAttachEnabled field's value. +func (s *VolumeModification) SetTargetMultiAttachEnabled(v bool) *VolumeModification { + s.TargetMultiAttachEnabled = &v + return s +} + // SetTargetSize sets the TargetSize field's value. func (s *VolumeModification) SetTargetSize(v int64) *VolumeModification { s.TargetSize = &v @@ -116535,6 +121923,18 @@ func ActivityStatus_Values() []string { } } +const ( + // AddressAttributeNameDomainName is a AddressAttributeName enum value + AddressAttributeNameDomainName = "domain-name" +) + +// AddressAttributeName_Values returns all elements of the AddressAttributeName enum +func AddressAttributeName_Values() []string { + return []string{ + AddressAttributeNameDomainName, + } +} + const ( // AffinityDefault is a Affinity enum value AffinityDefault = "default" @@ -116619,6 +122019,26 @@ func AllowsMultipleInstanceTypes_Values() []string { } } +const ( + // AnalysisStatusRunning is a AnalysisStatus enum value + AnalysisStatusRunning = "running" + + // AnalysisStatusSucceeded is a AnalysisStatus enum value + AnalysisStatusSucceeded = "succeeded" + + // AnalysisStatusFailed is a AnalysisStatus enum value + AnalysisStatusFailed = "failed" +) + +// AnalysisStatus_Values returns all elements of the AnalysisStatus enum +func AnalysisStatus_Values() []string { + return []string{ + AnalysisStatusRunning, + AnalysisStatusSucceeded, + AnalysisStatusFailed, + } +} + const ( // ApplianceModeSupportValueEnable is a ApplianceModeSupportValue enum value ApplianceModeSupportValueEnable = "enable" @@ -116739,6 +122159,22 @@ func AttachmentStatus_Values() []string { } } +const ( + // AutoAcceptSharedAssociationsValueEnable is a AutoAcceptSharedAssociationsValue enum value + AutoAcceptSharedAssociationsValueEnable = "enable" + + // AutoAcceptSharedAssociationsValueDisable is a AutoAcceptSharedAssociationsValue enum value + AutoAcceptSharedAssociationsValueDisable = "disable" +) + +// AutoAcceptSharedAssociationsValue_Values returns all elements of the AutoAcceptSharedAssociationsValue enum +func AutoAcceptSharedAssociationsValue_Values() []string { + return []string{ + AutoAcceptSharedAssociationsValueEnable, + AutoAcceptSharedAssociationsValueDisable, + } +} + const ( // AutoAcceptSharedAttachmentsValueEnable is a AutoAcceptSharedAttachmentsValue enum value AutoAcceptSharedAttachmentsValueEnable = "enable" @@ -116851,6 +122287,22 @@ func BatchState_Values() []string { } } +const ( + // BgpStatusUp is a BgpStatus enum value + BgpStatusUp = "up" + + // BgpStatusDown is a BgpStatus enum value + BgpStatusDown = "down" +) + +// BgpStatus_Values returns all elements of the BgpStatus enum +func BgpStatus_Values() []string { + return []string{ + BgpStatusUp, + BgpStatusDown, + } +} + const ( // BundleTaskStatePending is a BundleTaskState enum value BundleTaskStatePending = "pending" @@ -118167,6 +123619,22 @@ func IamInstanceProfileAssociationState_Values() []string { } } +const ( + // Igmpv2SupportValueEnable is a Igmpv2SupportValue enum value + Igmpv2SupportValueEnable = "enable" + + // Igmpv2SupportValueDisable is a Igmpv2SupportValue enum value + Igmpv2SupportValueDisable = "disable" +) + +// Igmpv2SupportValue_Values returns all elements of the Igmpv2SupportValue enum +func Igmpv2SupportValue_Values() []string { + return []string{ + Igmpv2SupportValueEnable, + Igmpv2SupportValueDisable, + } +} + const ( // ImageAttributeNameDescription is a ImageAttributeName enum value ImageAttributeNameDescription = "description" @@ -119076,6 +124544,9 @@ const ( // InstanceTypeC5n18xlarge is a InstanceType enum value InstanceTypeC5n18xlarge = "c5n.18xlarge" + // InstanceTypeC5nMetal is a InstanceType enum value + InstanceTypeC5nMetal = "c5n.metal" + // InstanceTypeC6gMetal is a InstanceType enum value InstanceTypeC6gMetal = "c6g.metal" @@ -119130,6 +124601,30 @@ const ( // InstanceTypeC6gd16xlarge is a InstanceType enum value InstanceTypeC6gd16xlarge = "c6gd.16xlarge" + // InstanceTypeC6gnMedium is a InstanceType enum value + InstanceTypeC6gnMedium = "c6gn.medium" + + // InstanceTypeC6gnLarge is a InstanceType enum value + InstanceTypeC6gnLarge = "c6gn.large" + + // InstanceTypeC6gnXlarge is a InstanceType enum value + InstanceTypeC6gnXlarge = "c6gn.xlarge" + + // InstanceTypeC6gn2xlarge is a InstanceType enum value + InstanceTypeC6gn2xlarge = "c6gn.2xlarge" + + // InstanceTypeC6gn4xlarge is a InstanceType enum value + InstanceTypeC6gn4xlarge = "c6gn.4xlarge" + + // InstanceTypeC6gn8xlarge is a InstanceType enum value + InstanceTypeC6gn8xlarge = "c6gn.8xlarge" + + // InstanceTypeC6gn12xlarge is a InstanceType enum value + InstanceTypeC6gn12xlarge = "c6gn.12xlarge" + + // InstanceTypeC6gn16xlarge is a InstanceType enum value + InstanceTypeC6gn16xlarge = "c6gn.16xlarge" + // InstanceTypeCc14xlarge is a InstanceType enum value InstanceTypeCc14xlarge = "cc1.4xlarge" @@ -119820,6 +125315,7 @@ func InstanceType_Values() []string { InstanceTypeC5n4xlarge, InstanceTypeC5n9xlarge, InstanceTypeC5n18xlarge, + InstanceTypeC5nMetal, InstanceTypeC6gMetal, InstanceTypeC6gMedium, InstanceTypeC6gLarge, @@ -119838,6 +125334,14 @@ func InstanceType_Values() []string { InstanceTypeC6gd8xlarge, InstanceTypeC6gd12xlarge, InstanceTypeC6gd16xlarge, + InstanceTypeC6gnMedium, + InstanceTypeC6gnLarge, + InstanceTypeC6gnXlarge, + InstanceTypeC6gn2xlarge, + InstanceTypeC6gn4xlarge, + InstanceTypeC6gn8xlarge, + InstanceTypeC6gn12xlarge, + InstanceTypeC6gn16xlarge, InstanceTypeCc14xlarge, InstanceTypeCc28xlarge, InstanceTypeG22xlarge, @@ -120787,6 +126291,34 @@ func ProductCodeValues_Values() []string { } } +const ( + // ProtocolTcp is a Protocol enum value + ProtocolTcp = "tcp" + + // ProtocolUdp is a Protocol enum value + ProtocolUdp = "udp" +) + +// Protocol_Values returns all elements of the Protocol enum +func Protocol_Values() []string { + return []string{ + ProtocolTcp, + ProtocolUdp, + } +} + +const ( + // ProtocolValueGre is a ProtocolValue enum value + ProtocolValueGre = "gre" +) + +// ProtocolValue_Values returns all elements of the ProtocolValue enum +func ProtocolValue_Values() []string { + return []string{ + ProtocolValueGre, + } +} + const ( // RIProductDescriptionLinuxUnix is a RIProductDescription enum value RIProductDescriptionLinuxUnix = "Linux/UNIX" @@ -121045,6 +126577,12 @@ const ( // ResourceTypeNetworkInterface is a ResourceType enum value ResourceTypeNetworkInterface = "network-interface" + // ResourceTypeNetworkInsightsAnalysis is a ResourceType enum value + ResourceTypeNetworkInsightsAnalysis = "network-insights-analysis" + + // ResourceTypeNetworkInsightsPath is a ResourceType enum value + ResourceTypeNetworkInsightsPath = "network-insights-path" + // ResourceTypePlacementGroup is a ResourceType enum value ResourceTypePlacementGroup = "placement-group" @@ -121084,6 +126622,9 @@ const ( // ResourceTypeTransitGatewayAttachment is a ResourceType enum value ResourceTypeTransitGatewayAttachment = "transit-gateway-attachment" + // ResourceTypeTransitGatewayConnectPeer is a ResourceType enum value + ResourceTypeTransitGatewayConnectPeer = "transit-gateway-connect-peer" + // ResourceTypeTransitGatewayMulticastDomain is a ResourceType enum value ResourceTypeTransitGatewayMulticastDomain = "transit-gateway-multicast-domain" @@ -121135,6 +126676,8 @@ func ResourceType_Values() []string { ResourceTypeNatgateway, ResourceTypeNetworkAcl, ResourceTypeNetworkInterface, + ResourceTypeNetworkInsightsAnalysis, + ResourceTypeNetworkInsightsPath, ResourceTypePlacementGroup, ResourceTypeReservedInstances, ResourceTypeRouteTable, @@ -121148,6 +126691,7 @@ func ResourceType_Values() []string { ResourceTypeTrafficMirrorTarget, ResourceTypeTransitGateway, ResourceTypeTransitGatewayAttachment, + ResourceTypeTransitGatewayConnectPeer, ResourceTypeTransitGatewayMulticastDomain, ResourceTypeTransitGatewayRouteTable, ResourceTypeVolume, @@ -121511,6 +127055,22 @@ func State_Values() []string { } } +const ( + // StaticSourcesSupportValueEnable is a StaticSourcesSupportValue enum value + StaticSourcesSupportValueEnable = "enable" + + // StaticSourcesSupportValueDisable is a StaticSourcesSupportValue enum value + StaticSourcesSupportValueDisable = "disable" +) + +// StaticSourcesSupportValue_Values returns all elements of the StaticSourcesSupportValue enum +func StaticSourcesSupportValue_Values() []string { + return []string{ + StaticSourcesSupportValueEnable, + StaticSourcesSupportValueDisable, + } +} + const ( // StatusMoveInProgress is a Status enum value StatusMoveInProgress = "MoveInProgress" @@ -121837,6 +127397,9 @@ const ( // TransitGatewayAttachmentResourceTypeDirectConnectGateway is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeDirectConnectGateway = "direct-connect-gateway" + // TransitGatewayAttachmentResourceTypeConnect is a TransitGatewayAttachmentResourceType enum value + TransitGatewayAttachmentResourceTypeConnect = "connect" + // TransitGatewayAttachmentResourceTypePeering is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypePeering = "peering" @@ -121850,6 +127413,7 @@ func TransitGatewayAttachmentResourceType_Values() []string { TransitGatewayAttachmentResourceTypeVpc, TransitGatewayAttachmentResourceTypeVpn, TransitGatewayAttachmentResourceTypeDirectConnectGateway, + TransitGatewayAttachmentResourceTypeConnect, TransitGatewayAttachmentResourceTypePeering, TransitGatewayAttachmentResourceTypeTgwPeering, } @@ -121916,6 +127480,33 @@ func TransitGatewayAttachmentState_Values() []string { } const ( + // TransitGatewayConnectPeerStatePending is a TransitGatewayConnectPeerState enum value + TransitGatewayConnectPeerStatePending = "pending" + + // TransitGatewayConnectPeerStateAvailable is a TransitGatewayConnectPeerState enum value + TransitGatewayConnectPeerStateAvailable = "available" + + // TransitGatewayConnectPeerStateDeleting is a TransitGatewayConnectPeerState enum value + TransitGatewayConnectPeerStateDeleting = "deleting" + + // TransitGatewayConnectPeerStateDeleted is a TransitGatewayConnectPeerState enum value + TransitGatewayConnectPeerStateDeleted = "deleted" +) + +// TransitGatewayConnectPeerState_Values returns all elements of the TransitGatewayConnectPeerState enum +func TransitGatewayConnectPeerState_Values() []string { + return []string{ + TransitGatewayConnectPeerStatePending, + TransitGatewayConnectPeerStateAvailable, + TransitGatewayConnectPeerStateDeleting, + TransitGatewayConnectPeerStateDeleted, + } +} + +const ( + // TransitGatewayMulitcastDomainAssociationStatePendingAcceptance is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStatePendingAcceptance = "pendingAcceptance" + // TransitGatewayMulitcastDomainAssociationStateAssociating is a TransitGatewayMulitcastDomainAssociationState enum value TransitGatewayMulitcastDomainAssociationStateAssociating = "associating" @@ -121927,15 +127518,24 @@ const ( // TransitGatewayMulitcastDomainAssociationStateDisassociated is a TransitGatewayMulitcastDomainAssociationState enum value TransitGatewayMulitcastDomainAssociationStateDisassociated = "disassociated" + + // TransitGatewayMulitcastDomainAssociationStateRejected is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateRejected = "rejected" + + // TransitGatewayMulitcastDomainAssociationStateFailed is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateFailed = "failed" ) // TransitGatewayMulitcastDomainAssociationState_Values returns all elements of the TransitGatewayMulitcastDomainAssociationState enum func TransitGatewayMulitcastDomainAssociationState_Values() []string { return []string{ + TransitGatewayMulitcastDomainAssociationStatePendingAcceptance, TransitGatewayMulitcastDomainAssociationStateAssociating, TransitGatewayMulitcastDomainAssociationStateAssociated, TransitGatewayMulitcastDomainAssociationStateDisassociating, TransitGatewayMulitcastDomainAssociationStateDisassociated, + TransitGatewayMulitcastDomainAssociationStateRejected, + TransitGatewayMulitcastDomainAssociationStateFailed, } } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go index 31c314e0e..47c44cc9d 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go @@ -4,8 +4,14 @@ // requests to Amazon Elastic Compute Cloud. // // Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing -// capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest +// capacity in the AWS Cloud. Using Amazon EC2 eliminates the need to invest // in hardware up front, so you can develop and deploy applications faster. +// Amazon Virtual Private Cloud (Amazon VPC) enables you to provision a logically +// isolated section of the AWS Cloud where you can launch AWS resources in a +// virtual network that you've defined. Amazon Elastic Block Store (Amazon EBS) +// provides block level storage volumes for use with EC2 instances. EBS volumes +// are highly available and reliable storage volumes that can be attached to +// any running instance and used like a hard drive. // // To learn more, see the following resources: // @@ -13,7 +19,7 @@ // EC2 documentation (http://aws.amazon.com/documentation/ec2) // // * Amazon EBS: Amazon EBS product page (http://aws.amazon.com/ebs), Amazon -// EBS documentation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) +// EBS documentation (http://aws.amazon.com/documentation/ebs) // // * Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon // VPC documentation (http://aws.amazon.com/documentation/vpc) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go index dd70a8f07..f39664930 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/ec2iface/interface.go @@ -64,6 +64,10 @@ type EC2API interface { AcceptReservedInstancesExchangeQuoteWithContext(aws.Context, *ec2.AcceptReservedInstancesExchangeQuoteInput, ...request.Option) (*ec2.AcceptReservedInstancesExchangeQuoteOutput, error) AcceptReservedInstancesExchangeQuoteRequest(*ec2.AcceptReservedInstancesExchangeQuoteInput) (*request.Request, *ec2.AcceptReservedInstancesExchangeQuoteOutput) + AcceptTransitGatewayMulticastDomainAssociations(*ec2.AcceptTransitGatewayMulticastDomainAssociationsInput) (*ec2.AcceptTransitGatewayMulticastDomainAssociationsOutput, error) + AcceptTransitGatewayMulticastDomainAssociationsWithContext(aws.Context, *ec2.AcceptTransitGatewayMulticastDomainAssociationsInput, ...request.Option) (*ec2.AcceptTransitGatewayMulticastDomainAssociationsOutput, error) + AcceptTransitGatewayMulticastDomainAssociationsRequest(*ec2.AcceptTransitGatewayMulticastDomainAssociationsInput) (*request.Request, *ec2.AcceptTransitGatewayMulticastDomainAssociationsOutput) + AcceptTransitGatewayPeeringAttachment(*ec2.AcceptTransitGatewayPeeringAttachmentInput) (*ec2.AcceptTransitGatewayPeeringAttachmentOutput, error) AcceptTransitGatewayPeeringAttachmentWithContext(aws.Context, *ec2.AcceptTransitGatewayPeeringAttachmentInput, ...request.Option) (*ec2.AcceptTransitGatewayPeeringAttachmentOutput, error) AcceptTransitGatewayPeeringAttachmentRequest(*ec2.AcceptTransitGatewayPeeringAttachmentInput) (*request.Request, *ec2.AcceptTransitGatewayPeeringAttachmentOutput) @@ -324,6 +328,10 @@ type EC2API interface { CreateNetworkAclEntryWithContext(aws.Context, *ec2.CreateNetworkAclEntryInput, ...request.Option) (*ec2.CreateNetworkAclEntryOutput, error) CreateNetworkAclEntryRequest(*ec2.CreateNetworkAclEntryInput) (*request.Request, *ec2.CreateNetworkAclEntryOutput) + CreateNetworkInsightsPath(*ec2.CreateNetworkInsightsPathInput) (*ec2.CreateNetworkInsightsPathOutput, error) + CreateNetworkInsightsPathWithContext(aws.Context, *ec2.CreateNetworkInsightsPathInput, ...request.Option) (*ec2.CreateNetworkInsightsPathOutput, error) + CreateNetworkInsightsPathRequest(*ec2.CreateNetworkInsightsPathInput) (*request.Request, *ec2.CreateNetworkInsightsPathOutput) + CreateNetworkInterface(*ec2.CreateNetworkInterfaceInput) (*ec2.CreateNetworkInterfaceOutput, error) CreateNetworkInterfaceWithContext(aws.Context, *ec2.CreateNetworkInterfaceInput, ...request.Option) (*ec2.CreateNetworkInterfaceOutput, error) CreateNetworkInterfaceRequest(*ec2.CreateNetworkInterfaceInput) (*request.Request, *ec2.CreateNetworkInterfaceOutput) @@ -392,6 +400,14 @@ type EC2API interface { CreateTransitGatewayWithContext(aws.Context, *ec2.CreateTransitGatewayInput, ...request.Option) (*ec2.CreateTransitGatewayOutput, error) CreateTransitGatewayRequest(*ec2.CreateTransitGatewayInput) (*request.Request, *ec2.CreateTransitGatewayOutput) + CreateTransitGatewayConnect(*ec2.CreateTransitGatewayConnectInput) (*ec2.CreateTransitGatewayConnectOutput, error) + CreateTransitGatewayConnectWithContext(aws.Context, *ec2.CreateTransitGatewayConnectInput, ...request.Option) (*ec2.CreateTransitGatewayConnectOutput, error) + CreateTransitGatewayConnectRequest(*ec2.CreateTransitGatewayConnectInput) (*request.Request, *ec2.CreateTransitGatewayConnectOutput) + + CreateTransitGatewayConnectPeer(*ec2.CreateTransitGatewayConnectPeerInput) (*ec2.CreateTransitGatewayConnectPeerOutput, error) + CreateTransitGatewayConnectPeerWithContext(aws.Context, *ec2.CreateTransitGatewayConnectPeerInput, ...request.Option) (*ec2.CreateTransitGatewayConnectPeerOutput, error) + CreateTransitGatewayConnectPeerRequest(*ec2.CreateTransitGatewayConnectPeerInput) (*request.Request, *ec2.CreateTransitGatewayConnectPeerOutput) + CreateTransitGatewayMulticastDomain(*ec2.CreateTransitGatewayMulticastDomainInput) (*ec2.CreateTransitGatewayMulticastDomainOutput, error) CreateTransitGatewayMulticastDomainWithContext(aws.Context, *ec2.CreateTransitGatewayMulticastDomainInput, ...request.Option) (*ec2.CreateTransitGatewayMulticastDomainOutput, error) CreateTransitGatewayMulticastDomainRequest(*ec2.CreateTransitGatewayMulticastDomainInput) (*request.Request, *ec2.CreateTransitGatewayMulticastDomainOutput) @@ -528,6 +544,14 @@ type EC2API interface { DeleteNetworkAclEntryWithContext(aws.Context, *ec2.DeleteNetworkAclEntryInput, ...request.Option) (*ec2.DeleteNetworkAclEntryOutput, error) DeleteNetworkAclEntryRequest(*ec2.DeleteNetworkAclEntryInput) (*request.Request, *ec2.DeleteNetworkAclEntryOutput) + DeleteNetworkInsightsAnalysis(*ec2.DeleteNetworkInsightsAnalysisInput) (*ec2.DeleteNetworkInsightsAnalysisOutput, error) + DeleteNetworkInsightsAnalysisWithContext(aws.Context, *ec2.DeleteNetworkInsightsAnalysisInput, ...request.Option) (*ec2.DeleteNetworkInsightsAnalysisOutput, error) + DeleteNetworkInsightsAnalysisRequest(*ec2.DeleteNetworkInsightsAnalysisInput) (*request.Request, *ec2.DeleteNetworkInsightsAnalysisOutput) + + DeleteNetworkInsightsPath(*ec2.DeleteNetworkInsightsPathInput) (*ec2.DeleteNetworkInsightsPathOutput, error) + DeleteNetworkInsightsPathWithContext(aws.Context, *ec2.DeleteNetworkInsightsPathInput, ...request.Option) (*ec2.DeleteNetworkInsightsPathOutput, error) + DeleteNetworkInsightsPathRequest(*ec2.DeleteNetworkInsightsPathInput) (*request.Request, *ec2.DeleteNetworkInsightsPathOutput) + DeleteNetworkInterface(*ec2.DeleteNetworkInterfaceInput) (*ec2.DeleteNetworkInterfaceOutput, error) DeleteNetworkInterfaceWithContext(aws.Context, *ec2.DeleteNetworkInterfaceInput, ...request.Option) (*ec2.DeleteNetworkInterfaceOutput, error) DeleteNetworkInterfaceRequest(*ec2.DeleteNetworkInterfaceInput) (*request.Request, *ec2.DeleteNetworkInterfaceOutput) @@ -592,6 +616,14 @@ type EC2API interface { DeleteTransitGatewayWithContext(aws.Context, *ec2.DeleteTransitGatewayInput, ...request.Option) (*ec2.DeleteTransitGatewayOutput, error) DeleteTransitGatewayRequest(*ec2.DeleteTransitGatewayInput) (*request.Request, *ec2.DeleteTransitGatewayOutput) + DeleteTransitGatewayConnect(*ec2.DeleteTransitGatewayConnectInput) (*ec2.DeleteTransitGatewayConnectOutput, error) + DeleteTransitGatewayConnectWithContext(aws.Context, *ec2.DeleteTransitGatewayConnectInput, ...request.Option) (*ec2.DeleteTransitGatewayConnectOutput, error) + DeleteTransitGatewayConnectRequest(*ec2.DeleteTransitGatewayConnectInput) (*request.Request, *ec2.DeleteTransitGatewayConnectOutput) + + DeleteTransitGatewayConnectPeer(*ec2.DeleteTransitGatewayConnectPeerInput) (*ec2.DeleteTransitGatewayConnectPeerOutput, error) + DeleteTransitGatewayConnectPeerWithContext(aws.Context, *ec2.DeleteTransitGatewayConnectPeerInput, ...request.Option) (*ec2.DeleteTransitGatewayConnectPeerOutput, error) + DeleteTransitGatewayConnectPeerRequest(*ec2.DeleteTransitGatewayConnectPeerInput) (*request.Request, *ec2.DeleteTransitGatewayConnectPeerOutput) + DeleteTransitGatewayMulticastDomain(*ec2.DeleteTransitGatewayMulticastDomainInput) (*ec2.DeleteTransitGatewayMulticastDomainOutput, error) DeleteTransitGatewayMulticastDomainWithContext(aws.Context, *ec2.DeleteTransitGatewayMulticastDomainInput, ...request.Option) (*ec2.DeleteTransitGatewayMulticastDomainOutput, error) DeleteTransitGatewayMulticastDomainRequest(*ec2.DeleteTransitGatewayMulticastDomainInput) (*request.Request, *ec2.DeleteTransitGatewayMulticastDomainOutput) @@ -680,6 +712,13 @@ type EC2API interface { DescribeAddressesWithContext(aws.Context, *ec2.DescribeAddressesInput, ...request.Option) (*ec2.DescribeAddressesOutput, error) DescribeAddressesRequest(*ec2.DescribeAddressesInput) (*request.Request, *ec2.DescribeAddressesOutput) + DescribeAddressesAttribute(*ec2.DescribeAddressesAttributeInput) (*ec2.DescribeAddressesAttributeOutput, error) + DescribeAddressesAttributeWithContext(aws.Context, *ec2.DescribeAddressesAttributeInput, ...request.Option) (*ec2.DescribeAddressesAttributeOutput, error) + DescribeAddressesAttributeRequest(*ec2.DescribeAddressesAttributeInput) (*request.Request, *ec2.DescribeAddressesAttributeOutput) + + DescribeAddressesAttributePages(*ec2.DescribeAddressesAttributeInput, func(*ec2.DescribeAddressesAttributeOutput, bool) bool) error + DescribeAddressesAttributePagesWithContext(aws.Context, *ec2.DescribeAddressesAttributeInput, func(*ec2.DescribeAddressesAttributeOutput, bool) bool, ...request.Option) error + DescribeAggregateIdFormat(*ec2.DescribeAggregateIdFormatInput) (*ec2.DescribeAggregateIdFormatOutput, error) DescribeAggregateIdFormatWithContext(aws.Context, *ec2.DescribeAggregateIdFormatInput, ...request.Option) (*ec2.DescribeAggregateIdFormatOutput, error) DescribeAggregateIdFormatRequest(*ec2.DescribeAggregateIdFormatInput) (*request.Request, *ec2.DescribeAggregateIdFormatOutput) @@ -1042,6 +1081,20 @@ type EC2API interface { DescribeNetworkAclsPages(*ec2.DescribeNetworkAclsInput, func(*ec2.DescribeNetworkAclsOutput, bool) bool) error DescribeNetworkAclsPagesWithContext(aws.Context, *ec2.DescribeNetworkAclsInput, func(*ec2.DescribeNetworkAclsOutput, bool) bool, ...request.Option) error + DescribeNetworkInsightsAnalyses(*ec2.DescribeNetworkInsightsAnalysesInput) (*ec2.DescribeNetworkInsightsAnalysesOutput, error) + DescribeNetworkInsightsAnalysesWithContext(aws.Context, *ec2.DescribeNetworkInsightsAnalysesInput, ...request.Option) (*ec2.DescribeNetworkInsightsAnalysesOutput, error) + DescribeNetworkInsightsAnalysesRequest(*ec2.DescribeNetworkInsightsAnalysesInput) (*request.Request, *ec2.DescribeNetworkInsightsAnalysesOutput) + + DescribeNetworkInsightsAnalysesPages(*ec2.DescribeNetworkInsightsAnalysesInput, func(*ec2.DescribeNetworkInsightsAnalysesOutput, bool) bool) error + DescribeNetworkInsightsAnalysesPagesWithContext(aws.Context, *ec2.DescribeNetworkInsightsAnalysesInput, func(*ec2.DescribeNetworkInsightsAnalysesOutput, bool) bool, ...request.Option) error + + DescribeNetworkInsightsPaths(*ec2.DescribeNetworkInsightsPathsInput) (*ec2.DescribeNetworkInsightsPathsOutput, error) + DescribeNetworkInsightsPathsWithContext(aws.Context, *ec2.DescribeNetworkInsightsPathsInput, ...request.Option) (*ec2.DescribeNetworkInsightsPathsOutput, error) + DescribeNetworkInsightsPathsRequest(*ec2.DescribeNetworkInsightsPathsInput) (*request.Request, *ec2.DescribeNetworkInsightsPathsOutput) + + DescribeNetworkInsightsPathsPages(*ec2.DescribeNetworkInsightsPathsInput, func(*ec2.DescribeNetworkInsightsPathsOutput, bool) bool) error + DescribeNetworkInsightsPathsPagesWithContext(aws.Context, *ec2.DescribeNetworkInsightsPathsInput, func(*ec2.DescribeNetworkInsightsPathsOutput, bool) bool, ...request.Option) error + DescribeNetworkInterfaceAttribute(*ec2.DescribeNetworkInterfaceAttributeInput) (*ec2.DescribeNetworkInterfaceAttributeOutput, error) DescribeNetworkInterfaceAttributeWithContext(aws.Context, *ec2.DescribeNetworkInterfaceAttributeInput, ...request.Option) (*ec2.DescribeNetworkInterfaceAttributeOutput, error) DescribeNetworkInterfaceAttributeRequest(*ec2.DescribeNetworkInterfaceAttributeInput) (*request.Request, *ec2.DescribeNetworkInterfaceAttributeOutput) @@ -1236,6 +1289,20 @@ type EC2API interface { DescribeTransitGatewayAttachmentsPages(*ec2.DescribeTransitGatewayAttachmentsInput, func(*ec2.DescribeTransitGatewayAttachmentsOutput, bool) bool) error DescribeTransitGatewayAttachmentsPagesWithContext(aws.Context, *ec2.DescribeTransitGatewayAttachmentsInput, func(*ec2.DescribeTransitGatewayAttachmentsOutput, bool) bool, ...request.Option) error + DescribeTransitGatewayConnectPeers(*ec2.DescribeTransitGatewayConnectPeersInput) (*ec2.DescribeTransitGatewayConnectPeersOutput, error) + DescribeTransitGatewayConnectPeersWithContext(aws.Context, *ec2.DescribeTransitGatewayConnectPeersInput, ...request.Option) (*ec2.DescribeTransitGatewayConnectPeersOutput, error) + DescribeTransitGatewayConnectPeersRequest(*ec2.DescribeTransitGatewayConnectPeersInput) (*request.Request, *ec2.DescribeTransitGatewayConnectPeersOutput) + + DescribeTransitGatewayConnectPeersPages(*ec2.DescribeTransitGatewayConnectPeersInput, func(*ec2.DescribeTransitGatewayConnectPeersOutput, bool) bool) error + DescribeTransitGatewayConnectPeersPagesWithContext(aws.Context, *ec2.DescribeTransitGatewayConnectPeersInput, func(*ec2.DescribeTransitGatewayConnectPeersOutput, bool) bool, ...request.Option) error + + DescribeTransitGatewayConnects(*ec2.DescribeTransitGatewayConnectsInput) (*ec2.DescribeTransitGatewayConnectsOutput, error) + DescribeTransitGatewayConnectsWithContext(aws.Context, *ec2.DescribeTransitGatewayConnectsInput, ...request.Option) (*ec2.DescribeTransitGatewayConnectsOutput, error) + DescribeTransitGatewayConnectsRequest(*ec2.DescribeTransitGatewayConnectsInput) (*request.Request, *ec2.DescribeTransitGatewayConnectsOutput) + + DescribeTransitGatewayConnectsPages(*ec2.DescribeTransitGatewayConnectsInput, func(*ec2.DescribeTransitGatewayConnectsOutput, bool) bool) error + DescribeTransitGatewayConnectsPagesWithContext(aws.Context, *ec2.DescribeTransitGatewayConnectsInput, func(*ec2.DescribeTransitGatewayConnectsOutput, bool) bool, ...request.Option) error + DescribeTransitGatewayMulticastDomains(*ec2.DescribeTransitGatewayMulticastDomainsInput) (*ec2.DescribeTransitGatewayMulticastDomainsOutput, error) DescribeTransitGatewayMulticastDomainsWithContext(aws.Context, *ec2.DescribeTransitGatewayMulticastDomainsInput, ...request.Option) (*ec2.DescribeTransitGatewayMulticastDomainsOutput, error) DescribeTransitGatewayMulticastDomainsRequest(*ec2.DescribeTransitGatewayMulticastDomainsInput) (*request.Request, *ec2.DescribeTransitGatewayMulticastDomainsOutput) @@ -1631,6 +1698,10 @@ type EC2API interface { ImportVolumeWithContext(aws.Context, *ec2.ImportVolumeInput, ...request.Option) (*ec2.ImportVolumeOutput, error) ImportVolumeRequest(*ec2.ImportVolumeInput) (*request.Request, *ec2.ImportVolumeOutput) + ModifyAddressAttribute(*ec2.ModifyAddressAttributeInput) (*ec2.ModifyAddressAttributeOutput, error) + ModifyAddressAttributeWithContext(aws.Context, *ec2.ModifyAddressAttributeInput, ...request.Option) (*ec2.ModifyAddressAttributeOutput, error) + ModifyAddressAttributeRequest(*ec2.ModifyAddressAttributeInput) (*request.Request, *ec2.ModifyAddressAttributeOutput) + ModifyAvailabilityZoneGroup(*ec2.ModifyAvailabilityZoneGroupInput) (*ec2.ModifyAvailabilityZoneGroupOutput, error) ModifyAvailabilityZoneGroupWithContext(aws.Context, *ec2.ModifyAvailabilityZoneGroupInput, ...request.Option) (*ec2.ModifyAvailabilityZoneGroupOutput, error) ModifyAvailabilityZoneGroupRequest(*ec2.ModifyAvailabilityZoneGroupInput) (*request.Request, *ec2.ModifyAvailabilityZoneGroupOutput) @@ -1847,6 +1918,10 @@ type EC2API interface { RegisterTransitGatewayMulticastGroupSourcesWithContext(aws.Context, *ec2.RegisterTransitGatewayMulticastGroupSourcesInput, ...request.Option) (*ec2.RegisterTransitGatewayMulticastGroupSourcesOutput, error) RegisterTransitGatewayMulticastGroupSourcesRequest(*ec2.RegisterTransitGatewayMulticastGroupSourcesInput) (*request.Request, *ec2.RegisterTransitGatewayMulticastGroupSourcesOutput) + RejectTransitGatewayMulticastDomainAssociations(*ec2.RejectTransitGatewayMulticastDomainAssociationsInput) (*ec2.RejectTransitGatewayMulticastDomainAssociationsOutput, error) + RejectTransitGatewayMulticastDomainAssociationsWithContext(aws.Context, *ec2.RejectTransitGatewayMulticastDomainAssociationsInput, ...request.Option) (*ec2.RejectTransitGatewayMulticastDomainAssociationsOutput, error) + RejectTransitGatewayMulticastDomainAssociationsRequest(*ec2.RejectTransitGatewayMulticastDomainAssociationsInput) (*request.Request, *ec2.RejectTransitGatewayMulticastDomainAssociationsOutput) + RejectTransitGatewayPeeringAttachment(*ec2.RejectTransitGatewayPeeringAttachmentInput) (*ec2.RejectTransitGatewayPeeringAttachmentOutput, error) RejectTransitGatewayPeeringAttachmentWithContext(aws.Context, *ec2.RejectTransitGatewayPeeringAttachmentInput, ...request.Option) (*ec2.RejectTransitGatewayPeeringAttachmentOutput, error) RejectTransitGatewayPeeringAttachmentRequest(*ec2.RejectTransitGatewayPeeringAttachmentInput) (*request.Request, *ec2.RejectTransitGatewayPeeringAttachmentOutput) @@ -1907,6 +1982,10 @@ type EC2API interface { RequestSpotInstancesWithContext(aws.Context, *ec2.RequestSpotInstancesInput, ...request.Option) (*ec2.RequestSpotInstancesOutput, error) RequestSpotInstancesRequest(*ec2.RequestSpotInstancesInput) (*request.Request, *ec2.RequestSpotInstancesOutput) + ResetAddressAttribute(*ec2.ResetAddressAttributeInput) (*ec2.ResetAddressAttributeOutput, error) + ResetAddressAttributeWithContext(aws.Context, *ec2.ResetAddressAttributeInput, ...request.Option) (*ec2.ResetAddressAttributeOutput, error) + ResetAddressAttributeRequest(*ec2.ResetAddressAttributeInput) (*request.Request, *ec2.ResetAddressAttributeOutput) + ResetEbsDefaultKmsKeyId(*ec2.ResetEbsDefaultKmsKeyIdInput) (*ec2.ResetEbsDefaultKmsKeyIdOutput, error) ResetEbsDefaultKmsKeyIdWithContext(aws.Context, *ec2.ResetEbsDefaultKmsKeyIdInput, ...request.Option) (*ec2.ResetEbsDefaultKmsKeyIdOutput, error) ResetEbsDefaultKmsKeyIdRequest(*ec2.ResetEbsDefaultKmsKeyIdInput) (*request.Request, *ec2.ResetEbsDefaultKmsKeyIdOutput) @@ -1985,6 +2064,10 @@ type EC2API interface { StartInstancesWithContext(aws.Context, *ec2.StartInstancesInput, ...request.Option) (*ec2.StartInstancesOutput, error) StartInstancesRequest(*ec2.StartInstancesInput) (*request.Request, *ec2.StartInstancesOutput) + StartNetworkInsightsAnalysis(*ec2.StartNetworkInsightsAnalysisInput) (*ec2.StartNetworkInsightsAnalysisOutput, error) + StartNetworkInsightsAnalysisWithContext(aws.Context, *ec2.StartNetworkInsightsAnalysisInput, ...request.Option) (*ec2.StartNetworkInsightsAnalysisOutput, error) + StartNetworkInsightsAnalysisRequest(*ec2.StartNetworkInsightsAnalysisInput) (*request.Request, *ec2.StartNetworkInsightsAnalysisOutput) + StartVpcEndpointServicePrivateDnsVerification(*ec2.StartVpcEndpointServicePrivateDnsVerificationInput) (*ec2.StartVpcEndpointServicePrivateDnsVerificationOutput, error) StartVpcEndpointServicePrivateDnsVerificationWithContext(aws.Context, *ec2.StartVpcEndpointServicePrivateDnsVerificationInput, ...request.Option) (*ec2.StartVpcEndpointServicePrivateDnsVerificationOutput, error) StartVpcEndpointServicePrivateDnsVerificationRequest(*ec2.StartVpcEndpointServicePrivateDnsVerificationInput) (*request.Request, *ec2.StartVpcEndpointServicePrivateDnsVerificationOutput) diff --git a/vendor/github.com/aws/aws-sdk-go/service/iam/api.go b/vendor/github.com/aws/aws-sdk-go/service/iam/api.go index 7c3a5dd0d..72e374e2b 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/iam/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/iam/api.go @@ -82,8 +82,7 @@ func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpen // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -157,21 +156,19 @@ func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInp // AddRoleToInstanceProfile API operation for AWS Identity and Access Management. // // Adds the specified IAM role to the specified instance profile. An instance -// profile can contain only one role. (The number and size of IAM resources -// in an AWS account are limited. For more information, see IAM and STS Quotas -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) -// in the IAM User Guide.) You can remove the existing role and then add a different -// role to an instance profile. You must then wait for the change to appear -// across all of AWS because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). +// profile can contain only one role, and this quota cannot be increased. You +// can remove the existing role and then add a different role to an instance +// profile. You must then wait for the change to appear across all of AWS because +// of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). // To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html) // and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html), // or you can stop your instance and then restart it. // -// The caller of this API must be granted the PassRole permission on the IAM -// role by a permissions policy. +// The caller of this operation must be granted the PassRole permission on the +// IAM role by a permissions policy. // -// For more information about roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// For more information about instance profiles, go to About Instance Profiles +// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// For more information about instance profiles, see About instance profiles // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -192,8 +189,7 @@ func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInp // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeUnmodifiableEntityException "UnmodifiableEntity" // The request was rejected because only the service that depends on the service-linked @@ -288,8 +284,7 @@ func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -364,10 +359,10 @@ func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *requ // // Attaches the specified managed policy to the specified IAM group. // -// You use this API to attach a managed policy to a group. To embed an inline -// policy in a group, use PutGroupPolicy. +// You use this operation to attach a managed policy to a group. To embed an +// inline policy in a group, use PutGroupPolicy. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -385,8 +380,7 @@ func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *requ // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -475,9 +469,9 @@ func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *reques // policy is created at the same time as the role, using CreateRole. You can // update a role's trust policy using UpdateAssumeRolePolicy. // -// Use this API to attach a managed policy to a role. To embed an inline policy -// in a role, use PutRolePolicy. For more information about policies, see Managed -// Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// Use this operation to attach a managed policy to a role. To embed an inline +// policy in a role, use PutRolePolicy. For more information about policies, +// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -494,8 +488,7 @@ func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -584,10 +577,10 @@ func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *reques // // Attaches the specified managed policy to the specified user. // -// You use this API to attach a managed policy to a user. To embed an inline -// policy in a user, use PutUserPolicy. +// You use this operation to attach a managed policy to a user. To embed an +// inline policy in a user, use PutUserPolicy. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -605,8 +598,7 @@ func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -687,11 +679,14 @@ func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Re // ChangePassword API operation for AWS Identity and Access Management. // -// Changes the password of the IAM user who is calling this operation. The AWS -// account root user password is not affected by this operation. +// Changes the password of the IAM user who is calling this operation. This +// operation can be performed using the AWS CLI, the AWS API, or the My Security +// Credentials page in the AWS Management Console. The AWS account root user +// password is not affected by this operation. // -// To change the password for a different user, see UpdateLoginProfile. For -// more information about modifying passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) +// Use UpdateLoginProfile to use the AWS CLI, the AWS API, or the Users page +// in the IAM console to change the password for any IAM user. For more information +// about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -712,8 +707,7 @@ func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" // The request was rejected because it referenced an entity that is temporarily @@ -804,8 +798,8 @@ func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request. // to manage AWS account root user credentials. This is true even if the AWS // account has no associated users. // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about quotas on the number of keys you can create, see IAM +// and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // To ensure the security of your AWS account, the secret access key is accessible @@ -828,8 +822,7 @@ func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request. // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -903,7 +896,7 @@ func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *re // CreateAccountAlias API operation for AWS Identity and Access Management. // // Creates an alias for your AWS account. For information about using an AWS -// account alias, see Using an Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) +// account alias, see Using an alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -920,8 +913,7 @@ func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -995,8 +987,8 @@ func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, // // Creates a new group. // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about the number of groups you can create, see IAM and STS +// quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1009,8 +1001,7 @@ func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -1091,10 +1082,10 @@ func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (r // CreateInstanceProfile API operation for AWS Identity and Access Management. // // Creates a new instance profile. For information about instance profiles, -// go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). +// see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entities). // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about the number of instance profiles you can create, see +// IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1109,10 +1100,18 @@ func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (r // The request was rejected because it attempted to create a resource that already // exists. // +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -1184,9 +1183,15 @@ func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *re // CreateLoginProfile API operation for AWS Identity and Access Management. // -// Creates a password for the specified user, giving the user the ability to -// access AWS services through the AWS Management Console. For more information -// about managing passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) +// Creates a password for the specified IAM user. A password allows an IAM user +// to access AWS services through the AWS Management Console. +// +// You can use the AWS CLI, the AWS API, or the Users page in the IAM console +// to create a password for any IAM user. Use ChangePassword to update your +// own existing password in the My Security Credentials page in the AWS Management +// Console. +// +// For more information about managing passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1211,8 +1216,7 @@ func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -1326,8 +1330,12 @@ func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProvi // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -1403,11 +1411,11 @@ func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Reques // // This operation creates a policy version with a version identifier of v1 and // sets v1 as the policy's default version. For more information about policy -// versions, see Versioning for Managed Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) +// versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // -// For more information about managed policies in general, see Managed Policies -// and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies in general, see Managed policies +// and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1424,8 +1432,7 @@ func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -1435,6 +1442,11 @@ func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Reques // The request was rejected because the policy document was malformed. The error // message describes the specific error. // +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception // or failure. @@ -1514,8 +1526,8 @@ func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req * // The default version is the version that is in effect for the IAM users, groups, // and roles to which the policy is attached. // -// For more information about managed policy versions, see Versioning for Managed -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) +// For more information about managed policy versions, see Versioning for managed +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1540,8 +1552,7 @@ func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req * // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -1614,9 +1625,9 @@ func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, o // CreateRole API operation for AWS Identity and Access Management. // // Creates a new role for your AWS account. For more information about roles, -// go to IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// For information about quotas for role names and the number of roles you can +// create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1629,8 +1640,7 @@ func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, o // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -1737,9 +1747,9 @@ func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *re // // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // -// For more information, see Enabling SAML 2.0 Federated Users to Access the +// For more information, see Enabling SAML 2.0 federated users to access the // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) -// and About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) +// and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1760,8 +1770,12 @@ func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -1839,7 +1853,7 @@ func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput // role, which could put your AWS resources into an unknown state. Allowing // the service to control the role helps improve service stability and proper // cleanup when a service and its role are no longer needed. For more information, -// see Using Service-Linked Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) +// see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) // in the IAM User Guide. // // To attach a policy to this service-linked role, you must make the request @@ -1859,8 +1873,7 @@ func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -1943,12 +1956,13 @@ func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecifi // You can have a maximum of two sets of service-specific credentials for each // supported service per user. // -// The only supported service at this time is AWS CodeCommit. +// You can create service-specific credentials for AWS CodeCommit and Amazon +// Keyspaces (for Apache Cassandra). // // You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential. // // For more information about service-specific credentials, see Using IAM with -// AWS CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) +// AWS CodeCommit: Git credentials, SSH keys, and AWS access keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1961,8 +1975,7 @@ func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecifi // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -2039,8 +2052,8 @@ func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, o // // Creates a new IAM user for your AWS account. // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about quotas for the number of IAM users you can create, +// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2053,8 +2066,7 @@ func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, o // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -2146,11 +2158,11 @@ func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) // Creates a new virtual MFA device for the AWS account. After creating the // virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. // For more information about creating and working with virtual MFA devices, -// go to Using a Virtual MFA Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) +// see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) // in the IAM User Guide. // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about the maximum number of MFA devices you can create, see +// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // The seed information contained in the QR code and the Base32 string should @@ -2169,13 +2181,21 @@ func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already // exists. // +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception // or failure. @@ -2251,7 +2271,7 @@ func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req * // the user name for which it was originally enabled. // // For more information about creating and working with virtual MFA devices, -// go to Enabling a Virtual Multi-factor Authentication (MFA) Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) +// see Enabling a virtual multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2274,8 +2294,7 @@ func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req * // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2370,8 +2389,7 @@ func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request. // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2445,7 +2463,7 @@ func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *re // DeleteAccountAlias API operation for AWS Identity and Access Management. // // Deletes the specified AWS account alias. For information about using an AWS -// account alias, see Using an Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) +// account alias, see Using an alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2462,8 +2480,7 @@ func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2552,8 +2569,7 @@ func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPol // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2647,8 +2663,7 @@ func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2726,7 +2741,7 @@ func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *requ // // A group can also have managed policies attached to it. To detach a managed // policy from a group, use DetachGroupPolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2743,8 +2758,7 @@ func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *requ // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2825,7 +2839,7 @@ func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (r // that is associated with a running instance will break any applications running // on the instance. // -// For more information about instance profiles, go to About Instance Profiles +// For more information about instance profiles, see About instance profiles // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2846,8 +2860,7 @@ func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (r // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -2923,6 +2936,11 @@ func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *re // Deletes the password for the specified IAM user, which terminates the user's // ability to access AWS services through the AWS Management Console. // +// You can use the AWS CLI, the AWS API, or the Users page in the IAM console +// to delete a password for any IAM user. You can use ChangePassword to update, +// but not delete, your own password in the My Security Credentials page in +// the AWS Management Console. +// // Deleting a user's password does not prevent a user from accessing AWS through // the command line interface or the API. To prevent all user access, you must // also either make any access keys inactive or delete them. For more information @@ -2948,8 +2966,7 @@ func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -3126,9 +3143,9 @@ func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Reques // for deleting a managed policy: // // * Detach the policy from all users, groups, and roles that the policy -// is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy -// API operations. To list all the users, groups, and roles that a policy -// is attached to, use ListEntitiesForPolicy. +// is attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy. +// To list all the users, groups, and roles that a policy is attached to, +// use ListEntitiesForPolicy. // // * Delete all versions of the policy using DeletePolicyVersion. To list // the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion @@ -3136,9 +3153,9 @@ func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Reques // the policy's default version in the next step of the process. // // * Delete the policy (this automatically deletes the policy's default version) -// using this API. +// using this operation. // -// For information about managed policies, see Managed Policies and Inline Policies +// For information about managed policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -3156,8 +3173,7 @@ func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -3240,12 +3256,12 @@ func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req * // // Deletes the specified version from the specified managed policy. // -// You cannot delete the default version from a policy using this API. To delete -// the default version from a policy, use DeletePolicy. To find out which version -// of a policy is marked as the default version, use ListPolicyVersions. +// You cannot delete the default version from a policy using this operation. +// To delete the default version from a policy, use DeletePolicy. To find out +// which version of a policy is marked as the default version, use ListPolicyVersions. // -// For information about versions for managed policies, see Versioning for Managed -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) +// For information about versions for managed policies, see Versioning for managed +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3262,8 +3278,7 @@ func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req * // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -3345,7 +3360,7 @@ func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, o // DeleteRole API operation for AWS Identity and Access Management. // // Deletes the specified role. The role must not have any policies attached. -// For more information about roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). // // Make sure that you do not have any Amazon EC2 instances running with the // role you are about to delete. Deleting a role or instance profile that is @@ -3370,8 +3385,7 @@ func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, o // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeUnmodifiableEntityException "UnmodifiableEntity" // The request was rejected because only the service that depends on the service-linked @@ -3555,7 +3569,7 @@ func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *reques // // A role can also have managed policies attached to it. To detach a managed // policy from a role, use DetachRolePolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3572,8 +3586,7 @@ func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeUnmodifiableEntityException "UnmodifiableEntity" // The request was rejected because only the service that depends on the service-linked @@ -3675,8 +3688,7 @@ func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -3758,7 +3770,7 @@ func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *re // The SSH public key deleted by this operation is used only for authenticating // the associated IAM user to an AWS CodeCommit repository. For more information // about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) +// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) // in the AWS CodeCommit User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3843,7 +3855,7 @@ func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput // Deletes the specified server certificate. // // For more information about working with server certificates, see Working -// with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) // in the IAM User Guide. This topic also includes a list of AWS services that // can use the server certificates that you manage with IAM. // @@ -3853,7 +3865,7 @@ func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput // continue to use the certificates. This could cause Elastic Load Balancing // to stop accepting traffic. We recommend that you remove the reference to // the certificate from Elastic Load Balancing before using this command to -// delete the certificate. For more information, go to DeleteLoadBalancerListeners +// delete the certificate. For more information, see DeleteLoadBalancerListeners // (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) // in the Elastic Load Balancing API Reference. // @@ -3875,8 +3887,7 @@ func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -3957,16 +3968,16 @@ func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput // // If you submit a deletion request for a service-linked role whose linked service // is still accessing a resource, then the deletion task fails. If it fails, -// the GetServiceLinkedRoleDeletionStatus API operation returns the reason for -// the failure, usually including the resources that must be deleted. To delete +// the GetServiceLinkedRoleDeletionStatus operation returns the reason for the +// failure, usually including the resources that must be deleted. To delete // the service-linked role, you must first remove those resources from the linked // service and then submit the deletion request again. Resources are specific // to the service that is linked to the role. For more information about removing // resources from a service, see the AWS documentation (http://docs.aws.amazon.com/) // for your service. // -// For more information about service-linked roles, see Roles Terms and Concepts: -// AWS Service-Linked Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) +// For more information about service-linked roles, see Roles terms and concepts: +// AWS service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3983,8 +3994,7 @@ func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -4160,8 +4170,7 @@ func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInp // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -4237,7 +4246,7 @@ func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, o // Deletes the specified IAM user. Unlike the AWS Management Console, when you // delete a user programmatically, you must delete the items attached to the // user manually, or the deletion fails. For more information, see Deleting -// an IAM User (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli). +// an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli). // Before attempting to delete a user, remove the following items: // // * Password (DeleteLoginProfile) @@ -4268,8 +4277,7 @@ func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, o // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -4449,7 +4457,7 @@ func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *reques // // A user can also have managed policies attached to it. To detach a managed // policy from a user, use DetachUserPolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4466,8 +4474,7 @@ func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -4563,8 +4570,7 @@ func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -4640,8 +4646,8 @@ func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *requ // Removes the specified managed policy from the specified IAM group. // // A group can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteGroupPolicy API. For information about policies, see -// Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// policy, use DeleteGroupPolicy. For information about policies, see Managed +// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4658,8 +4664,7 @@ func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *requ // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -4739,8 +4744,8 @@ func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *reques // Removes the specified managed policy from the specified role. // // A role can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteRolePolicy API. For information about policies, see -// Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// policy, use DeleteRolePolicy. For information about policies, see Managed +// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4757,8 +4762,7 @@ func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -4844,8 +4848,8 @@ func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *reques // Removes the specified managed policy from the specified user. // // A user can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteUserPolicy API. For information about policies, see -// Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// policy, use DeleteUserPolicy. For information about policies, see Managed +// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4862,8 +4866,7 @@ func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *reques // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -4968,8 +4971,7 @@ func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request. // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -5046,7 +5048,7 @@ func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInp // GenerateCredentialReport API operation for AWS Identity and Access Management. // // Generates a credential report for the AWS account. For more information about -// the credential report, see Getting Credential Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) +// the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5059,8 +5061,7 @@ func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInp // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -5137,11 +5138,11 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // unit, or account) or policies in your organization. // // To call this operation, you must be signed in using your AWS Organizations -// master account credentials. You can use your long-term IAM user or root user -// credentials, or temporary credentials from assuming an IAM role. SCPs must -// be enabled for your organization root. You must have the required IAM and -// AWS Organizations permissions. For more information, see Refining Permissions -// Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// management account credentials. You can use your long-term IAM user or root +// user credentials, or temporary credentials from assuming an IAM role. SCPs +// must be enabled for your organization root. You must have the required IAM +// and AWS Organizations permissions. For more information, see Refining permissions +// using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // You can generate a service last accessed data report for entities by specifying @@ -5156,7 +5157,7 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // account activity that the policy allows to account principals in the entity // or the entity's children. For important information about the data, reporting // period, permissions required, troubleshooting, and supported Regions see -// Reducing Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // The data includes all attempts to access AWS, not just the successful ones. @@ -5166,7 +5167,7 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // account has been compromised, because the request might have been denied. // Refer to your CloudTrail logs as the authoritative source for information // about all API calls and whether they were successful or denied access. For -// more information, see Logging IAM Events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) +// more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) // in the IAM User Guide. // // This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport @@ -5182,19 +5183,19 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // * Root – When you specify the organizations root as the entity, the // resulting report lists all of the services allowed by SCPs that are attached // to your root. For each service, the report includes data for all accounts -// in your organization except the master account, because the master account -// is not limited by SCPs. +// in your organization except the management account, because the management +// account is not limited by SCPs. // // * OU – When you specify an organizational unit (OU) as the entity, the // resulting report lists all of the services allowed by SCPs that are attached // to the OU and its parents. For each service, the report includes data -// for all accounts in the OU or its children. This data excludes the master -// account, because the master account is not limited by SCPs. +// for all accounts in the OU or its children. This data excludes the management +// account, because the management account is not limited by SCPs. // -// * Master account – When you specify the master account, the resulting -// report lists all AWS services, because the master account is not limited -// by SCPs. For each service, the report includes data for only the master -// account. +// * management account – When you specify the management account, the +// resulting report lists all AWS services, because the management account +// is not limited by SCPs. For each service, the report includes data for +// only the management account. // // * Account – When you specify another account as the entity, the resulting // report lists all of the services allowed by SCPs that are attached to @@ -5208,8 +5209,8 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // * Root – When you specify the root entity and a policy ID, the resulting // report lists all of the services that are allowed by the specified SCP. // For each service, the report includes data for all accounts in your organization -// to which the SCP applies. This data excludes the master account, because -// the master account is not limited by SCPs. If the SCP is not attached +// to which the SCP applies. This data excludes the management account, because +// the management account is not limited by SCPs. If the SCP is not attached // to any entities in the organization, then the report will return a list // of services with no data. // @@ -5218,14 +5219,16 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // For each service, the report includes data for all accounts in the OU // or its children to which the SCP applies. This means that other accounts // outside the OU that are affected by the SCP might not be included in the -// data. This data excludes the master account, because the master account -// is not limited by SCPs. If the SCP is not attached to the OU or one of -// its children, the report will return a list of services with no data. +// data. This data excludes the management account, because the management +// account is not limited by SCPs. If the SCP is not attached to the OU or +// one of its children, the report will return a list of services with no +// data. // -// * Master account – When you specify the master account, the resulting -// report lists all AWS services, because the master account is not limited -// by SCPs. If you specify a policy ID in the CLI or API, the policy is ignored. -// For each service, the report includes data for only the master account. +// * management account – When you specify the management account, the +// resulting report lists all AWS services, because the management account +// is not limited by SCPs. If you specify a policy ID in the CLI or API, +// the policy is ignored. For each service, the report includes data for +// only the management account. // // * Account – When you specify another account entity and a policy ID, // the resulting report lists all of the services that are allowed by the @@ -5239,12 +5242,12 @@ func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizati // whether a principal could access a service. These other policy types include // identity-based policies, resource-based policies, access control lists, IAM // permissions boundaries, and STS assume role policies. It only applies SCP -// logic. For more about the evaluation of policy types, see Evaluating Policies +// logic. For more about the evaluation of policy types, see Evaluating policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) // in the IAM User Guide. // -// For more information about service last accessed data, see Reducing Policy -// Scope by Viewing User Activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// For more information about service last accessed data, see Reducing policy +// scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5329,7 +5332,7 @@ func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLa // group, role, or policy) was last used in an attempt to access AWS services. // Recent activity usually appears within four hours. IAM reports activity for // the last 365 days, or less if your Region began supporting this feature within -// the last year. For more information, see Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period). +// the last year. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period). // // The service last accessed data includes all attempts to access an AWS API, // not just the successful ones. This includes all attempts that were made using @@ -5338,7 +5341,7 @@ func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLa // data does not mean that your account has been compromised, because the request // might have been denied. Refer to your CloudTrail logs as the authoritative // source for information about all API calls and whether they were successful -// or denied access. For more information, see Logging IAM Events with CloudTrail +// or denied access. For more information, see Logging IAM events with CloudTrail // (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) // in the IAM User Guide. // @@ -5370,11 +5373,11 @@ func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLa // resource-based policies, access control lists, AWS Organizations policies, // IAM permissions boundaries, and AWS STS assume role policies. It only applies // permissions policy logic. For more about the evaluation of policy types, -// see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) +// see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) // in the IAM User Guide. // // For more information about service and action last accessed data, see Reducing -// Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5544,14 +5547,14 @@ func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizati // // Retrieves information about all IAM users, groups, roles, and policies in // your AWS account, including their relationships to one another. Use this -// API to obtain a snapshot of the configuration of IAM permissions (users, +// operation to obtain a snapshot of the configuration of IAM permissions (users, // groups, roles, and policies) in your account. // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // You can optionally filter the results using the Filter parameter. You can // paginate the results using the MaxItems and Marker parameters. @@ -5686,8 +5689,10 @@ func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInp // GetAccountPasswordPolicy API operation for AWS Identity and Access Management. // -// Retrieves the password policy for the AWS account. For more information about -// using a password policy, go to Managing an IAM Password Policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html). +// Retrieves the password policy for the AWS account. This tells you the complexity +// requirements and mandatory rotation periods for the IAM user passwords in +// your account. For more information about using a password policy, see Managing +// an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5773,8 +5778,7 @@ func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *requ // // Retrieves information about IAM entity usage and IAM quotas in the AWS account. // -// The number and size of IAM resources in an AWS account are limited. For more -// information, see IAM and STS Quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) +// For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5953,9 +5957,9 @@ func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPr // as strings. If you want to include only a list of policies by string, use // GetContextKeysForCustomPolicy instead. // -// Note: This API discloses information about the permissions granted to other -// users. If you do not want users to see other user's permissions, then consider -// allowing them to use GetContextKeysForCustomPolicy instead. +// Note: This operation discloses information about the permissions granted +// to other users. If you do not want users to see other user's permissions, +// then consider allowing them to use GetContextKeysForCustomPolicy instead. // // Context keys are variables maintained by AWS and its services that provide // details about the context of an API query request. Context keys can be evaluated @@ -6045,7 +6049,7 @@ func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req * // GetCredentialReport API operation for AWS Identity and Access Management. // // Retrieves a credential report for the AWS account. For more information about -// the credential report, see Getting Credential Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) +// the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6063,7 +6067,7 @@ func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req * // * ErrCodeCredentialReportExpiredException "ReportExpired" // The request was rejected because the most recent credential report has expired. // To generate a new credential report, use GenerateCredentialReport. For more -// information about credential report expiration, see Getting Credential Reports +// information about credential report expiration, see Getting credential reports // (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) // in the IAM User Guide. // @@ -6286,18 +6290,18 @@ func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Re // Retrieves the specified inline policy document that is embedded in the specified // IAM group. // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // An IAM group can also have managed policies attached to it. To retrieve a // managed policy document that is attached to a group, use GetPolicy to determine // the policy's default version, then use GetPolicyVersion to retrieve the policy // document. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -6385,7 +6389,7 @@ func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *re // // Retrieves information about the specified instance profile, including the // instance profile's path, GUID, ARN, and role. For more information about -// instance profiles, see About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html) +// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6470,7 +6474,7 @@ func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request. // GetLoginProfile API operation for AWS Identity and Access Management. // -// Retrieves the user name and password-creation date for the specified IAM +// Retrieves the user name and password creation date for the specified IAM // user. If the user has not been assigned a password, the operation returns // a 404 (NoSuchEntity) error. // @@ -6652,10 +6656,10 @@ func (c *IAM) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessR // Depending on the parameters that you passed when you generated the report, // the data returned could include different information. For details, see GenerateOrganizationsAccessReport. // -// To call this operation, you must be signed in to the master account in your -// organization. SCPs must be enabled for your organization root. You must have -// permissions to perform this operation. For more information, see Refining -// Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// To call this operation, you must be signed in to the management account in +// your organization. SCPs must be enabled for your organization root. You must +// have permissions to perform this operation. For more information, see Refining +// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // For each service that principals in an account (root users, IAM users, or @@ -6747,15 +6751,15 @@ func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, out // Retrieves information about the specified managed policy, including the policy's // default version and the total number of IAM users, groups, and roles to which // the policy is attached. To retrieve the list of the specific users, groups, -// and roles that the policy is attached to, use the ListEntitiesForPolicy API. -// This API returns metadata about the policy. To retrieve the actual policy +// and roles that the policy is attached to, use ListEntitiesForPolicy. This +// operation returns metadata about the policy. To retrieve the actual policy // document for a specific version of the policy, use GetPolicyVersion. // -// This API retrieves information about managed policies. To retrieve information -// about an inline policy that is embedded with an IAM user, group, or role, -// use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. +// This operation retrieves information about managed policies. To retrieve +// information about an inline policy that is embedded with an IAM user, group, +// or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -6848,24 +6852,24 @@ func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *reques // Retrieves information about the specified version of the specified managed // policy, including the policy document. // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // To list the available versions for a policy, use ListPolicyVersions. // -// This API retrieves information about managed policies. To retrieve information -// about an inline policy that is embedded in a user, group, or role, use the -// GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. +// This operation retrieves information about managed policies. To retrieve +// information about an inline policy that is embedded in a user, group, or +// role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy. // -// For more information about the types of policies, see Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about the types of policies, see Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // -// For more information about managed policy versions, see Versioning for Managed -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) +// For more information about managed policy versions, see Versioning for managed +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6956,13 +6960,13 @@ func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output // // Retrieves information about the specified role, including the role's path, // GUID, ARN, and the role's trust policy that grants permission to assume the -// role. For more information about roles, see Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// role. For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7049,23 +7053,23 @@ func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Requ // Retrieves the specified inline policy document that is embedded with the // specified IAM role. // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // An IAM role can also have managed policies attached to it. To retrieve a // managed policy document that is attached to a role, use GetPolicy to determine // the policy's default version, then use GetPolicyVersion to retrieve the policy // document. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // -// For more information about roles, see Using Roles to Delegate Permissions -// and Federate Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). +// For more information about roles, see Using roles to delegate permissions +// and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7245,7 +7249,7 @@ func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request. // The SSH public key retrieved by this operation is used only for authenticating // the associated IAM user to an AWS CodeCommit repository. For more information // about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) +// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) // in the AWS CodeCommit User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -7333,7 +7337,7 @@ func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req // Retrieves information about the specified server certificate stored in IAM. // // For more information about working with server certificates, see Working -// with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) // in the IAM User Guide. This topic includes a list of AWS services that can // use the server certificates that you manage with IAM. // @@ -7430,7 +7434,7 @@ func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessed // resource-based policies, access control lists, AWS Organizations policies, // IAM permissions boundaries, and AWS STS assume role policies. It only applies // permissions policy logic. For more about the evaluation of policy types, -// see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) +// see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) // in the IAM User Guide. // // For each service that the resource could access using permissions policies, @@ -7463,7 +7467,7 @@ func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessed // Otherwise, this operation returns only service data. // // For more information about service and action last accessed data, see Reducing -// Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) +// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -7654,8 +7658,8 @@ func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedR // GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management. // // Retrieves the status of your service-linked role deletion. After you use -// the DeleteServiceLinkedRole API operation to submit a service-linked role -// for deletion, you can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus +// DeleteServiceLinkedRole to submit a service-linked role for deletion, you +// can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus // to check the status of the deletion. If the deletion fails, this operation // returns the reason that it failed, if that information is returned by the // service. @@ -7750,7 +7754,7 @@ func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output // creation date, path, unique ID, and ARN. // // If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID used to sign the request to this API. +// based on the AWS access key ID used to sign the request to this operation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7837,18 +7841,18 @@ func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Requ // Retrieves the specified inline policy document that is embedded in the specified // IAM user. // -// Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). -// You can use a URL decoding method to convert the policy back to plain JSON -// text. For example, if you use Java, you can use the decode method of the -// java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs -// provide similar functionality. +// Policies returned by this operation are URL-encoded compliant with RFC 3986 +// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method +// to convert the policy back to plain JSON text. For example, if you use Java, +// you can use the decode method of the java.net.URLDecoder utility class in +// the Java SDK. Other languages and SDKs provide similar functionality. // // An IAM user can also have managed policies attached to it. To retrieve a // managed policy document that is attached to a user, use GetPolicy to determine // the policy's default version. Then use GetPolicyVersion to retrieve the policy // document. // -// For more information about policies, see Managed Policies and Inline Policies +// For more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -8097,7 +8101,7 @@ func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *re // // Lists the account alias associated with the AWS account (Note: you can have // only one). For information about using an AWS account alias, see Using an -// Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) +// alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8239,8 +8243,8 @@ func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesI // Lists all managed policies that are attached to the specified IAM group. // // An IAM group can also have inline policies embedded with it. To list the -// inline policies for a group, use the ListGroupPolicies API. For information -// about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// inline policies for a group, use ListGroupPolicies. For information about +// policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // You can paginate the results using the MaxItems and Marker parameters. You @@ -8396,8 +8400,8 @@ func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInp // Lists all managed policies that are attached to the specified IAM role. // // An IAM role can also have inline policies embedded with it. To list the inline -// policies for a role, use the ListRolePolicies API. For information about -// policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// policies for a role, use ListRolePolicies. For information about policies, +// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // You can paginate the results using the MaxItems and Marker parameters. You @@ -8553,8 +8557,8 @@ func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInp // Lists all managed policies that are attached to the specified IAM user. // // An IAM user can also have inline policies embedded with it. To list the inline -// policies for a user, use the ListUserPolicies API. For information about -// policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// policies for a user, use ListUserPolicies. For information about policies, +// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // You can paginate the results using the MaxItems and Marker parameters. You @@ -8866,7 +8870,7 @@ func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *requ // // An IAM group can also have managed policies attached to it. To list the managed // policies that are attached to a group, use ListAttachedGroupPolicies. For -// more information about policies, see Managed Policies and Inline Policies +// more information about policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -9248,6 +9252,93 @@ func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGrou return p.Err() } +const opListInstanceProfileTags = "ListInstanceProfileTags" + +// ListInstanceProfileTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListInstanceProfileTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListInstanceProfileTags for more information on using the ListInstanceProfileTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListInstanceProfileTagsRequest method. +// req, resp := client.ListInstanceProfileTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags +func (c *IAM) ListInstanceProfileTagsRequest(input *ListInstanceProfileTagsInput) (req *request.Request, output *ListInstanceProfileTagsOutput) { + op := &request.Operation{ + Name: opListInstanceProfileTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListInstanceProfileTagsInput{} + } + + output = &ListInstanceProfileTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListInstanceProfileTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified IAM instance profile. The +// returned list of tags is sorted by tag key. For more information about tagging, +// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListInstanceProfileTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags +func (c *IAM) ListInstanceProfileTags(input *ListInstanceProfileTagsInput) (*ListInstanceProfileTagsOutput, error) { + req, out := c.ListInstanceProfileTagsRequest(input) + return out, req.Send() +} + +// ListInstanceProfileTagsWithContext is the same as ListInstanceProfileTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListInstanceProfileTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListInstanceProfileTagsWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, opts ...request.Option) (*ListInstanceProfileTagsOutput, error) { + req, out := c.ListInstanceProfileTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListInstanceProfiles = "ListInstanceProfiles" // ListInstanceProfilesRequest generates a "aws/request.Request" representing the @@ -9300,7 +9391,12 @@ func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req // // Lists the instance profiles that have the specified path prefix. If there // are none, the operation returns an empty list. For more information about -// instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). +// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). +// +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for an instance profile, see GetInstanceProfile. // // You can paginate the results using the MaxItems and Marker parameters. // @@ -9442,7 +9538,7 @@ func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForR // // Lists the instance profiles that have the specified associated IAM role. // If there are none, the operation returns an empty list. For more information -// about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). +// about instance profiles, go to About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). // // You can paginate the results using the MaxItems and Marker parameters. // @@ -9536,6 +9632,97 @@ func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input return p.Err() } +const opListMFADeviceTags = "ListMFADeviceTags" + +// ListMFADeviceTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListMFADeviceTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListMFADeviceTags for more information on using the ListMFADeviceTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListMFADeviceTagsRequest method. +// req, resp := client.ListMFADeviceTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags +func (c *IAM) ListMFADeviceTagsRequest(input *ListMFADeviceTagsInput) (req *request.Request, output *ListMFADeviceTagsOutput) { + op := &request.Operation{ + Name: opListMFADeviceTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListMFADeviceTagsInput{} + } + + output = &ListMFADeviceTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListMFADeviceTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified IAM virtual multi-factor +// authentication (MFA) device. The returned list of tags is sorted by tag key. +// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListMFADeviceTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags +func (c *IAM) ListMFADeviceTags(input *ListMFADeviceTagsInput) (*ListMFADeviceTagsOutput, error) { + req, out := c.ListMFADeviceTagsRequest(input) + return out, req.Send() +} + +// ListMFADeviceTagsWithContext is the same as ListMFADeviceTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListMFADeviceTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListMFADeviceTagsWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, opts ...request.Option) (*ListMFADeviceTagsOutput, error) { + req, out := c.ListMFADeviceTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListMFADevices = "ListMFADevices" // ListMFADevicesRequest generates a "aws/request.Request" representing the @@ -9589,7 +9776,7 @@ func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Re // Lists the MFA devices for an IAM user. If the request includes a IAM user // name, then this operation lists all the MFA devices associated with the specified // user. If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID signing the request for this API. +// based on the AWS access key ID signing the request for this operation. // // You can paginate the results using the MaxItems and Marker parameters. // @@ -9683,6 +9870,99 @@ func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevi return p.Err() } +const opListOpenIDConnectProviderTags = "ListOpenIDConnectProviderTags" + +// ListOpenIDConnectProviderTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListOpenIDConnectProviderTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListOpenIDConnectProviderTags for more information on using the ListOpenIDConnectProviderTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListOpenIDConnectProviderTagsRequest method. +// req, resp := client.ListOpenIDConnectProviderTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags +func (c *IAM) ListOpenIDConnectProviderTagsRequest(input *ListOpenIDConnectProviderTagsInput) (req *request.Request, output *ListOpenIDConnectProviderTagsOutput) { + op := &request.Operation{ + Name: opListOpenIDConnectProviderTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListOpenIDConnectProviderTagsInput{} + } + + output = &ListOpenIDConnectProviderTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListOpenIDConnectProviderTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible +// identity provider. The returned list of tags is sorted by tag key. For more +// information, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). +// +// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListOpenIDConnectProviderTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags +func (c *IAM) ListOpenIDConnectProviderTags(input *ListOpenIDConnectProviderTagsInput) (*ListOpenIDConnectProviderTagsOutput, error) { + req, out := c.ListOpenIDConnectProviderTagsRequest(input) + return out, req.Send() +} + +// ListOpenIDConnectProviderTagsWithContext is the same as ListOpenIDConnectProviderTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListOpenIDConnectProviderTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListOpenIDConnectProviderTagsWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, opts ...request.Option) (*ListOpenIDConnectProviderTagsOutput, error) { + req, out := c.ListOpenIDConnectProviderTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListOpenIDConnectProviders = "ListOpenIDConnectProviders" // ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the @@ -9730,6 +10010,11 @@ func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvider // Lists information about the IAM OpenID Connect (OIDC) provider resource objects // defined in the AWS account. // +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for an OIDC provider, see GetOpenIDConnectProvider. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -9824,10 +10109,15 @@ func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Reques // // You can paginate the results using the MaxItems and Marker parameters. // -// For more information about managed policies, see Managed Policies and Inline -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, see Managed policies and inline +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for a customer manged policy, see GetPolicy. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -9966,7 +10256,7 @@ func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGranti // policies, access control lists, AWS Organizations policies, IAM permissions // boundaries, and AWS STS assume role policies. It only applies permissions // policy logic. For more about the evaluation of policy types, see Evaluating -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) // in the IAM User Guide. // // The list of policies returned by the operation depends on the ARN of the @@ -9987,7 +10277,7 @@ func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGranti // For each managed policy, this operation returns the ARN and policy name. // For each inline policy, it returns the policy name and the entity to which // it is attached. Inline policies do not have an ARN. For more information -// about these policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) +// about these policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) // in the IAM User Guide. // // Policies that are attached to users and roles as permissions boundaries are @@ -10032,6 +10322,97 @@ func (c *IAM) ListPoliciesGrantingServiceAccessWithContext(ctx aws.Context, inpu return out, req.Send() } +const opListPolicyTags = "ListPolicyTags" + +// ListPolicyTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListPolicyTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListPolicyTags for more information on using the ListPolicyTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListPolicyTagsRequest method. +// req, resp := client.ListPolicyTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags +func (c *IAM) ListPolicyTagsRequest(input *ListPolicyTagsInput) (req *request.Request, output *ListPolicyTagsOutput) { + op := &request.Operation{ + Name: opListPolicyTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListPolicyTagsInput{} + } + + output = &ListPolicyTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListPolicyTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified IAM customer managed policy. +// The returned list of tags is sorted by tag key. For more information about +// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListPolicyTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags +func (c *IAM) ListPolicyTags(input *ListPolicyTagsInput) (*ListPolicyTagsOutput, error) { + req, out := c.ListPolicyTagsRequest(input) + return out, req.Send() +} + +// ListPolicyTagsWithContext is the same as ListPolicyTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListPolicyTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListPolicyTagsWithContext(ctx aws.Context, input *ListPolicyTagsInput, opts ...request.Option) (*ListPolicyTagsOutput, error) { + req, out := c.ListPolicyTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListPolicyVersions = "ListPolicyVersions" // ListPolicyVersionsRequest generates a "aws/request.Request" representing the @@ -10085,8 +10466,8 @@ func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *re // Lists information about the versions of the specified managed policy, including // the version that is currently set as the policy's default version. // -// For more information about managed policies, see Managed Policies and Inline -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, see Managed policies and inline +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10238,7 +10619,7 @@ func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *reques // // An IAM role can also have managed policies attached to it. To list the managed // policies that are attached to a role, use ListAttachedRolePolicies. For more -// information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // You can paginate the results using the MaxItems and Marker parameters. If @@ -10381,7 +10762,7 @@ func (c *IAM) ListRoleTagsRequest(input *ListRoleTagsInput) (req *request.Reques // // Lists the tags that are attached to the specified role. The returned list // of tags is sorted by tag key. For more information about tagging, see Tagging -// IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10473,8 +10854,13 @@ func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, out // ListRoles API operation for AWS Identity and Access Management. // // Lists the IAM roles that have the specified path prefix. If there are none, -// the operation returns an empty list. For more information about roles, go -// to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// the operation returns an empty list. For more information about roles, see +// Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for a role, see GetRole. // // You can paginate the results using the MaxItems and Marker parameters. // @@ -10564,6 +10950,99 @@ func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, return p.Err() } +const opListSAMLProviderTags = "ListSAMLProviderTags" + +// ListSAMLProviderTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListSAMLProviderTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListSAMLProviderTags for more information on using the ListSAMLProviderTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListSAMLProviderTagsRequest method. +// req, resp := client.ListSAMLProviderTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags +func (c *IAM) ListSAMLProviderTagsRequest(input *ListSAMLProviderTagsInput) (req *request.Request, output *ListSAMLProviderTagsOutput) { + op := &request.Operation{ + Name: opListSAMLProviderTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListSAMLProviderTagsInput{} + } + + output = &ListSAMLProviderTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListSAMLProviderTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified Security Assertion Markup +// Language (SAML) identity provider. The returned list of tags is sorted by +// tag key. For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html). +// +// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListSAMLProviderTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags +func (c *IAM) ListSAMLProviderTags(input *ListSAMLProviderTagsInput) (*ListSAMLProviderTagsOutput, error) { + req, out := c.ListSAMLProviderTagsRequest(input) + return out, req.Send() +} + +// ListSAMLProviderTagsWithContext is the same as ListSAMLProviderTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListSAMLProviderTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListSAMLProviderTagsWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, opts ...request.Option) (*ListSAMLProviderTagsOutput, error) { + req, out := c.ListSAMLProviderTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListSAMLProviders = "ListSAMLProviders" // ListSAMLProvidersRequest generates a "aws/request.Request" representing the @@ -10608,7 +11087,11 @@ func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *requ // ListSAMLProviders API operation for AWS Identity and Access Management. // -// Lists the SAML provider resource objects defined in IAM in the account. +// Lists the SAML provider resource objects defined in IAM in the account. IAM +// resource-listing operations return a subset of the available attributes for +// the resource. For example, this operation does not return tags, even though +// they are an attribute of the returned object. To view all of the information +// for a SAML provider, see GetSAMLProvider. // // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // @@ -10702,7 +11185,7 @@ func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *requ // The SSH public keys returned by this operation are used only for authenticating // the IAM user to an AWS CodeCommit repository. For more information about // using SSH keys to authenticate to an AWS CodeCommit repository, see Set up -// AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) +// AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) // in the AWS CodeCommit User Guide. // // Although each user is limited to a small number of keys, you can still paginate @@ -10794,6 +11277,99 @@ func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHP return p.Err() } +const opListServerCertificateTags = "ListServerCertificateTags" + +// ListServerCertificateTagsRequest generates a "aws/request.Request" representing the +// client's request for the ListServerCertificateTags operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListServerCertificateTags for more information on using the ListServerCertificateTags +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListServerCertificateTagsRequest method. +// req, resp := client.ListServerCertificateTagsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags +func (c *IAM) ListServerCertificateTagsRequest(input *ListServerCertificateTagsInput) (req *request.Request, output *ListServerCertificateTagsOutput) { + op := &request.Operation{ + Name: opListServerCertificateTags, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListServerCertificateTagsInput{} + } + + output = &ListServerCertificateTagsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListServerCertificateTags API operation for AWS Identity and Access Management. +// +// Lists the tags that are attached to the specified IAM server certificate. +// The returned list of tags is sorted by tag key. For more information about +// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// For certificates in a Region supported by AWS Certificate Manager (ACM), +// we recommend that you don't use IAM server certificates. Instead, use ACM +// to provision, manage, and deploy your server certificates. For more information +// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation ListServerCertificateTags for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags +func (c *IAM) ListServerCertificateTags(input *ListServerCertificateTagsInput) (*ListServerCertificateTagsOutput, error) { + req, out := c.ListServerCertificateTagsRequest(input) + return out, req.Send() +} + +// ListServerCertificateTagsWithContext is the same as ListServerCertificateTags with the addition of +// the ability to pass a context and additional request options. +// +// See ListServerCertificateTags for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) ListServerCertificateTagsWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, opts ...request.Option) (*ListServerCertificateTagsOutput, error) { + req, out := c.ListServerCertificateTagsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListServerCertificates = "ListServerCertificates" // ListServerCertificatesRequest generates a "aws/request.Request" representing the @@ -10850,10 +11426,15 @@ func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) // You can paginate the results using the MaxItems and Marker parameters. // // For more information about working with server certificates, see Working -// with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) // in the IAM User Guide. This topic also includes a list of AWS services that // can use the server certificates that you manage with IAM. // +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for a servercertificate, see GetServerCertificate. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -10989,7 +11570,7 @@ func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCr // The service-specific credentials returned by this operation are used only // for authenticating the IAM user to a specific service. For more information // about using service-specific credentials to authenticate to an AWS service, -// see Set Up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) +// see Set up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) // in the AWS CodeCommit User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11086,10 +11667,10 @@ func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput // you can still paginate the results using the MaxItems and Marker parameters. // // If the UserName field is not specified, the user name is determined implicitly -// based on the AWS access key ID used to sign the request for this API. This -// operation works for access keys under the AWS account. Consequently, you -// can use this operation to manage AWS account root user credentials even if -// the AWS account has no associated users. +// based on the AWS access key ID used to sign the request for this operation. +// This operation works for access keys under the AWS account. Consequently, +// you can use this operation to manage AWS account root user credentials even +// if the AWS account has no associated users. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11235,7 +11816,7 @@ func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *reques // // An IAM user can also have managed policies attached to it. To list the managed // policies that are attached to a user, use ListAttachedUserPolicies. For more -// information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // // You can paginate the results using the MaxItems and Marker parameters. If @@ -11376,9 +11957,9 @@ func (c *IAM) ListUserTagsRequest(input *ListUserTagsInput) (req *request.Reques // ListUserTags API operation for AWS Identity and Access Management. // -// Lists the tags that are attached to the specified user. The returned list -// of tags is sorted by tag key. For more information about tagging, see Tagging -// IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// Lists the tags that are attached to the specified IAM user. The returned +// list of tags is sorted by tag key. For more information about tagging, see +// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11473,6 +12054,11 @@ func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, out // is specified, the operation returns all users in the AWS account. If there // are none, the operation returns an empty list. // +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for a user, see GetUser. +// // You can paginate the results using the MaxItems and Marker parameters. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11616,6 +12202,11 @@ func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (r // of all virtual MFA devices. Assignment status can be Assigned, Unassigned, // or Any. // +// IAM resource-listing operations return a subset of the available attributes +// for the resource. For example, this operation does not return tags, even +// though they are an attribute of the returned object. To view all of the information +// for a virtual MFA device, see ListVirtualMFADevices. +// // You can paginate the results using the MaxItems and Marker parameters. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11748,17 +12339,17 @@ func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Re // // A user can also have managed policies attached to it. To attach a managed // policy to a group, use AttachGroupPolicy. To create a new managed policy, -// use CreatePolicy. For information about policies, see Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// use CreatePolicy. For information about policies, see Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // -// For information about limits on the number of inline policies that you can -// embed in a group, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) +// For information about the maximum number of inline policies that you can +// embed in a group, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Because policy documents can be large, you should use POST rather than GET // when calling PutGroupPolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) +// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11771,8 +12362,7 @@ func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Re // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" // The request was rejected because the policy document was malformed. The error @@ -11863,7 +12453,7 @@ func (c *IAM) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundar // // Policies used as permissions boundaries do not provide permissions. You must // also attach a permissions policy to the role. To learn how the effective -// permissions for a role are evaluated, see IAM JSON Policy Evaluation Logic +// permissions for a role are evaluated, see IAM JSON policy evaluation logic // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) // in the IAM User Guide. // @@ -11971,21 +12561,21 @@ func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Requ // of the role's access (permissions) policy. The role's trust policy is created // at the same time as the role, using CreateRole. You can update a role's trust // policy using UpdateAssumeRolePolicy. For more information about IAM roles, -// go to Using Roles to Delegate Permissions and Federate Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). +// see Using roles to delegate permissions and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). // // A role can also have a managed policy attached to it. To attach a managed // policy to a role, use AttachRolePolicy. To create a new managed policy, use -// CreatePolicy. For information about policies, see Managed Policies and Inline -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// CreatePolicy. For information about policies, see Managed policies and inline +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // -// For information about limits on the number of inline policies that you can -// embed with a role, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) +// For information about the maximum number of inline policies that you can +// embed with a role, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Because policy documents can be large, you should use POST rather than GET // when calling PutRolePolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) +// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11998,8 +12588,7 @@ func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Requ // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" // The request was rejected because the policy document was malformed. The error @@ -12094,7 +12683,7 @@ func (c *IAM) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundar // // Policies that are used as permissions boundaries do not provide permissions. // You must also attach a permissions policy to the user. To learn how the effective -// permissions for a user are evaluated, see IAM JSON Policy Evaluation Logic +// permissions for a user are evaluated, see IAM JSON policy evaluation logic // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) // in the IAM User Guide. // @@ -12194,17 +12783,17 @@ func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Requ // // An IAM user can also have a managed policy attached to it. To attach a managed // policy to a user, use AttachUserPolicy. To create a new managed policy, use -// CreatePolicy. For information about policies, see Managed Policies and Inline -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// CreatePolicy. For information about policies, see Managed policies and inline +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // -// For information about limits on the number of inline policies that you can -// embed in a user, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) +// For information about the maximum number of inline policies that you can +// embed in a user, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Because policy documents can be large, you should use POST rather than GET // when calling PutUserPolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) +// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12217,8 +12806,7 @@ func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Requ // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" // The request was rejected because the policy document was malformed. The error @@ -12400,8 +12988,8 @@ func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstance // an instance profile that is associated with a running instance might break // any applications running on the instance. // -// For more information about IAM roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// For more information about instance profiles, go to About Instance Profiles +// For more information about IAM roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). +// For more information about instance profiles, see About instance profiles // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12418,8 +13006,7 @@ func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstance // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeUnmodifiableEntityException "UnmodifiableEntity" // The request was rejected because only the service that depends on the service-linked @@ -12514,8 +13101,7 @@ func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req * // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -12675,7 +13261,7 @@ func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request. // AWS servers. // // For more information about creating and working with virtual MFA devices, -// go to Using a Virtual MFA Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) +// see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12696,8 +13282,7 @@ func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request. // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -12775,9 +13360,9 @@ func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput // // This operation affects all users, groups, and roles that the policy is attached // to. To list the users, groups, and roles that the policy is attached to, -// use the ListEntitiesForPolicy API. +// use ListEntitiesForPolicy. // -// For information about managed policies, see Managed Policies and Inline Policies +// For information about managed policies, see Managed policies and inline policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. // @@ -12799,8 +13384,7 @@ func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -12880,7 +13464,7 @@ func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenS // and all STS requests go to a single endpoint at https://sts.amazonaws.com. // AWS recommends using Regional STS endpoints to reduce latency, build in redundancy, // and increase session token availability. For information about Regional endpoints -// for STS, see AWS Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region) +// for STS, see AWS AWS Security Token Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/sts.html) // in the AWS General Reference. // // If you make an STS call to the global endpoint, the resulting session tokens @@ -12889,8 +13473,8 @@ func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenS // that are available by default. These tokens do not work in manually enabled // Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid in // all Regions. However, version 2 tokens are longer and might affect systems -// where you temporarily store tokens. For information, see Activating and Deactivating -// STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// where you temporarily store tokens. For information, see Activating and deactivating +// STS in an AWS region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // To view the current session token version, see the GlobalEndpointTokenVersion @@ -12985,7 +13569,8 @@ func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req // effective permissions. The policies are provided as strings. // // The simulation does not perform the API operations; it only checks the authorization -// to determine if the simulated policies allow or deny the operations. +// to determine if the simulated policies allow or deny the operations. You +// can simulate resources that don't exist in your account. // // If you want to simulate existing policies that are attached to an IAM user, // group, or role, use SimulatePrincipalPolicy instead. @@ -12999,6 +13584,10 @@ func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req // If the output is long, you can use MaxItems and Marker parameters to paginate // the results. // +// For more information about using the policy simulator, see Testing IAM policies +// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in +// the IAM User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -13143,7 +13732,8 @@ func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput // list of API operations and AWS resources to determine the policies' effective // permissions. The entity can be an IAM user, group, or role. If you specify // a user, then the simulation also includes all of the policies that are attached -// to groups that the user belongs to. +// to groups that the user belongs to. You can simulate resources that don't +// exist in your account. // // You can optionally include a list of one or more additional policies specified // as strings to include in the simulation. If you want to simulate only policies @@ -13155,9 +13745,9 @@ func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput // The simulation does not perform the API operations; it only checks the authorization // to determine if the simulated policies allow or deny the operations. // -// Note: This API discloses information about the permissions granted to other -// users. If you do not want users to see other user's permissions, then consider -// allowing them to use SimulateCustomPolicy instead. +// Note: This operation discloses information about the permissions granted +// to other users. If you do not want users to see other user's permissions, +// then consider allowing them to use SimulateCustomPolicy instead. // // Context keys are variables maintained by AWS and its services that provide // details about the context of an API query request. You can use the Condition @@ -13167,6 +13757,10 @@ func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput // If the output is long, you can use the MaxItems and Marker parameters to // paginate the results. // +// For more information about using the policy simulator, see Testing IAM policies +// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in +// the IAM User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -13261,6 +13855,506 @@ func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *Si return p.Err() } +const opTagInstanceProfile = "TagInstanceProfile" + +// TagInstanceProfileRequest generates a "aws/request.Request" representing the +// client's request for the TagInstanceProfile operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagInstanceProfile for more information on using the TagInstanceProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagInstanceProfileRequest method. +// req, resp := client.TagInstanceProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile +func (c *IAM) TagInstanceProfileRequest(input *TagInstanceProfileInput) (req *request.Request, output *TagInstanceProfileOutput) { + op := &request.Operation{ + Name: opTagInstanceProfile, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagInstanceProfileInput{} + } + + output = &TagInstanceProfileOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagInstanceProfile API operation for AWS Identity and Access Management. +// +// Adds one or more tags to an IAM instance profile. If a tag with the same +// key name already exists, then that tag is overwritten with the new value. +// +// Each tag consists of a key name and an associated value. By assigning tags +// to your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an IAM instance profile that +// has a specified tag attached. For examples of policies that show how to +// use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagInstanceProfile for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile +func (c *IAM) TagInstanceProfile(input *TagInstanceProfileInput) (*TagInstanceProfileOutput, error) { + req, out := c.TagInstanceProfileRequest(input) + return out, req.Send() +} + +// TagInstanceProfileWithContext is the same as TagInstanceProfile with the addition of +// the ability to pass a context and additional request options. +// +// See TagInstanceProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagInstanceProfileWithContext(ctx aws.Context, input *TagInstanceProfileInput, opts ...request.Option) (*TagInstanceProfileOutput, error) { + req, out := c.TagInstanceProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagMFADevice = "TagMFADevice" + +// TagMFADeviceRequest generates a "aws/request.Request" representing the +// client's request for the TagMFADevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagMFADevice for more information on using the TagMFADevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagMFADeviceRequest method. +// req, resp := client.TagMFADeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice +func (c *IAM) TagMFADeviceRequest(input *TagMFADeviceInput) (req *request.Request, output *TagMFADeviceOutput) { + op := &request.Operation{ + Name: opTagMFADevice, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagMFADeviceInput{} + } + + output = &TagMFADeviceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagMFADevice API operation for AWS Identity and Access Management. +// +// Adds one or more tags to an IAM virtual multi-factor authentication (MFA) +// device. If a tag with the same key name already exists, then that tag is +// overwritten with the new value. +// +// A tag consists of a key name and an associated value. By assigning tags to +// your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an IAM virtual MFA device +// that has a specified tag attached. For examples of policies that show +// how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagMFADevice for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice +func (c *IAM) TagMFADevice(input *TagMFADeviceInput) (*TagMFADeviceOutput, error) { + req, out := c.TagMFADeviceRequest(input) + return out, req.Send() +} + +// TagMFADeviceWithContext is the same as TagMFADevice with the addition of +// the ability to pass a context and additional request options. +// +// See TagMFADevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagMFADeviceWithContext(ctx aws.Context, input *TagMFADeviceInput, opts ...request.Option) (*TagMFADeviceOutput, error) { + req, out := c.TagMFADeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagOpenIDConnectProvider = "TagOpenIDConnectProvider" + +// TagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the +// client's request for the TagOpenIDConnectProvider operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagOpenIDConnectProvider for more information on using the TagOpenIDConnectProvider +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagOpenIDConnectProviderRequest method. +// req, resp := client.TagOpenIDConnectProviderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider +func (c *IAM) TagOpenIDConnectProviderRequest(input *TagOpenIDConnectProviderInput) (req *request.Request, output *TagOpenIDConnectProviderOutput) { + op := &request.Operation{ + Name: opTagOpenIDConnectProvider, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagOpenIDConnectProviderInput{} + } + + output = &TagOpenIDConnectProviderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagOpenIDConnectProvider API operation for AWS Identity and Access Management. +// +// Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. +// For more information about these providers, see About web identity federation +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). +// If a tag with the same key name already exists, then that tag is overwritten +// with the new value. +// +// A tag consists of a key name and an associated value. By assigning tags to +// your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an OIDC provider that has +// a specified tag attached. For examples of policies that show how to use +// tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagOpenIDConnectProvider for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider +func (c *IAM) TagOpenIDConnectProvider(input *TagOpenIDConnectProviderInput) (*TagOpenIDConnectProviderOutput, error) { + req, out := c.TagOpenIDConnectProviderRequest(input) + return out, req.Send() +} + +// TagOpenIDConnectProviderWithContext is the same as TagOpenIDConnectProvider with the addition of +// the ability to pass a context and additional request options. +// +// See TagOpenIDConnectProvider for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagOpenIDConnectProviderWithContext(ctx aws.Context, input *TagOpenIDConnectProviderInput, opts ...request.Option) (*TagOpenIDConnectProviderOutput, error) { + req, out := c.TagOpenIDConnectProviderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagPolicy = "TagPolicy" + +// TagPolicyRequest generates a "aws/request.Request" representing the +// client's request for the TagPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagPolicy for more information on using the TagPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagPolicyRequest method. +// req, resp := client.TagPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy +func (c *IAM) TagPolicyRequest(input *TagPolicyInput) (req *request.Request, output *TagPolicyOutput) { + op := &request.Operation{ + Name: opTagPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagPolicyInput{} + } + + output = &TagPolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagPolicy API operation for AWS Identity and Access Management. +// +// Adds one or more tags to an IAM customer managed policy. If a tag with the +// same key name already exists, then that tag is overwritten with the new value. +// +// A tag consists of a key name and an associated value. By assigning tags to +// your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an IAM customer managed policy +// that has a specified tag attached. For examples of policies that show +// how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagPolicy for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy +func (c *IAM) TagPolicy(input *TagPolicyInput) (*TagPolicyOutput, error) { + req, out := c.TagPolicyRequest(input) + return out, req.Send() +} + +// TagPolicyWithContext is the same as TagPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See TagPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagPolicyWithContext(ctx aws.Context, input *TagPolicyInput, opts ...request.Option) (*TagPolicyOutput, error) { + req, out := c.TagPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagRole = "TagRole" // TagRoleRequest generates a "aws/request.Request" representing the @@ -13319,26 +14413,27 @@ func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output // Or search for all resources with the key name Cost Center and the value // 41200. // -// * Access control - Reference tags in IAM user-based and resource-based -// policies. You can use tags to restrict access to only an IAM user or role -// that has a specified tag attached. You can also restrict access to only -// those resources that have a certain tag attached. For examples of policies -// that show how to use tags to control access, see Control Access Using -// IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an IAM role that has a specified +// tag attached. You can also restrict access to only those resources that +// have a certain tag attached. For examples of policies that show how to +// use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) // in the IAM User Guide. // // * Cost allocation - Use tags to help track which individuals and teams // are using which AWS resources. // -// * Make sure that you have no invalid tags and that you do not exceed the -// allowed number of tags per role. In either case, the entire request fails -// and no tags are added to the role. +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. // // * AWS always interprets the tag Value as a single string. If you need // to store an array, you can store comma-separated values in the string. // However, you must interpret the value in your code. // -// For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13355,8 +14450,7 @@ func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -13393,6 +14487,266 @@ func (c *IAM) TagRoleWithContext(ctx aws.Context, input *TagRoleInput, opts ...r return out, req.Send() } +const opTagSAMLProvider = "TagSAMLProvider" + +// TagSAMLProviderRequest generates a "aws/request.Request" representing the +// client's request for the TagSAMLProvider operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagSAMLProvider for more information on using the TagSAMLProvider +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagSAMLProviderRequest method. +// req, resp := client.TagSAMLProviderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider +func (c *IAM) TagSAMLProviderRequest(input *TagSAMLProviderInput) (req *request.Request, output *TagSAMLProviderOutput) { + op := &request.Operation{ + Name: opTagSAMLProvider, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagSAMLProviderInput{} + } + + output = &TagSAMLProviderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagSAMLProvider API operation for AWS Identity and Access Management. +// +// Adds one or more tags to a Security Assertion Markup Language (SAML) identity +// provider. For more information about these providers, see About SAML 2.0-based +// federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html). +// If a tag with the same key name already exists, then that tag is overwritten +// with the new value. +// +// A tag consists of a key name and an associated value. By assigning tags to +// your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only a SAML identity provider that +// has a specified tag attached. For examples of policies that show how to +// use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagSAMLProvider for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider +func (c *IAM) TagSAMLProvider(input *TagSAMLProviderInput) (*TagSAMLProviderOutput, error) { + req, out := c.TagSAMLProviderRequest(input) + return out, req.Send() +} + +// TagSAMLProviderWithContext is the same as TagSAMLProvider with the addition of +// the ability to pass a context and additional request options. +// +// See TagSAMLProvider for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagSAMLProviderWithContext(ctx aws.Context, input *TagSAMLProviderInput, opts ...request.Option) (*TagSAMLProviderOutput, error) { + req, out := c.TagSAMLProviderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagServerCertificate = "TagServerCertificate" + +// TagServerCertificateRequest generates a "aws/request.Request" representing the +// client's request for the TagServerCertificate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagServerCertificate for more information on using the TagServerCertificate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagServerCertificateRequest method. +// req, resp := client.TagServerCertificateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate +func (c *IAM) TagServerCertificateRequest(input *TagServerCertificateInput) (req *request.Request, output *TagServerCertificateOutput) { + op := &request.Operation{ + Name: opTagServerCertificate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagServerCertificateInput{} + } + + output = &TagServerCertificateOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagServerCertificate API operation for AWS Identity and Access Management. +// +// Adds one or more tags to an IAM server certificate. If a tag with the same +// key name already exists, then that tag is overwritten with the new value. +// +// For certificates in a Region supported by AWS Certificate Manager (ACM), +// we recommend that you don't use IAM server certificates. Instead, use ACM +// to provision, manage, and deploy your server certificates. For more information +// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// in the IAM User Guide. +// +// A tag consists of a key name and an associated value. By assigning tags to +// your resources, you can do the following: +// +// * Administrative grouping and discovery - Attach tags to resources to +// aid in organization and search. For example, you could search for all +// resources with the key name Project and the value MyImportantProject. +// Or search for all resources with the key name Cost Center and the value +// 41200. +// +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only a server certificate that +// has a specified tag attached. For examples of policies that show how to +// use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) +// in the IAM User Guide. +// +// * Cost allocation - Use tags to help track which individuals and teams +// are using which AWS resources. +// +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. +// +// * AWS always interprets the tag Value as a single string. If you need +// to store an array, you can store comma-separated values in the string. +// However, you must interpret the value in your code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation TagServerCertificate for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeLimitExceededException "LimitExceeded" +// The request was rejected because it attempted to create resources beyond +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate +func (c *IAM) TagServerCertificate(input *TagServerCertificateInput) (*TagServerCertificateOutput, error) { + req, out := c.TagServerCertificateRequest(input) + return out, req.Send() +} + +// TagServerCertificateWithContext is the same as TagServerCertificate with the addition of +// the ability to pass a context and additional request options. +// +// See TagServerCertificate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) TagServerCertificateWithContext(ctx aws.Context, input *TagServerCertificateInput, opts ...request.Option) (*TagServerCertificateOutput, error) { + req, out := c.TagServerCertificateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagUser = "TagUser" // TagUserRequest generates a "aws/request.Request" representing the @@ -13450,26 +14804,28 @@ func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output // Or search for all resources with the key name Cost Center and the value // 41200. // -// * Access control - Reference tags in IAM user-based and resource-based -// policies. You can use tags to restrict access to only an IAM requesting -// user or to a role that has a specified tag attached. You can also restrict -// access to only those resources that have a certain tag attached. For examples -// of policies that show how to use tags to control access, see Control Access -// Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) -// in the IAM User Guide. +// * Access control - Include tags in IAM user-based and resource-based policies. +// You can use tags to restrict access to only an IAM requesting user that +// has a specified tag attached. You can also restrict access to only those +// resources that have a certain tag attached. For examples of policies that +// show how to use tags to control access, see Control access using IAM tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in +// the IAM User Guide. // // * Cost allocation - Use tags to help track which individuals and teams // are using which AWS resources. // -// * Make sure that you have no invalid tags and that you do not exceed the -// allowed number of tags per role. In either case, the entire request fails -// and no tags are added to the role. +// * If any one of the tags is invalid or if you exceed the allowed maximum +// number of tags, then the entire request fails and the resource is not +// created. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the +// IAM User Guide. // // * AWS always interprets the tag Value as a single string. If you need // to store an array, you can store comma-separated values in the string. // However, you must interpret the value in your code. // -// For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13486,8 +14842,7 @@ func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeInvalidInputException "InvalidInput" // The request was rejected because an invalid or out-of-range value was supplied @@ -13524,6 +14879,393 @@ func (c *IAM) TagUserWithContext(ctx aws.Context, input *TagUserInput, opts ...r return out, req.Send() } +const opUntagInstanceProfile = "UntagInstanceProfile" + +// UntagInstanceProfileRequest generates a "aws/request.Request" representing the +// client's request for the UntagInstanceProfile operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagInstanceProfile for more information on using the UntagInstanceProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagInstanceProfileRequest method. +// req, resp := client.UntagInstanceProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile +func (c *IAM) UntagInstanceProfileRequest(input *UntagInstanceProfileInput) (req *request.Request, output *UntagInstanceProfileOutput) { + op := &request.Operation{ + Name: opUntagInstanceProfile, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagInstanceProfileInput{} + } + + output = &UntagInstanceProfileOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagInstanceProfile API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the IAM instance profile. For more information +// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagInstanceProfile for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile +func (c *IAM) UntagInstanceProfile(input *UntagInstanceProfileInput) (*UntagInstanceProfileOutput, error) { + req, out := c.UntagInstanceProfileRequest(input) + return out, req.Send() +} + +// UntagInstanceProfileWithContext is the same as UntagInstanceProfile with the addition of +// the ability to pass a context and additional request options. +// +// See UntagInstanceProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagInstanceProfileWithContext(ctx aws.Context, input *UntagInstanceProfileInput, opts ...request.Option) (*UntagInstanceProfileOutput, error) { + req, out := c.UntagInstanceProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagMFADevice = "UntagMFADevice" + +// UntagMFADeviceRequest generates a "aws/request.Request" representing the +// client's request for the UntagMFADevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagMFADevice for more information on using the UntagMFADevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagMFADeviceRequest method. +// req, resp := client.UntagMFADeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice +func (c *IAM) UntagMFADeviceRequest(input *UntagMFADeviceInput) (req *request.Request, output *UntagMFADeviceOutput) { + op := &request.Operation{ + Name: opUntagMFADevice, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagMFADeviceInput{} + } + + output = &UntagMFADeviceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagMFADevice API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the IAM virtual multi-factor authentication +// (MFA) device. For more information about tagging, see Tagging IAM resources +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM +// User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagMFADevice for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice +func (c *IAM) UntagMFADevice(input *UntagMFADeviceInput) (*UntagMFADeviceOutput, error) { + req, out := c.UntagMFADeviceRequest(input) + return out, req.Send() +} + +// UntagMFADeviceWithContext is the same as UntagMFADevice with the addition of +// the ability to pass a context and additional request options. +// +// See UntagMFADevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagMFADeviceWithContext(ctx aws.Context, input *UntagMFADeviceInput, opts ...request.Option) (*UntagMFADeviceOutput, error) { + req, out := c.UntagMFADeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagOpenIDConnectProvider = "UntagOpenIDConnectProvider" + +// UntagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the +// client's request for the UntagOpenIDConnectProvider operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagOpenIDConnectProvider for more information on using the UntagOpenIDConnectProvider +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagOpenIDConnectProviderRequest method. +// req, resp := client.UntagOpenIDConnectProviderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider +func (c *IAM) UntagOpenIDConnectProviderRequest(input *UntagOpenIDConnectProviderInput) (req *request.Request, output *UntagOpenIDConnectProviderOutput) { + op := &request.Operation{ + Name: opUntagOpenIDConnectProvider, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagOpenIDConnectProviderInput{} + } + + output = &UntagOpenIDConnectProviderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagOpenIDConnectProvider API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the specified OpenID Connect (OIDC)-compatible +// identity provider in IAM. For more information about OIDC providers, see +// About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). +// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagOpenIDConnectProvider for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider +func (c *IAM) UntagOpenIDConnectProvider(input *UntagOpenIDConnectProviderInput) (*UntagOpenIDConnectProviderOutput, error) { + req, out := c.UntagOpenIDConnectProviderRequest(input) + return out, req.Send() +} + +// UntagOpenIDConnectProviderWithContext is the same as UntagOpenIDConnectProvider with the addition of +// the ability to pass a context and additional request options. +// +// See UntagOpenIDConnectProvider for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagOpenIDConnectProviderWithContext(ctx aws.Context, input *UntagOpenIDConnectProviderInput, opts ...request.Option) (*UntagOpenIDConnectProviderOutput, error) { + req, out := c.UntagOpenIDConnectProviderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagPolicy = "UntagPolicy" + +// UntagPolicyRequest generates a "aws/request.Request" representing the +// client's request for the UntagPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagPolicy for more information on using the UntagPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagPolicyRequest method. +// req, resp := client.UntagPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy +func (c *IAM) UntagPolicyRequest(input *UntagPolicyInput) (req *request.Request, output *UntagPolicyOutput) { + op := &request.Operation{ + Name: opUntagPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagPolicyInput{} + } + + output = &UntagPolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagPolicy API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the customer managed policy. For more information +// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagPolicy for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy +func (c *IAM) UntagPolicy(input *UntagPolicyInput) (*UntagPolicyOutput, error) { + req, out := c.UntagPolicyRequest(input) + return out, req.Send() +} + +// UntagPolicyWithContext is the same as UntagPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See UntagPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagPolicyWithContext(ctx aws.Context, input *UntagPolicyInput, opts ...request.Option) (*UntagPolicyOutput, error) { + req, out := c.UntagPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUntagRole = "UntagRole" // UntagRoleRequest generates a "aws/request.Request" representing the @@ -13570,7 +15312,7 @@ func (c *IAM) UntagRoleRequest(input *UntagRoleInput) (req *request.Request, out // UntagRole API operation for AWS Identity and Access Management. // // Removes the specified tags from the role. For more information about tagging, -// see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13616,6 +15358,206 @@ func (c *IAM) UntagRoleWithContext(ctx aws.Context, input *UntagRoleInput, opts return out, req.Send() } +const opUntagSAMLProvider = "UntagSAMLProvider" + +// UntagSAMLProviderRequest generates a "aws/request.Request" representing the +// client's request for the UntagSAMLProvider operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagSAMLProvider for more information on using the UntagSAMLProvider +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagSAMLProviderRequest method. +// req, resp := client.UntagSAMLProviderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider +func (c *IAM) UntagSAMLProviderRequest(input *UntagSAMLProviderInput) (req *request.Request, output *UntagSAMLProviderOutput) { + op := &request.Operation{ + Name: opUntagSAMLProvider, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagSAMLProviderInput{} + } + + output = &UntagSAMLProviderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagSAMLProvider API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the specified Security Assertion Markup Language +// (SAML) identity provider in IAM. For more information about these providers, +// see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). +// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagSAMLProvider for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider +func (c *IAM) UntagSAMLProvider(input *UntagSAMLProviderInput) (*UntagSAMLProviderOutput, error) { + req, out := c.UntagSAMLProviderRequest(input) + return out, req.Send() +} + +// UntagSAMLProviderWithContext is the same as UntagSAMLProvider with the addition of +// the ability to pass a context and additional request options. +// +// See UntagSAMLProvider for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagSAMLProviderWithContext(ctx aws.Context, input *UntagSAMLProviderInput, opts ...request.Option) (*UntagSAMLProviderOutput, error) { + req, out := c.UntagSAMLProviderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagServerCertificate = "UntagServerCertificate" + +// UntagServerCertificateRequest generates a "aws/request.Request" representing the +// client's request for the UntagServerCertificate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagServerCertificate for more information on using the UntagServerCertificate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagServerCertificateRequest method. +// req, resp := client.UntagServerCertificateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate +func (c *IAM) UntagServerCertificateRequest(input *UntagServerCertificateInput) (req *request.Request, output *UntagServerCertificateOutput) { + op := &request.Operation{ + Name: opUntagServerCertificate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagServerCertificateInput{} + } + + output = &UntagServerCertificateOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagServerCertificate API operation for AWS Identity and Access Management. +// +// Removes the specified tags from the IAM server certificate. For more information +// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// in the IAM User Guide. +// +// For certificates in a Region supported by AWS Certificate Manager (ACM), +// we recommend that you don't use IAM server certificates. Instead, use ACM +// to provision, manage, and deploy your server certificates. For more information +// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// in the IAM User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Identity and Access Management's +// API operation UntagServerCertificate for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchEntityException "NoSuchEntity" +// The request was rejected because it referenced a resource entity that does +// not exist. The error message describes the resource. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. +// +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// +// * ErrCodeServiceFailureException "ServiceFailure" +// The request processing has failed because of an unknown error, exception +// or failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate +func (c *IAM) UntagServerCertificate(input *UntagServerCertificateInput) (*UntagServerCertificateOutput, error) { + req, out := c.UntagServerCertificateRequest(input) + return out, req.Send() +} + +// UntagServerCertificateWithContext is the same as UntagServerCertificate with the addition of +// the ability to pass a context and additional request options. +// +// See UntagServerCertificate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IAM) UntagServerCertificateWithContext(ctx aws.Context, input *UntagServerCertificateInput, opts ...request.Option) (*UntagServerCertificateOutput, error) { + req, out := c.UntagServerCertificateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUntagUser = "UntagUser" // UntagUserRequest generates a "aws/request.Request" representing the @@ -13662,7 +15604,7 @@ func (c *IAM) UntagUserRequest(input *UntagUserInput) (req *request.Request, out // UntagUser API operation for AWS Identity and Access Management. // // Removes the specified tags from the user. For more information about tagging, -// see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13763,7 +15705,7 @@ func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request. // to manage AWS account root user credentials even if the AWS account has no // associated users. // -// For information about rotating keys, see Managing Keys and Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) +// For information about rotating keys, see Managing keys and certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13780,8 +15722,7 @@ func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request. // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -13863,8 +15804,8 @@ func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPol // parameter to be explicitly set. Instead, to invoke the default value, // do not include that parameter when you invoke the operation. // -// For more information about using a password policy, see Managing an IAM Password -// Policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) +// For more information about using a password policy, see Managing an IAM password +// policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13885,8 +15826,7 @@ func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPol // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -13961,7 +15901,7 @@ func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) // // Updates the policy that grants an IAM entity permission to assume a role. // This is typically referred to as the "role trust policy". For more information -// about roles, go to Using Roles to Delegate Permissions and Federate Identities +// about roles, see Using roles to delegate permissions and federate identities // (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13982,8 +15922,7 @@ func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeUnmodifiableEntityException "UnmodifiableEntity" // The request was rejected because only the service that depends on the service-linked @@ -14065,7 +16004,7 @@ func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, // Updates the name and/or the path of the specified IAM group. // // You should understand the implications of changing a group's path or name. -// For more information, see Renaming Users and Groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) +// For more information, see Renaming users and groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) // in the IAM User Guide. // // The person making the request (the principal), must have permission to change @@ -14073,7 +16012,7 @@ func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, // the group named Managers to MGRs, the principal must have a policy that allows // them to update both groups. If the principal has permission to update the // Managers group, but not the MGRs group, then the update fails. For more information -// about permissions, see Access Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html). +// about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -14093,8 +16032,7 @@ func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -14167,10 +16105,12 @@ func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *re // UpdateLoginProfile API operation for AWS Identity and Access Management. // -// Changes the password for the specified IAM user. +// Changes the password for the specified IAM user. You can use the AWS CLI, +// the AWS API, or the Users page in the IAM console to change the password +// for any IAM user. Use ChangePassword to change your own password in the My +// Security Credentials page in the AWS Management Console. // -// IAM users can change their own passwords by calling ChangePassword. For more -// information about modifying passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) +// For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14197,8 +16137,7 @@ func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -14579,8 +16518,7 @@ func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *re // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -14661,7 +16599,7 @@ func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *re // The SSH public key affected by this operation is used only for authenticating // the associated IAM user to an AWS CodeCommit repository. For more information // about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) +// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) // in the AWS CodeCommit User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14747,12 +16685,12 @@ func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput // in IAM. // // For more information about working with server certificates, see Working -// with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) // in the IAM User Guide. This topic also includes a list of AWS services that // can use the server certificates that you manage with IAM. // // You should understand the implications of changing a server certificate's -// path or name. For more information, see Renaming a Server Certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) +// path or name. For more information, see Renaming a server certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) // in the IAM User Guide. // // The person making the request (the principal), must have permission to change @@ -14761,7 +16699,7 @@ func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput // have a policy that allows them to update both certificates. If the principal // has permission to update the ProductionCert group, but not the ProdCert certificate, // then the update fails. For more information about permissions, see Access -// Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) +// management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14782,8 +16720,7 @@ func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -14964,8 +16901,7 @@ func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInp // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception @@ -15041,15 +16977,15 @@ func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, o // Updates the name and/or the path of the specified IAM user. // // You should understand the implications of changing an IAM user's path or -// name. For more information, see Renaming an IAM User (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) -// and Renaming an IAM Group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) +// name. For more information, see Renaming an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) +// and Renaming an IAM group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) // in the IAM User Guide. // // To change a user name, the requester must have appropriate permissions on // both the source object and the target object. For example, to change Bob // to Robert, the entity making the request must have permission on Bob and // Robert, or must have permission on all (*). For more information about permissions, -// see Permissions and Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html). +// see Permissions and policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15065,8 +17001,7 @@ func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, o // // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -15158,7 +17093,7 @@ func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *re // The SSH public key uploaded by this operation can be used only for authenticating // the associated IAM user to an AWS CodeCommit repository. For more information // about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) +// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) // in the AWS CodeCommit User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15171,8 +17106,7 @@ func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *re // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeNoSuchEntityException "NoSuchEntity" // The request was rejected because it referenced a resource entity that does @@ -15267,20 +17201,20 @@ func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput // about using ACM, see the AWS Certificate Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/). // // For more information about working with server certificates, see Working -// with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) // in the IAM User Guide. This topic includes a list of AWS services that can // use the server certificates that you manage with IAM. // // For information about the number of server certificates you can upload, see -// Limitations on IAM Entities and Objects (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html) +// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) // in the IAM User Guide. // // Because the body of the public key certificate, private key, and the certificate // chain can be large, you should use POST rather than GET when calling UploadServerCertificate. // For information about setting up signatures and authorization through the -// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) +// API, see Signing AWS API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) // in the AWS General Reference. For general information about using the Query -// API with IAM, go to Calling the API by Making HTTP Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) +// API with IAM, see Calling the API by making HTTP query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15293,8 +17227,11 @@ func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. +// +// * ErrCodeInvalidInputException "InvalidInput" +// The request was rejected because an invalid or out-of-range value was supplied +// for an input parameter. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -15308,6 +17245,11 @@ func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput // The request was rejected because the public key certificate and the private // key do not match. // +// * ErrCodeConcurrentModificationException "ConcurrentModification" +// The request was rejected because multiple requests to change this object +// were submitted simultaneously. Wait a few minutes and submit your request +// again. +// // * ErrCodeServiceFailureException "ServiceFailure" // The request processing has failed because of an unknown error, exception // or failure. @@ -15379,10 +17321,14 @@ func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInp // UploadSigningCertificate API operation for AWS Identity and Access Management. // // Uploads an X.509 signing certificate and associates it with the specified -// IAM user. Some AWS services use X.509 signing certificates to validate requests +// IAM user. Some AWS services require you to use certificates to validate requests // that are signed with a corresponding private key. When you upload the certificate, // its default status is Active. // +// For information about when you would use an X.509 signing certificate, see +// Managing server certificates in IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) +// in the IAM User Guide. +// // If the UserName is not specified, the IAM user name is determined implicitly // based on the AWS access key ID used to sign the request. This operation works // for access keys under the AWS account. Consequently, you can use this operation @@ -15391,10 +17337,10 @@ func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInp // // Because the body of an X.509 certificate can be large, you should use POST // rather than GET when calling UploadSigningCertificate. For information about -// setting up signatures and authorization through the API, go to Signing AWS -// API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) +// setting up signatures and authorization through the API, see Signing AWS +// API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) // in the AWS General Reference. For general information about using the Query -// API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) +// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15407,8 +17353,7 @@ func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInp // Returned Error Codes: // * ErrCodeLimitExceededException "LimitExceeded" // The request was rejected because it attempted to create resources beyond -// the current AWS account limitations. The error message describes the limit -// exceeded. +// the current AWS account limits. The error message describes the limit exceeded. // // * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" // The request was rejected because it attempted to create a resource that already @@ -15495,12 +17440,12 @@ type AccessDetail struct { // The namespace of the service in which access was attempted. // - // To learn the service namespace of a service, go to Actions, Resources, and - // Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) - // in the IAM User Guide. Choose the name of the service to view details for - // that service. In the first paragraph, find the service prefix. For example, - // (service prefix: a4b). For more information about service namespaces, see - // AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) + // To learn the service namespace of a service, see Actions, resources, and + // condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) + // in the Service Authorization Reference. Choose the name of the service to + // view details for that service. In the first paragraph, find the service prefix. + // For example, (service prefix: a4b). For more information about service namespaces, + // see AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) // in the AWS General Reference. // // ServiceNamespace is a required field @@ -15666,7 +17611,7 @@ type AccessKeyLastUsed struct { // // * There is no sign-in data associated with the user. // - // For more information about AWS Regions, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html) + // For more information about AWS Regions, see Regions and endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html) // in the Amazon Web Services General Reference. // // Region is a required field @@ -16017,8 +17962,7 @@ type AttachGroupPolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to attach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -16088,8 +18032,7 @@ type AttachRolePolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to attach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -16168,8 +18111,7 @@ type AttachUserPolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to attach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -16248,8 +18190,8 @@ func (s AttachUserPolicyOutput) GoString() string { // An attached permissions boundary is a managed policy that has been attached // to a user or role to set the permissions boundary. // -// For more information about permissions boundaries, see Permissions Boundaries -// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) +// For more information about permissions boundaries, see Permissions boundaries +// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. type AttachedPermissionsBoundary struct { _ struct{} `type:"structure"` @@ -16293,16 +18235,15 @@ func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *Atta // ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails // operations. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type AttachedPolicy struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. PolicyArn *string `min:"20" type:"string"` @@ -16617,7 +18558,7 @@ type CreateGroupInput struct { // GroupName is a required field GroupName *string `min:"1" type:"string" required:"true"` - // The path to the group. For more information about paths, see IAM Identifiers + // The path to the group. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -16726,6 +18667,15 @@ type CreateInstanceProfileInput struct { // (\u007F), including most punctuation characters, digits, and upper and lowercased // letters. Path *string `min:"1" type:"string"` + + // A list of tags that you want to attach to the newly created IAM instance + // profile. Each tag consists of a key name and an associated value. For more + // information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -16750,6 +18700,16 @@ func (s *CreateInstanceProfileInput) Validate() error { if s.Path != nil && len(*s.Path) < 1 { invalidParams.Add(request.NewErrParamMinLen("Path", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -16769,6 +18729,12 @@ func (s *CreateInstanceProfileInput) SetPath(v string) *CreateInstanceProfileInp return s } +// SetTags sets the Tags field's value. +func (s *CreateInstanceProfileInput) SetTags(v []*Tag) *CreateInstanceProfileInput { + s.Tags = v + return s +} + // Contains the response to a successful CreateInstanceProfile request. type CreateInstanceProfileOutput struct { _ struct{} `type:"structure"` @@ -16918,6 +18884,15 @@ type CreateOpenIDConnectProviderInput struct { // operation accepts client IDs up to 255 characters long. ClientIDList []*string `type:"list"` + // A list of tags that you want to attach to the new IAM OpenID Connect (OIDC) + // provider. Each tag consists of a key name and an associated value. For more + // information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` + // A list of server certificate thumbprints for the OpenID Connect (OIDC) identity // provider's server certificates. Typically this list includes only one entry. // However, IAM lets you have up to five thumbprints for an OIDC provider. This @@ -16935,7 +18910,7 @@ type CreateOpenIDConnectProviderInput struct { // of the certificate used by https://keys.server.example.com. // // For more information about obtaining the OIDC provider's thumbprint, see - // Obtaining the Thumbprint for an OpenID Connect Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html) + // Obtaining the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html) // in the IAM User Guide. // // ThumbprintList is a required field @@ -16977,6 +18952,16 @@ func (s *CreateOpenIDConnectProviderInput) Validate() error { if s.Url != nil && len(*s.Url) < 1 { invalidParams.Add(request.NewErrParamMinLen("Url", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -16990,6 +18975,12 @@ func (s *CreateOpenIDConnectProviderInput) SetClientIDList(v []*string) *CreateO return s } +// SetTags sets the Tags field's value. +func (s *CreateOpenIDConnectProviderInput) SetTags(v []*Tag) *CreateOpenIDConnectProviderInput { + s.Tags = v + return s +} + // SetThumbprintList sets the ThumbprintList field's value. func (s *CreateOpenIDConnectProviderInput) SetThumbprintList(v []*string) *CreateOpenIDConnectProviderInput { s.ThumbprintList = v @@ -17009,6 +19000,12 @@ type CreateOpenIDConnectProviderOutput struct { // The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that // is created. For more information, see OpenIDConnectProviderListEntry. OpenIDConnectProviderArn *string `min:"20" type:"string"` + + // A list of tags that are attached to the new IAM OIDC provider. The returned + // list of tags is sorted by tag key. For more information about tagging, see + // Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -17027,6 +19024,12 @@ func (s *CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn(v string return s } +// SetTags sets the Tags field's value. +func (s *CreateOpenIDConnectProviderOutput) SetTags(v []*Tag) *CreateOpenIDConnectProviderOutput { + s.Tags = v + return s +} + type CreatePolicyInput struct { _ struct{} `type:"structure"` @@ -17041,7 +19044,7 @@ type CreatePolicyInput struct { // The path for the policy. // - // For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // This parameter is optional. If it is not included, it defaults to a slash @@ -17086,6 +19089,15 @@ type CreatePolicyInput struct { // // PolicyName is a required field PolicyName *string `min:"1" type:"string" required:"true"` + + // A list of tags that you want to attach to the new IAM customer managed policy. + // Each tag consists of a key name and an associated value. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -17116,6 +19128,16 @@ func (s *CreatePolicyInput) Validate() error { if s.PolicyName != nil && len(*s.PolicyName) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -17147,6 +19169,12 @@ func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput { return s } +// SetTags sets the Tags field's value. +func (s *CreatePolicyInput) SetTags(v []*Tag) *CreatePolicyInput { + s.Tags = v + return s +} + // Contains the response to a successful CreatePolicy request. type CreatePolicyOutput struct { _ struct{} `type:"structure"` @@ -17177,8 +19205,7 @@ type CreatePolicyVersionInput struct { // The Amazon Resource Name (ARN) of the IAM policy to which you want to add // a new version. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -17213,8 +19240,8 @@ type CreatePolicyVersionInput struct { // version. That is, it becomes the version that is in effect for the IAM users, // groups, and roles that the policy is attached to. // - // For more information about managed policy versions, see Versioning for Managed - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) + // For more information about managed policy versions, see Versioning for managed + // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. SetAsDefault *bool `type:"boolean"` } @@ -17335,7 +19362,7 @@ type CreateRoleInput struct { // for the DurationSeconds parameter, their security credentials are valid for // one hour by default. This applies when you use the AssumeRole* API operations // or the assume-role* CLI operations but does not apply when you use those - // operations to create a console URL. For more information, see Using IAM Roles + // operations to create a console URL. For more information, see Using IAM roles // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the // IAM User Guide. MaxSessionDuration *int64 `min:"3600" type:"integer"` @@ -17368,13 +19395,13 @@ type CreateRoleInput struct { // RoleName is a required field RoleName *string `min:"1" type:"string" required:"true"` - // A list of tags that you want to attach to the newly created role. Each tag - // consists of a key name and an associated value. For more information about - // tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that you want to attach to the new role. Each tag consists + // of a key name and an associated value. For more information about tagging, + // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // - // If any one of the tags is invalid or if you exceed the allowed number of - // tags per role, then the entire request fails and the role is not created. + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. Tags []*Tag `type:"list"` } @@ -17515,11 +19542,20 @@ type CreateSAMLProviderInput struct { // that are received from the IdP. You must generate the metadata document using // the identity management software that is used as your organization's IdP. // - // For more information, see About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) + // For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) // in the IAM User Guide // // SAMLMetadataDocument is a required field SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"` + + // A list of tags that you want to attach to the new IAM SAML provider. Each + // tag consists of a key name and an associated value. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -17547,6 +19583,16 @@ func (s *CreateSAMLProviderInput) Validate() error { if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 { invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -17566,12 +19612,24 @@ func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLP return s } +// SetTags sets the Tags field's value. +func (s *CreateSAMLProviderInput) SetTags(v []*Tag) *CreateSAMLProviderInput { + s.Tags = v + return s +} + // Contains the response to a successful CreateSAMLProvider request. type CreateSAMLProviderOutput struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) of the new SAML provider resource in IAM. SAMLProviderArn *string `min:"20" type:"string"` + + // A list of tags that are attached to the new IAM SAML provider. The returned + // list of tags is sorted by tag key. For more information about tagging, see + // Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -17590,6 +19648,12 @@ func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProvi return s } +// SetTags sets the Tags field's value. +func (s *CreateSAMLProviderOutput) SetTags(v []*Tag) *CreateSAMLProviderOutput { + s.Tags = v + return s +} + type CreateServiceLinkedRoleInput struct { _ struct{} `type:"structure"` @@ -17598,7 +19662,7 @@ type CreateServiceLinkedRoleInput struct { // elasticbeanstalk.amazonaws.com. // // Service principals are unique and case-sensitive. To find the exact service - // principal for your service-linked role, see AWS Services That Work with IAM + // principal for your service-linked role, see AWS services that work with IAM // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) // in the IAM User Guide. Look for the services that have Yes in the Service-Linked // Role column. Choose the Yes link to view the service-linked role documentation @@ -17785,7 +19849,7 @@ func (s *CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential(v * type CreateUserInput struct { _ struct{} `type:"structure"` - // The path for the user name. For more information about paths, see IAM Identifiers + // The path for the user name. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -17804,13 +19868,13 @@ type CreateUserInput struct { // user. PermissionsBoundary *string `min:"20" type:"string"` - // A list of tags that you want to attach to the newly created user. Each tag - // consists of a key name and an associated value. For more information about - // tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that you want to attach to the new user. Each tag consists + // of a key name and an associated value. For more information about tagging, + // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. // - // If any one of the tags is invalid or if you exceed the allowed number of - // tags per user, then the entire request fails and the user is not created. + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. Tags []*Tag `type:"list"` // The name of the user to create. @@ -17917,7 +19981,7 @@ type CreateVirtualMFADeviceInput struct { _ struct{} `type:"structure"` // The path for the virtual MFA device. For more information about paths, see - // IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // This parameter is optional. If it is not included, it defaults to a slash @@ -17931,6 +19995,15 @@ type CreateVirtualMFADeviceInput struct { // letters. Path *string `min:"1" type:"string"` + // A list of tags that you want to attach to the new IAM virtual MFA device. + // Each tag consists of a key name and an associated value. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` + // The name of the virtual MFA device. Use with path to uniquely identify a // virtual MFA device. // @@ -17964,6 +20037,16 @@ func (s *CreateVirtualMFADeviceInput) Validate() error { if s.VirtualMFADeviceName != nil && len(*s.VirtualMFADeviceName) < 1 { invalidParams.Add(request.NewErrParamMinLen("VirtualMFADeviceName", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -17977,6 +20060,12 @@ func (s *CreateVirtualMFADeviceInput) SetPath(v string) *CreateVirtualMFADeviceI return s } +// SetTags sets the Tags field's value. +func (s *CreateVirtualMFADeviceInput) SetTags(v []*Tag) *CreateVirtualMFADeviceInput { + s.Tags = v + return s +} + // SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value. func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput { s.VirtualMFADeviceName = &v @@ -18574,8 +20663,7 @@ type DeletePolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to delete. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -18634,8 +20722,7 @@ type DeletePolicyVersionInput struct { // The Amazon Resource Name (ARN) of the IAM policy from which you want to delete // a version. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -18648,8 +20735,8 @@ type DeletePolicyVersionInput struct { // by one or two digits, and optionally followed by a period '.' and a string // of letters and digits. // - // For more information about managed policy versions, see Versioning for Managed - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) + // For more information about managed policy versions, see Versioning for managed + // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // // VersionId is a required field @@ -19632,8 +21719,7 @@ type DetachGroupPolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to detach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -19703,8 +21789,7 @@ type DetachRolePolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to detach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -19783,8 +21868,7 @@ type DetachUserPolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy you want to detach. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -20043,8 +22127,7 @@ type EntityInfo struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // Arn is a required field @@ -20061,7 +22144,7 @@ type EntityInfo struct { Name *string `min:"1" type:"string" required:"true"` // The path to the entity (user or role). For more information about paths, - // see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` @@ -20182,7 +22265,7 @@ type EvaluationResult struct { // When you make a cross-account request, AWS evaluates the request in the trusting // account and the trusted account. The request is allowed only if both evaluations // return true. For more information about how policies are evaluated, see Evaluating - // Policies Within a Single Account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics). + // policies within a single account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics). // // If an AWS Organizations SCP included in the evaluation denies access, the // simulation ends. In this case, policy evaluation does not proceed any further @@ -20910,8 +22993,7 @@ type GetContextKeysForPrincipalPolicyInput struct { // form here for clarity, but must be URL encoded to be included as a part of // a real HTML request. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicySourceArn is a required field @@ -21423,8 +23505,7 @@ type GetOpenIDConnectProviderInput struct { // to get information for. You can get a list of OIDC provider resource ARNs // by using the ListOpenIDConnectProviders operation. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // OpenIDConnectProviderArn is a required field @@ -21475,6 +23556,12 @@ type GetOpenIDConnectProviderOutput struct { // in the AWS account. CreateDate *time.Time `type:"timestamp"` + // A list of tags that are attached to the specified IAM OIDC provider. The + // returned list of tags is sorted by tag key. For more information about tagging, + // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // A list of certificate thumbprints that are associated with the specified // IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider. ThumbprintList []*string `type:"list"` @@ -21506,6 +23593,12 @@ func (s *GetOpenIDConnectProviderOutput) SetCreateDate(v time.Time) *GetOpenIDCo return s } +// SetTags sets the Tags field's value. +func (s *GetOpenIDConnectProviderOutput) SetTags(v []*Tag) *GetOpenIDConnectProviderOutput { + s.Tags = v + return s +} + // SetThumbprintList sets the ThumbprintList field's value. func (s *GetOpenIDConnectProviderOutput) SetThumbprintList(v []*string) *GetOpenIDConnectProviderOutput { s.ThumbprintList = v @@ -21729,8 +23822,7 @@ type GetPolicyInput struct { // The Amazon Resource Name (ARN) of the managed policy that you want information // about. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -21799,8 +23891,7 @@ type GetPolicyVersionInput struct { // The Amazon Resource Name (ARN) of the managed policy that you want information // about. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -22077,8 +24168,7 @@ type GetSAMLProviderInput struct { // The Amazon Resource Name (ARN) of the SAML provider resource object in IAM // to get information about. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // SAMLProviderArn is a required field @@ -22127,6 +24217,12 @@ type GetSAMLProviderOutput struct { // The XML metadata document that includes information about an identity provider. SAMLMetadataDocument *string `min:"1000" type:"string"` + // A list of tags that are attached to the specified IAM SAML provider. The + // returned list of tags is sorted by tag key. For more information about tagging, + // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // The expiration date and time for the SAML provider. ValidUntil *time.Time `type:"timestamp"` } @@ -22153,6 +24249,12 @@ func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProvid return s } +// SetTags sets the Tags field's value. +func (s *GetSAMLProviderOutput) SetTags(v []*Tag) *GetSAMLProviderOutput { + s.Tags = v + return s +} + // SetValidUntil sets the ValidUntil field's value. func (s *GetSAMLProviderOutput) SetValidUntil(v time.Time) *GetSAMLProviderOutput { s.ValidUntil = &v @@ -22552,12 +24654,12 @@ type GetServiceLastAccessedDetailsWithEntitiesInput struct { // The service namespace for an AWS service. Provide the service namespace to // learn when the IAM entity last attempted to access the specified service. // - // To learn the service namespace for a service, go to Actions, Resources, and - // Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) + // To learn the service namespace for a service, see Actions, resources, and + // condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) // in the IAM User Guide. Choose the name of the service to view details for // that service. In the first paragraph, find the service prefix. For example, // (service prefix: a4b). For more information about service namespaces, see - // AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) + // AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) // in the AWS General Reference. // // ServiceNamespace is a required field @@ -22852,10 +24954,10 @@ type GetUserOutput struct { // sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html) // dates shown in the IAM console and password last used dates in the IAM credential // report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html), - // and returned by this GetUser API. If users signed in during the affected - // time, the password last used date that is returned is the date the user last - // signed in before May 3, 2018. For users that signed in after May 23, 2018 - // 14:08 PDT, the returned password last used date is accurate. + // and returned by this operation. If users signed in during the affected time, + // the password last used date that is returned is the date the user last signed + // in before May 3, 2018. For users that signed in after May 23, 2018 14:08 + // PDT, the returned password last used date is accurate. // // You can use password last used information to identify unused credentials // for deletion. For example, you might delete users who did not sign in to @@ -23015,7 +25117,7 @@ type Group struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) specifying the group. For more information - // about ARNs and how to use them in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // Arn is a required field @@ -23028,7 +25130,7 @@ type Group struct { CreateDate *time.Time `type:"timestamp" required:"true"` // The stable and unique string identifying the group. For more information - // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // GroupId is a required field @@ -23039,7 +25141,7 @@ type Group struct { // GroupName is a required field GroupName *string `min:"1" type:"string" required:"true"` - // The path to the group. For more information about paths, see IAM Identifiers + // The path to the group. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -23096,8 +25198,7 @@ type GroupDetail struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` @@ -23109,7 +25210,7 @@ type GroupDetail struct { CreateDate *time.Time `type:"timestamp"` // The stable and unique string identifying the group. For more information - // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. GroupId *string `min:"16" type:"string"` @@ -23119,7 +25220,7 @@ type GroupDetail struct { // A list of the inline policies embedded in the group. GroupPolicyList []*PolicyDetail `type:"list"` - // The path to the group. For more information about paths, see IAM Identifiers + // The path to the group. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` @@ -23192,7 +25293,7 @@ type InstanceProfile struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) specifying the instance profile. For more - // information about ARNs and how to use them in policies, see IAM Identifiers + // information about ARNs and how to use them in policies, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -23205,7 +25306,7 @@ type InstanceProfile struct { CreateDate *time.Time `type:"timestamp" required:"true"` // The stable and unique string identifying the instance profile. For more information - // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // InstanceProfileId is a required field @@ -23217,7 +25318,7 @@ type InstanceProfile struct { InstanceProfileName *string `min:"1" type:"string" required:"true"` // The path to the instance profile. For more information about paths, see IAM - // Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // Path is a required field @@ -23227,6 +25328,11 @@ type InstanceProfile struct { // // Roles is a required field Roles []*Role `type:"list" required:"true"` + + // A list of tags that are attached to the instance profile. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -23275,6 +25381,12 @@ func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile { return s } +// SetTags sets the Tags field's value. +func (s *InstanceProfile) SetTags(v []*Tag) *InstanceProfile { + s.Tags = v + return s +} + type ListAccessKeysInput struct { _ struct{} `type:"structure"` @@ -23996,8 +26108,7 @@ type ListEntitiesForPolicyInput struct { // The Amazon Resource Name (ARN) of the IAM policy for which you want the versions. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -24544,6 +26655,138 @@ func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput { return s } +type ListInstanceProfileTagsInput struct { + _ struct{} `type:"structure"` + + // The name of the IAM instance profile whose tags you want to see. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // InstanceProfileName is a required field + InstanceProfileName *string `min:"1" type:"string" required:"true"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` +} + +// String returns the string representation +func (s ListInstanceProfileTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListInstanceProfileTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListInstanceProfileTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfileTagsInput"} + if s.InstanceProfileName == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceProfileName")) + } + if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1)) + } + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInstanceProfileName sets the InstanceProfileName field's value. +func (s *ListInstanceProfileTagsInput) SetInstanceProfileName(v string) *ListInstanceProfileTagsInput { + s.InstanceProfileName = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListInstanceProfileTagsInput) SetMarker(v string) *ListInstanceProfileTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListInstanceProfileTagsInput) SetMaxItems(v int64) *ListInstanceProfileTagsInput { + s.MaxItems = &v + return s +} + +type ListInstanceProfileTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the IAM instance profile. + // Each tag consists of a key name and an associated value. If no tags are attached + // to the specified resource, the response contains an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListInstanceProfileTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListInstanceProfileTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListInstanceProfileTagsOutput) SetIsTruncated(v bool) *ListInstanceProfileTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListInstanceProfileTagsOutput) SetMarker(v string) *ListInstanceProfileTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListInstanceProfileTagsOutput) SetTags(v []*Tag) *ListInstanceProfileTagsOutput { + s.Tags = v + return s +} + type ListInstanceProfilesForRoleInput struct { _ struct{} `type:"structure"` @@ -24804,6 +27047,139 @@ func (s *ListInstanceProfilesOutput) SetMarker(v string) *ListInstanceProfilesOu return s } +type ListMFADeviceTagsInput struct { + _ struct{} `type:"structure"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` + + // The unique identifier for the IAM virtual MFA device whose tags you want + // to see. For virtual MFA devices, the serial number is the same as the ARN. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SerialNumber is a required field + SerialNumber *string `min:"9" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListMFADeviceTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListMFADeviceTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListMFADeviceTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListMFADeviceTagsInput"} + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + if s.SerialNumber == nil { + invalidParams.Add(request.NewErrParamRequired("SerialNumber")) + } + if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { + invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMarker sets the Marker field's value. +func (s *ListMFADeviceTagsInput) SetMarker(v string) *ListMFADeviceTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListMFADeviceTagsInput) SetMaxItems(v int64) *ListMFADeviceTagsInput { + s.MaxItems = &v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *ListMFADeviceTagsInput) SetSerialNumber(v string) *ListMFADeviceTagsInput { + s.SerialNumber = &v + return s +} + +type ListMFADeviceTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the virtual MFA device. Each + // tag consists of a key name and an associated value. If no tags are attached + // to the specified resource, the response contains an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListMFADeviceTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListMFADeviceTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListMFADeviceTagsOutput) SetIsTruncated(v bool) *ListMFADeviceTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListMFADeviceTagsOutput) SetMarker(v string) *ListMFADeviceTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListMFADeviceTagsOutput) SetTags(v []*Tag) *ListMFADeviceTagsOutput { + s.Tags = v + return s +} + type ListMFADevicesInput struct { _ struct{} `type:"structure"` @@ -24929,6 +27305,140 @@ func (s *ListMFADevicesOutput) SetMarker(v string) *ListMFADevicesOutput { return s } +type ListOpenIDConnectProviderTagsInput struct { + _ struct{} `type:"structure"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` + + // The ARN of the OpenID Connect (OIDC) identity provider whose tags you want + // to see. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // OpenIDConnectProviderArn is a required field + OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListOpenIDConnectProviderTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListOpenIDConnectProviderTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListOpenIDConnectProviderTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListOpenIDConnectProviderTagsInput"} + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + if s.OpenIDConnectProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn")) + } + if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMarker sets the Marker field's value. +func (s *ListOpenIDConnectProviderTagsInput) SetMarker(v string) *ListOpenIDConnectProviderTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListOpenIDConnectProviderTagsInput) SetMaxItems(v int64) *ListOpenIDConnectProviderTagsInput { + s.MaxItems = &v + return s +} + +// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value. +func (s *ListOpenIDConnectProviderTagsInput) SetOpenIDConnectProviderArn(v string) *ListOpenIDConnectProviderTagsInput { + s.OpenIDConnectProviderArn = &v + return s +} + +type ListOpenIDConnectProviderTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the OpenID Connect (OIDC) + // identity provider. Each tag consists of a key name and an associated value. + // If no tags are attached to the specified resource, the response contains + // an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListOpenIDConnectProviderTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListOpenIDConnectProviderTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListOpenIDConnectProviderTagsOutput) SetIsTruncated(v bool) *ListOpenIDConnectProviderTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListOpenIDConnectProviderTagsOutput) SetMarker(v string) *ListOpenIDConnectProviderTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListOpenIDConnectProviderTagsOutput) SetTags(v []*Tag) *ListOpenIDConnectProviderTagsOutput { + s.Tags = v + return s +} + type ListOpenIDConnectProvidersInput struct { _ struct{} `type:"structure"` } @@ -24981,12 +27491,12 @@ type ListPoliciesGrantingServiceAccessEntry struct { // The namespace of the service that was accessed. // - // To learn the service namespace of a service, go to Actions, Resources, and - // Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) - // in the IAM User Guide. Choose the name of the service to view details for - // that service. In the first paragraph, find the service prefix. For example, - // (service prefix: a4b). For more information about service namespaces, see - // AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) + // To learn the service namespace of a service, see Actions, resources, and + // condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) + // in the Service Authorization Reference. Choose the name of the service to + // view details for that service. In the first paragraph, find the service prefix. + // For example, (service prefix: a4b). For more information about service namespaces, + // see AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) // in the AWS General Reference. ServiceNamespace *string `min:"1" type:"string"` } @@ -25030,12 +27540,12 @@ type ListPoliciesGrantingServiceAccessInput struct { // The service namespace for the AWS services whose policies you want to list. // - // To learn the service namespace for a service, go to Actions, Resources, and - // Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) + // To learn the service namespace for a service, see Actions, resources, and + // condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) // in the IAM User Guide. Choose the name of the service to view details for // that service. In the first paragraph, find the service prefix. For example, // (service prefix: a4b). For more information about service namespaces, see - // AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) + // AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) // in the AWS General Reference. // // ServiceNamespaces is a required field @@ -25313,6 +27823,138 @@ func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput { return s } +type ListPolicyTagsInput struct { + _ struct{} `type:"structure"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` + + // The ARN of the IAM customer managed policy whose tags you want to see. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // PolicyArn is a required field + PolicyArn *string `min:"20" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListPolicyTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListPolicyTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListPolicyTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListPolicyTagsInput"} + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + if s.PolicyArn == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyArn")) + } + if s.PolicyArn != nil && len(*s.PolicyArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMarker sets the Marker field's value. +func (s *ListPolicyTagsInput) SetMarker(v string) *ListPolicyTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListPolicyTagsInput) SetMaxItems(v int64) *ListPolicyTagsInput { + s.MaxItems = &v + return s +} + +// SetPolicyArn sets the PolicyArn field's value. +func (s *ListPolicyTagsInput) SetPolicyArn(v string) *ListPolicyTagsInput { + s.PolicyArn = &v + return s +} + +type ListPolicyTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the IAM customer managed + // policy. Each tag consists of a key name and an associated value. If no tags + // are attached to the specified resource, the response contains an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListPolicyTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListPolicyTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListPolicyTagsOutput) SetIsTruncated(v bool) *ListPolicyTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListPolicyTagsOutput) SetMarker(v string) *ListPolicyTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListPolicyTagsOutput) SetTags(v []*Tag) *ListPolicyTagsOutput { + s.Tags = v + return s +} + type ListPolicyVersionsInput struct { _ struct{} `type:"structure"` @@ -25335,8 +27977,7 @@ type ListPolicyVersionsInput struct { // The Amazon Resource Name (ARN) of the IAM policy for which you want the versions. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -25411,8 +28052,8 @@ type ListPolicyVersionsOutput struct { // A list of policy versions. // - // For more information about managed policy versions, see Versioning for Managed - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) + // For more information about managed policy versions, see Versioning for managed + // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. Versions []*PolicyVersion `type:"list"` } @@ -25671,9 +28312,9 @@ type ListRoleTagsOutput struct { // to use for the Marker parameter in a subsequent pagination request. Marker *string `type:"string"` - // The list of tags currently that is attached to the role. Each tag consists + // The list of tags that are currently attached to the role. Each tag consists // of a key name and an associated value. If no tags are attached to the specified - // role, the response contains an empty list. + // resource, the response contains an empty list. // // Tags is a required field Tags []*Tag `type:"list" required:"true"` @@ -25837,6 +28478,140 @@ func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput { return s } +type ListSAMLProviderTagsInput struct { + _ struct{} `type:"structure"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` + + // The ARN of the Security Assertion Markup Language (SAML) identity provider + // whose tags you want to see. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SAMLProviderArn is a required field + SAMLProviderArn *string `min:"20" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListSAMLProviderTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListSAMLProviderTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListSAMLProviderTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListSAMLProviderTagsInput"} + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + if s.SAMLProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn")) + } + if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMarker sets the Marker field's value. +func (s *ListSAMLProviderTagsInput) SetMarker(v string) *ListSAMLProviderTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListSAMLProviderTagsInput) SetMaxItems(v int64) *ListSAMLProviderTagsInput { + s.MaxItems = &v + return s +} + +// SetSAMLProviderArn sets the SAMLProviderArn field's value. +func (s *ListSAMLProviderTagsInput) SetSAMLProviderArn(v string) *ListSAMLProviderTagsInput { + s.SAMLProviderArn = &v + return s +} + +type ListSAMLProviderTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the Security Assertion Markup + // Language (SAML) identity provider. Each tag consists of a key name and an + // associated value. If no tags are attached to the specified resource, the + // response contains an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListSAMLProviderTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListSAMLProviderTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListSAMLProviderTagsOutput) SetIsTruncated(v bool) *ListSAMLProviderTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListSAMLProviderTagsOutput) SetMarker(v string) *ListSAMLProviderTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListSAMLProviderTagsOutput) SetTags(v []*Tag) *ListSAMLProviderTagsOutput { + s.Tags = v + return s +} + type ListSAMLProvidersInput struct { _ struct{} `type:"structure"` } @@ -26000,6 +28775,138 @@ func (s *ListSSHPublicKeysOutput) SetSSHPublicKeys(v []*SSHPublicKeyMetadata) *L return s } +type ListServerCertificateTagsInput struct { + _ struct{} `type:"structure"` + + // Use this parameter only when paginating results and only after you receive + // a response indicating that the results are truncated. Set it to the value + // of the Marker element in the response that you received to indicate where + // the next call should start. + Marker *string `min:"1" type:"string"` + + // (Optional) Use this only when paginating results to indicate the maximum + // number of items that you want in the response. If additional items exist + // beyond the maximum that you specify, the IsTruncated response element is + // true. + // + // If you do not include this parameter, it defaults to 100. Note that IAM might + // return fewer results, even when more results are available. In that case, + // the IsTruncated response element returns true, and Marker contains a value + // to include in the subsequent call that tells the service where to continue + // from. + MaxItems *int64 `min:"1" type:"integer"` + + // The name of the IAM server certificate whose tags you want to see. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // ServerCertificateName is a required field + ServerCertificateName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListServerCertificateTagsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListServerCertificateTagsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListServerCertificateTagsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListServerCertificateTagsInput"} + if s.Marker != nil && len(*s.Marker) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Marker", 1)) + } + if s.MaxItems != nil && *s.MaxItems < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1)) + } + if s.ServerCertificateName == nil { + invalidParams.Add(request.NewErrParamRequired("ServerCertificateName")) + } + if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMarker sets the Marker field's value. +func (s *ListServerCertificateTagsInput) SetMarker(v string) *ListServerCertificateTagsInput { + s.Marker = &v + return s +} + +// SetMaxItems sets the MaxItems field's value. +func (s *ListServerCertificateTagsInput) SetMaxItems(v int64) *ListServerCertificateTagsInput { + s.MaxItems = &v + return s +} + +// SetServerCertificateName sets the ServerCertificateName field's value. +func (s *ListServerCertificateTagsInput) SetServerCertificateName(v string) *ListServerCertificateTagsInput { + s.ServerCertificateName = &v + return s +} + +type ListServerCertificateTagsOutput struct { + _ struct{} `type:"structure"` + + // A flag that indicates whether there are more items to return. If your results + // were truncated, you can use the Marker request parameter to make a subsequent + // pagination request that retrieves more items. Note that IAM might return + // fewer than the MaxItems number of results even when more results are available. + // Check IsTruncated after every call to ensure that you receive all of your + // results. + IsTruncated *bool `type:"boolean"` + + // When IsTruncated is true, this element is present and contains the value + // to use for the Marker parameter in a subsequent pagination request. + Marker *string `type:"string"` + + // The list of tags that are currently attached to the IAM server certificate. + // Each tag consists of a key name and an associated value. If no tags are attached + // to the specified resource, the response contains an empty list. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListServerCertificateTagsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListServerCertificateTagsOutput) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *ListServerCertificateTagsOutput) SetIsTruncated(v bool) *ListServerCertificateTagsOutput { + s.IsTruncated = &v + return s +} + +// SetMarker sets the Marker field's value. +func (s *ListServerCertificateTagsOutput) SetMarker(v string) *ListServerCertificateTagsOutput { + s.Marker = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *ListServerCertificateTagsOutput) SetTags(v []*Tag) *ListServerCertificateTagsOutput { + s.Tags = v + return s +} + type ListServerCertificatesInput struct { _ struct{} `type:"structure"` @@ -26558,7 +29465,7 @@ type ListUserTagsOutput struct { // The list of tags that are currently attached to the user. Each tag consists // of a key name and an associated value. If no tags are attached to the specified - // user, the response contains an empty list. + // resource, the response contains an empty list. // // Tags is a required field Tags []*Tag `type:"list" required:"true"` @@ -26951,16 +29858,15 @@ func (s *MFADevice) SetUserName(v string) *MFADevice { // This data type is used as a response element in the GetAccountAuthorizationDetails // operation. // -// For more information about managed policies, see Managed Policies and Inline -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, see Managed policies and inline +// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type ManagedPolicyDetail struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` @@ -26975,7 +29881,7 @@ type ManagedPolicyDetail struct { // The identifier for the version of the policy that is set as the default (operative) // version. // - // For more information about policy versions, see Versioning for Managed Policies + // For more information about policy versions, see Versioning for managed policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. DefaultVersionId *string `type:"string"` @@ -26988,21 +29894,21 @@ type ManagedPolicyDetail struct { // The path to the policy. // - // For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` // The number of entities (users and roles) for which the policy is used as // the permissions boundary. // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundaryUsageCount *int64 `type:"integer"` // The stable and unique string identifying the policy. // - // For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. PolicyId *string `min:"16" type:"string"` @@ -27110,8 +30016,7 @@ type OpenIDConnectProviderListEntry struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` } @@ -27187,16 +30092,22 @@ type PasswordPolicy struct { // reusing. PasswordReusePrevention *int64 `min:"1" type:"integer"` - // Specifies whether to require lowercase characters for IAM user passwords. + // Specifies whether IAM user passwords must contain at least one lowercase + // character (a to z). RequireLowercaseCharacters *bool `type:"boolean"` - // Specifies whether to require numbers for IAM user passwords. + // Specifies whether IAM user passwords must contain at least one numeric character + // (0 to 9). RequireNumbers *bool `type:"boolean"` - // Specifies whether to require symbols for IAM user passwords. + // Specifies whether IAM user passwords must contain at least one of the following + // symbols: + // + // ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ' RequireSymbols *bool `type:"boolean"` - // Specifies whether to require uppercase characters for IAM user passwords. + // Specifies whether IAM user passwords must contain at least one uppercase + // character (A to Z). RequireUppercaseCharacters *bool `type:"boolean"` } @@ -27307,16 +30218,15 @@ func (s *PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary(v bo // This data type is used as a response element in the CreatePolicy, GetPolicy, // and ListPolicies operations. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type Policy struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` @@ -27342,27 +30252,32 @@ type Policy struct { // The path to the policy. // - // For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` // The number of entities (users and roles) for which the policy is used to // set the permissions boundary. // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundaryUsageCount *int64 `type:"integer"` // The stable and unique string identifying the policy. // - // For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. PolicyId *string `min:"16" type:"string"` // The friendly name (not ARN) identifying the policy. PolicyName *string `min:"1" type:"string"` + // A list of tags that are attached to the instance profile. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), // when the policy was last updated. // @@ -27443,6 +30358,12 @@ func (s *Policy) SetPolicyName(v string) *Policy { return s } +// SetTags sets the Tags field's value. +func (s *Policy) SetTags(v []*Tag) *Policy { + s.Tags = v + return s +} + // SetUpdateDate sets the UpdateDate field's value. func (s *Policy) SetUpdateDate(v time.Time) *Policy { s.UpdateDate = &v @@ -27496,7 +30417,7 @@ type PolicyGrantingServiceAccess struct { // The name of the entity (user or role) to which the inline policy is attached. // // This field is null for managed policies. For more information about these - // policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) + // policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) // in the IAM User Guide. EntityName *string `min:"1" type:"string"` @@ -27504,14 +30425,13 @@ type PolicyGrantingServiceAccess struct { // to which the inline policy is attached. // // This field is null for managed policies. For more information about these - // policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) + // policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) // in the IAM User Guide. EntityType *string `type:"string" enum:"PolicyOwnerEntityType"` // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. PolicyArn *string `min:"20" type:"string"` @@ -27521,7 +30441,7 @@ type PolicyGrantingServiceAccess struct { PolicyName *string `min:"1" type:"string" required:"true"` // The policy type. For more information about these policy types, see Managed - // Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) + // policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) // in the IAM User Guide. // // PolicyType is a required field @@ -27573,14 +30493,14 @@ func (s *PolicyGrantingServiceAccess) SetPolicyType(v string) *PolicyGrantingSer // This data type is used as a response element in the ListEntitiesForPolicy // operation. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type PolicyGroup struct { _ struct{} `type:"structure"` // The stable and unique string identifying the group. For more information - // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) + // about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) // in the IAM User Guide. GroupId *string `min:"16" type:"string"` @@ -27615,14 +30535,14 @@ func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup { // This data type is used as a response element in the ListEntitiesForPolicy // operation. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type PolicyRole struct { _ struct{} `type:"structure"` // The stable and unique string identifying the role. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) // in the IAM User Guide. RoleId *string `min:"16" type:"string"` @@ -27657,14 +30577,14 @@ func (s *PolicyRole) SetRoleName(v string) *PolicyRole { // This data type is used as a response element in the ListEntitiesForPolicy // operation. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type PolicyUser struct { _ struct{} `type:"structure"` // The stable and unique string identifying the user. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) // in the IAM User Guide. UserId *string `min:"16" type:"string"` @@ -27700,8 +30620,8 @@ func (s *PolicyUser) SetUserName(v string) *PolicyUser { // GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails // operations. // -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) +// For more information about managed policies, refer to Managed policies and +// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) // in the IAM User Guide. type PolicyVersion struct { _ struct{} `type:"structure"` @@ -28306,8 +31226,7 @@ type RemoveClientIDFromOpenIDConnectProviderInput struct { // the client ID from. You can get a list of OIDC provider ARNs by using the // ListOpenIDConnectProviders operation. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // OpenIDConnectProviderArn is a required field @@ -28838,7 +31757,7 @@ type Role struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) specifying the role. For more information - // about ARNs and how to use them in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide guide. // // Arn is a required field @@ -28862,7 +31781,7 @@ type Role struct { // parameter. MaxSessionDuration *int64 `min:"3600" type:"integer"` - // The path to the role. For more information about paths, see IAM Identifiers + // The path to the role. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -28871,13 +31790,13 @@ type Role struct { // The ARN of the policy used to set the permissions boundary for the role. // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"` // The stable and unique string identifying the role. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // RoleId is a required field @@ -28888,7 +31807,7 @@ type Role struct { // Activity is only reported for the trailing 400 days. This period can be shorter // if your Region began supporting these features within the last year. The // role might have been used more than 400 days ago. For more information, see - // Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) // in the IAM User Guide. RoleLastUsed *RoleLastUsed `type:"structure"` @@ -28897,8 +31816,8 @@ type Role struct { // RoleName is a required field RoleName *string `min:"1" type:"string" required:"true"` - // A list of tags that are attached to the specified role. For more information - // about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that are attached to the role. For more information about + // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. Tags []*Tag `type:"list"` } @@ -28988,8 +31907,7 @@ type RoleDetail struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` @@ -29007,20 +31925,20 @@ type RoleDetail struct { // A list of instance profiles that contain this role. InstanceProfileList []*InstanceProfile `type:"list"` - // The path to the role. For more information about paths, see IAM Identifiers + // The path to the role. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` // The ARN of the policy used to set the permissions boundary for the role. // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"` // The stable and unique string identifying the role. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. RoleId *string `min:"16" type:"string"` @@ -29029,7 +31947,7 @@ type RoleDetail struct { // Activity is only reported for the trailing 400 days. This period can be shorter // if your Region began supporting these features within the last year. The // role might have been used more than 400 days ago. For more information, see - // Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) // in the IAM User Guide. RoleLastUsed *RoleLastUsed `type:"structure"` @@ -29040,8 +31958,8 @@ type RoleDetail struct { // access (permissions) policies. RolePolicyList []*PolicyDetail `type:"list"` - // A list of tags that are attached to the specified role. For more information - // about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that are attached to the role. For more information about + // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. Tags []*Tag `type:"list"` } @@ -29133,7 +32051,7 @@ func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail { // Activity is only reported for the trailing 400 days. This period can be shorter // if your Region began supporting these features within the last year. The // role might have been used more than 400 days ago. For more information, see -// Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) +// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) // in the IAM User Guide. // // This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails @@ -29145,8 +32063,8 @@ type RoleLastUsed struct { // that the role was last used. // // This field is null if the role has not been used within the IAM tracking - // period. For more information about the tracking period, see Regions Where - // Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // period. For more information about the tracking period, see Regions where + // data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) // in the IAM User Guide. LastUsedDate *time.Time `type:"timestamp"` @@ -29424,6 +32342,11 @@ type ServerCertificate struct { // // ServerCertificateMetadata is a required field ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"` + + // A list of tags that are attached to the server certificate. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -29454,6 +32377,12 @@ func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMet return s } +// SetTags sets the Tags field's value. +func (s *ServerCertificate) SetTags(v []*Tag) *ServerCertificate { + s.Tags = v + return s +} + // Contains information about a server certificate without its certificate body, // certificate chain, and private key. // @@ -29463,7 +32392,7 @@ type ServerCertificateMetadata struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) specifying the server certificate. For more - // information about ARNs and how to use them in policies, see IAM Identifiers + // information about ARNs and how to use them in policies, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // @@ -29474,14 +32403,14 @@ type ServerCertificateMetadata struct { Expiration *time.Time `type:"timestamp"` // The path to the server certificate. For more information about paths, see - // IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` // The stable and unique string identifying the server certificate. For more - // information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // ServerCertificateId is a required field @@ -29578,12 +32507,12 @@ type ServiceLastAccessed struct { // The namespace of the service in which access was attempted. // - // To learn the service namespace of a service, go to Actions, Resources, and - // Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) - // in the IAM User Guide. Choose the name of the service to view details for - // that service. In the first paragraph, find the service prefix. For example, - // (service prefix: a4b). For more information about service namespaces, see - // AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) + // To learn the service namespace of a service, see Actions, resources, and + // condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) + // in the Service Authorization Reference. Choose the name of the service to + // view details for that service. In the first paragraph, find the service prefix. + // For example, (service prefix: a4b). For more information about service namespaces, + // see AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces) // in the AWS General Reference. // // ServiceNamespace is a required field @@ -29845,8 +32774,7 @@ type SetDefaultPolicyVersionInput struct { // The Amazon Resource Name (ARN) of the IAM policy whose default version you // want to set. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicyArn is a required field @@ -29854,8 +32782,8 @@ type SetDefaultPolicyVersionInput struct { // The version of the policy to set as the default (operative) version. // - // For more information about managed policy versions, see Versioning for Managed - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) + // For more information about managed policy versions, see Versioning for managed + // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) // in the IAM User Guide. // // VersionId is a required field @@ -29926,7 +32854,7 @@ type SetSecurityTokenServicePreferencesInput struct { // are valid in all Regions. However, version 2 tokens are longer and might // affect systems where you temporarily store tokens. // - // For information, see Activating and Deactivating STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // For information, see Activating and deactivating STS in an AWS region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // GlobalEndpointTokenVersion is a required field @@ -30093,8 +33021,8 @@ type SimulateCustomPolicyInput struct { // The IAM permissions boundary policy to simulate. The permissions boundary // sets the maximum permissions that an IAM entity can have. You can input only // one permissions boundary when you pass a policy to this operation. For more - // information about permissions boundaries, see Permissions Boundaries for - // IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // information about permissions boundaries, see Permissions boundaries for + // IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. The policy input is specified as a string that contains // the complete, valid JSON text of a permissions boundary policy. // @@ -30140,7 +33068,8 @@ type SimulateCustomPolicyInput struct { // is not provided, then the value defaults to * (all resources). Each API in // the ActionNames parameter is evaluated for each resource in this list. The // simulation determines the access result (allowed or denied) of each combination - // and reports it in the response. + // and reports it in the response. You can simulate resources that don't exist + // in your account. // // The simulation does not automatically retrieve policies for the specified // resources. If you want to include a resource policy in the simulation, then @@ -30149,8 +33078,7 @@ type SimulateCustomPolicyInput struct { // If you include a ResourcePolicy, then it must be applicable to all of the // resources included in the simulation or you receive an invalid input error. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. ResourceArns []*string `type:"list"` @@ -30167,7 +33095,7 @@ type SimulateCustomPolicyInput struct { // must specify that volume as a resource. If the EC2 scenario includes VPC, // then you must supply the network-interface resource. If it includes an IP // subnet, then you must specify the subnet resource. For more information on - // the EC2 scenario options, see Supported Platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) + // the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) // in the Amazon EC2 User Guide. // // * EC2-Classic-InstanceStore instance, image, security-group @@ -30412,8 +33340,7 @@ type SimulatePrincipalPolicyInput struct { // is not the ARN for an IAM user. This is required so that the resource-based // policy's Principal element has a value to use in evaluating the policy. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. CallerArn *string `min:"1" type:"string"` @@ -30446,7 +33373,7 @@ type SimulatePrincipalPolicyInput struct { // if a permissions boundary is attached to an entity and you pass in a different // permissions boundary policy using this parameter, then the new permissions // boundary policy is used for the simulation. For more information about permissions - // boundaries, see Permissions Boundaries for IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // boundaries, see Permissions boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. The policy input is specified as a string containing // the complete, valid JSON text of a permissions boundary policy. // @@ -30486,8 +33413,7 @@ type SimulatePrincipalPolicyInput struct { // If you specify a user, the simulation also includes all policies that are // attached to any groups the user belongs to. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // PolicySourceArn is a required field @@ -30497,14 +33423,14 @@ type SimulatePrincipalPolicyInput struct { // is not provided, then the value defaults to * (all resources). Each API in // the ActionNames parameter is evaluated for each resource in this list. The // simulation determines the access result (allowed or denied) of each combination - // and reports it in the response. + // and reports it in the response. You can simulate resources that don't exist + // in your account. // // The simulation does not automatically retrieve policies for the specified // resources. If you want to include a resource policy in the simulation, then // you must include the policy as a string in the ResourcePolicy parameter. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. ResourceArns []*string `type:"list"` @@ -30521,7 +33447,7 @@ type SimulatePrincipalPolicyInput struct { // must specify that volume as a resource. If the EC2 scenario includes VPC, // then you must supply the network interface resource. If it includes an IP // subnet, then you must specify the subnet resource. For more information on - // the EC2 scenario options, see Supported Platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) + // the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) // in the Amazon EC2 User Guide. // // * EC2-Classic-InstanceStore instance, image, security group @@ -30753,8 +33679,8 @@ func (s *Statement) SetStartPosition(v *Position) *Statement { } // A structure that represents user-provided metadata that can be associated -// with a resource such as an IAM user or role. For more information about tagging, -// see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) +// with an IAM resource. For more information about tagging, see Tagging IAM +// resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. type Tag struct { _ struct{} `type:"structure"` @@ -30820,10 +33746,347 @@ func (s *Tag) SetValue(v string) *Tag { return s } +type TagInstanceProfileInput struct { + _ struct{} `type:"structure"` + + // The name of the IAM instance profile to which you want to add tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // InstanceProfileName is a required field + InstanceProfileName *string `min:"1" type:"string" required:"true"` + + // The list of tags that you want to attach to the IAM instance profile. Each + // tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagInstanceProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagInstanceProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagInstanceProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagInstanceProfileInput"} + if s.InstanceProfileName == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceProfileName")) + } + if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInstanceProfileName sets the InstanceProfileName field's value. +func (s *TagInstanceProfileInput) SetInstanceProfileName(v string) *TagInstanceProfileInput { + s.InstanceProfileName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagInstanceProfileInput) SetTags(v []*Tag) *TagInstanceProfileInput { + s.Tags = v + return s +} + +type TagInstanceProfileOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagInstanceProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagInstanceProfileOutput) GoString() string { + return s.String() +} + +type TagMFADeviceInput struct { + _ struct{} `type:"structure"` + + // The unique identifier for the IAM virtual MFA device to which you want to + // add tags. For virtual MFA devices, the serial number is the same as the ARN. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SerialNumber is a required field + SerialNumber *string `min:"9" type:"string" required:"true"` + + // The list of tags that you want to attach to the IAM virtual MFA device. Each + // tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagMFADeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagMFADeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagMFADeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagMFADeviceInput"} + if s.SerialNumber == nil { + invalidParams.Add(request.NewErrParamRequired("SerialNumber")) + } + if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { + invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *TagMFADeviceInput) SetSerialNumber(v string) *TagMFADeviceInput { + s.SerialNumber = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagMFADeviceInput) SetTags(v []*Tag) *TagMFADeviceInput { + s.Tags = v + return s +} + +type TagMFADeviceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagMFADeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagMFADeviceOutput) GoString() string { + return s.String() +} + +type TagOpenIDConnectProviderInput struct { + _ struct{} `type:"structure"` + + // The ARN of the OIDC identity provider in IAM to which you want to add tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // OpenIDConnectProviderArn is a required field + OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` + + // The list of tags that you want to attach to the OIDC identity provider in + // IAM. Each tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagOpenIDConnectProviderInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagOpenIDConnectProviderInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagOpenIDConnectProviderInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagOpenIDConnectProviderInput"} + if s.OpenIDConnectProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn")) + } + if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value. +func (s *TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *TagOpenIDConnectProviderInput { + s.OpenIDConnectProviderArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagOpenIDConnectProviderInput) SetTags(v []*Tag) *TagOpenIDConnectProviderInput { + s.Tags = v + return s +} + +type TagOpenIDConnectProviderOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagOpenIDConnectProviderOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagOpenIDConnectProviderOutput) GoString() string { + return s.String() +} + +type TagPolicyInput struct { + _ struct{} `type:"structure"` + + // The ARN of the IAM customer managed policy to which you want to add tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // PolicyArn is a required field + PolicyArn *string `min:"20" type:"string" required:"true"` + + // The list of tags that you want to attach to the IAM customer managed policy. + // Each tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagPolicyInput"} + if s.PolicyArn == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyArn")) + } + if s.PolicyArn != nil && len(*s.PolicyArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyArn sets the PolicyArn field's value. +func (s *TagPolicyInput) SetPolicyArn(v string) *TagPolicyInput { + s.PolicyArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagPolicyInput) SetTags(v []*Tag) *TagPolicyInput { + s.Tags = v + return s +} + +type TagPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagPolicyOutput) GoString() string { + return s.String() +} + type TagRoleInput struct { _ struct{} `type:"structure"` - // The name of the role that you want to add tags to. + // The name of the IAM role to which you want to add tags. // // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) // a string of characters that consist of upper and lowercase alphanumeric characters @@ -30832,8 +34095,8 @@ type TagRoleInput struct { // RoleName is a required field RoleName *string `min:"1" type:"string" required:"true"` - // The list of tags that you want to attach to the role. Each tag consists of - // a key name and an associated value. You can specify this with a JSON string. + // The list of tags that you want to attach to the IAM role. Each tag consists + // of a key name and an associated value. // // Tags is a required field Tags []*Tag `type:"list" required:"true"` @@ -30904,16 +34167,184 @@ func (s TagRoleOutput) GoString() string { return s.String() } +type TagSAMLProviderInput struct { + _ struct{} `type:"structure"` + + // The ARN of the SAML identity provider in IAM to which you want to add tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SAMLProviderArn is a required field + SAMLProviderArn *string `min:"20" type:"string" required:"true"` + + // The list of tags that you want to attach to the SAML identity provider in + // IAM. Each tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagSAMLProviderInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagSAMLProviderInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagSAMLProviderInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagSAMLProviderInput"} + if s.SAMLProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn")) + } + if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSAMLProviderArn sets the SAMLProviderArn field's value. +func (s *TagSAMLProviderInput) SetSAMLProviderArn(v string) *TagSAMLProviderInput { + s.SAMLProviderArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagSAMLProviderInput) SetTags(v []*Tag) *TagSAMLProviderInput { + s.Tags = v + return s +} + +type TagSAMLProviderOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagSAMLProviderOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagSAMLProviderOutput) GoString() string { + return s.String() +} + +type TagServerCertificateInput struct { + _ struct{} `type:"structure"` + + // The name of the IAM server certificate to which you want to add tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // ServerCertificateName is a required field + ServerCertificateName *string `min:"1" type:"string" required:"true"` + + // The list of tags that you want to attach to the IAM server certificate. Each + // tag consists of a key name and an associated value. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagServerCertificateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagServerCertificateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagServerCertificateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagServerCertificateInput"} + if s.ServerCertificateName == nil { + invalidParams.Add(request.NewErrParamRequired("ServerCertificateName")) + } + if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetServerCertificateName sets the ServerCertificateName field's value. +func (s *TagServerCertificateInput) SetServerCertificateName(v string) *TagServerCertificateInput { + s.ServerCertificateName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagServerCertificateInput) SetTags(v []*Tag) *TagServerCertificateInput { + s.Tags = v + return s +} + +type TagServerCertificateOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagServerCertificateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagServerCertificateOutput) GoString() string { + return s.String() +} + type TagUserInput struct { _ struct{} `type:"structure"` - // The list of tags that you want to attach to the user. Each tag consists of - // a key name and an associated value. + // The list of tags that you want to attach to the IAM user. Each tag consists + // of a key name and an associated value. // // Tags is a required field Tags []*Tag `type:"list" required:"true"` - // The name of the user that you want to add tags to. + // The name of the IAM user to which you want to add tags. // // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) // a string of characters that consist of upper and lowercase alphanumeric characters @@ -31002,8 +34433,7 @@ type TrackedActionLastAccessed struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. LastAccessedEntity *string `min:"20" type:"string"` @@ -31057,6 +34487,305 @@ func (s *TrackedActionLastAccessed) SetLastAccessedTime(v time.Time) *TrackedAct return s } +type UntagInstanceProfileInput struct { + _ struct{} `type:"structure"` + + // The name of the IAM instance profile from which you want to remove tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // InstanceProfileName is a required field + InstanceProfileName *string `min:"1" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified instance profile. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagInstanceProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagInstanceProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagInstanceProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagInstanceProfileInput"} + if s.InstanceProfileName == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceProfileName")) + } + if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInstanceProfileName sets the InstanceProfileName field's value. +func (s *UntagInstanceProfileInput) SetInstanceProfileName(v string) *UntagInstanceProfileInput { + s.InstanceProfileName = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagInstanceProfileInput) SetTagKeys(v []*string) *UntagInstanceProfileInput { + s.TagKeys = v + return s +} + +type UntagInstanceProfileOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagInstanceProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagInstanceProfileOutput) GoString() string { + return s.String() +} + +type UntagMFADeviceInput struct { + _ struct{} `type:"structure"` + + // The unique identifier for the IAM virtual MFA device from which you want + // to remove tags. For virtual MFA devices, the serial number is the same as + // the ARN. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SerialNumber is a required field + SerialNumber *string `min:"9" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified instance profile. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagMFADeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagMFADeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagMFADeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagMFADeviceInput"} + if s.SerialNumber == nil { + invalidParams.Add(request.NewErrParamRequired("SerialNumber")) + } + if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { + invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *UntagMFADeviceInput) SetSerialNumber(v string) *UntagMFADeviceInput { + s.SerialNumber = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagMFADeviceInput) SetTagKeys(v []*string) *UntagMFADeviceInput { + s.TagKeys = v + return s +} + +type UntagMFADeviceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagMFADeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagMFADeviceOutput) GoString() string { + return s.String() +} + +type UntagOpenIDConnectProviderInput struct { + _ struct{} `type:"structure"` + + // The ARN of the OIDC provider in IAM from which you want to remove tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // OpenIDConnectProviderArn is a required field + OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified OIDC provider. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagOpenIDConnectProviderInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagOpenIDConnectProviderInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagOpenIDConnectProviderInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagOpenIDConnectProviderInput"} + if s.OpenIDConnectProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn")) + } + if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value. +func (s *UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *UntagOpenIDConnectProviderInput { + s.OpenIDConnectProviderArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagOpenIDConnectProviderInput) SetTagKeys(v []*string) *UntagOpenIDConnectProviderInput { + s.TagKeys = v + return s +} + +type UntagOpenIDConnectProviderOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagOpenIDConnectProviderOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagOpenIDConnectProviderOutput) GoString() string { + return s.String() +} + +type UntagPolicyInput struct { + _ struct{} `type:"structure"` + + // The ARN of the IAM customer managed policy from which you want to remove + // tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // PolicyArn is a required field + PolicyArn *string `min:"20" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified policy. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagPolicyInput"} + if s.PolicyArn == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyArn")) + } + if s.PolicyArn != nil && len(*s.PolicyArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyArn sets the PolicyArn field's value. +func (s *UntagPolicyInput) SetPolicyArn(v string) *UntagPolicyInput { + s.PolicyArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagPolicyInput) SetTagKeys(v []*string) *UntagPolicyInput { + s.TagKeys = v + return s +} + +type UntagPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagPolicyOutput) GoString() string { + return s.String() +} + type UntagRoleInput struct { _ struct{} `type:"structure"` @@ -31131,6 +34860,155 @@ func (s UntagRoleOutput) GoString() string { return s.String() } +type UntagSAMLProviderInput struct { + _ struct{} `type:"structure"` + + // The ARN of the SAML identity provider in IAM from which you want to remove + // tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // SAMLProviderArn is a required field + SAMLProviderArn *string `min:"20" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified SAML identity provider. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagSAMLProviderInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagSAMLProviderInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagSAMLProviderInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagSAMLProviderInput"} + if s.SAMLProviderArn == nil { + invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn")) + } + if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSAMLProviderArn sets the SAMLProviderArn field's value. +func (s *UntagSAMLProviderInput) SetSAMLProviderArn(v string) *UntagSAMLProviderInput { + s.SAMLProviderArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagSAMLProviderInput) SetTagKeys(v []*string) *UntagSAMLProviderInput { + s.TagKeys = v + return s +} + +type UntagSAMLProviderOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagSAMLProviderOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagSAMLProviderOutput) GoString() string { + return s.String() +} + +type UntagServerCertificateInput struct { + _ struct{} `type:"structure"` + + // The name of the IAM server certificate from which you want to remove tags. + // + // This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex)) + // a string of characters that consist of upper and lowercase alphanumeric characters + // with no spaces. You can also include any of the following characters: =,.@- + // + // ServerCertificateName is a required field + ServerCertificateName *string `min:"1" type:"string" required:"true"` + + // A list of key names as a simple array of strings. The tags with matching + // keys are removed from the specified IAM server certificate. + // + // TagKeys is a required field + TagKeys []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagServerCertificateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagServerCertificateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagServerCertificateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagServerCertificateInput"} + if s.ServerCertificateName == nil { + invalidParams.Add(request.NewErrParamRequired("ServerCertificateName")) + } + if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetServerCertificateName sets the ServerCertificateName field's value. +func (s *UntagServerCertificateInput) SetServerCertificateName(v string) *UntagServerCertificateInput { + s.ServerCertificateName = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagServerCertificateInput) SetTagKeys(v []*string) *UntagServerCertificateInput { + s.TagKeys = v + return s +} + +type UntagServerCertificateOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagServerCertificateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagServerCertificateOutput) GoString() string { + return s.String() +} + type UntagUserInput struct { _ struct{} `type:"structure"` @@ -31218,8 +35096,8 @@ type UpdateAccessKeyInput struct { AccessKeyId *string `min:"16" type:"string" required:"true"` // The status you want to assign to the secret access key. Active means that - // the key can be used for API calls to AWS, while Inactive means that the key - // cannot be used. + // the key can be used for programmatic calls to AWS, while Inactive means that + // the key cannot be used. // // Status is a required field Status *string `type:"string" required:"true" enum:"StatusType"` @@ -31300,8 +35178,8 @@ type UpdateAccountPasswordPolicyInput struct { _ struct{} `type:"structure"` // Allows all IAM users in your account to use the AWS Management Console to - // change their own passwords. For more information, see Letting IAM Users Change - // Their Own Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html) + // change their own passwords. For more information, see Letting IAM users change + // their own passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html) // in the IAM User Guide. // // If you do not specify a value for this parameter, then the operation uses @@ -31761,8 +35639,7 @@ type UpdateOpenIDConnectProviderThumbprintInput struct { // which you want to update the thumbprint. You can get a list of OIDC provider // ARNs by using the ListOpenIDConnectProviders operation. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // OpenIDConnectProviderArn is a required field @@ -31925,7 +35802,7 @@ type UpdateRoleInput struct { // for the DurationSeconds parameter, their security credentials are valid for // one hour by default. This applies when you use the AssumeRole* API operations // or the assume-role* CLI operations but does not apply when you use those - // operations to create a console URL. For more information, see Using IAM Roles + // operations to create a console URL. For more information, see Using IAM roles // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the // IAM User Guide. MaxSessionDuration *int64 `min:"3600" type:"integer"` @@ -32011,8 +35888,7 @@ type UpdateSAMLProviderInput struct { // The Amazon Resource Name (ARN) of the SAML provider to update. // - // For more information about ARNs, see Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // SAMLProviderArn is a required field @@ -32384,8 +36260,8 @@ type UpdateSigningCertificateInput struct { CertificateId *string `min:"24" type:"string" required:"true"` // The status you want to assign to the certificate. Active means that the certificate - // can be used for API calls to AWS Inactive means that the certificate cannot - // be used. + // can be used for programmatic calls to AWS Inactive means that the certificate + // cannot be used. // // Status is a required field Status *string `type:"string" required:"true" enum:"StatusType"` @@ -32697,7 +36573,7 @@ type UploadServerCertificateInput struct { CertificateChain *string `min:"1" type:"string"` // The path for the server certificate. For more information about paths, see - // IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // This parameter is optional. If it is not included, it defaults to a slash @@ -32740,6 +36616,15 @@ type UploadServerCertificateInput struct { // // ServerCertificateName is a required field ServerCertificateName *string `min:"1" type:"string" required:"true"` + + // A list of tags that you want to attach to the new IAM server certificate + // resource. Each tag consists of a key name and an associated value. For more + // information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + // + // If any one of the tags is invalid or if you exceed the allowed maximum number + // of tags, then the entire request fails and the resource is not created. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -32779,6 +36664,16 @@ func (s *UploadServerCertificateInput) Validate() error { if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 { invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1)) } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -32816,6 +36711,12 @@ func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *Uploa return s } +// SetTags sets the Tags field's value. +func (s *UploadServerCertificateInput) SetTags(v []*Tag) *UploadServerCertificateInput { + s.Tags = v + return s +} + // Contains the response to a successful UploadServerCertificate request. type UploadServerCertificateOutput struct { _ struct{} `type:"structure"` @@ -32823,6 +36724,12 @@ type UploadServerCertificateOutput struct { // The meta information of the uploaded server certificate without its certificate // body, certificate chain, and private key. ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"` + + // A list of tags that are attached to the new IAM server certificate. The returned + // list of tags is sorted by tag key. For more information about tagging, see + // Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -32841,6 +36748,12 @@ func (s *UploadServerCertificateOutput) SetServerCertificateMetadata(v *ServerCe return s } +// SetTags sets the Tags field's value. +func (s *UploadServerCertificateOutput) SetTags(v []*Tag) *UploadServerCertificateOutput { + s.Tags = v + return s +} + type UploadSigningCertificateInput struct { _ struct{} `type:"structure"` @@ -32964,7 +36877,7 @@ type User struct { // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), // when the user's password was last used to sign in to an AWS website. For // a list of AWS websites that capture a user's last sign-in time, see the Credential - // Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) + // reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) // topic in the IAM User Guide. If a password is used more than once in a five-minute // span, only the first use is returned in this field. If the field is null // (no value), then it indicates that they never signed in with a password. @@ -32982,27 +36895,27 @@ type User struct { // This value is returned only in the GetUser and ListUsers operations. PasswordLastUsed *time.Time `type:"timestamp"` - // The path to the user. For more information about paths, see IAM Identifiers + // The path to the user. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // + // The ARN of the policy used to set the permissions boundary for the user. + // // Path is a required field Path *string `min:"1" type:"string" required:"true"` - // The ARN of the policy used to set the permissions boundary for the user. - // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"` - // A list of tags that are associated with the specified user. For more information - // about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that are associated with the user. For more information about + // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. Tags []*Tag `type:"list"` // The stable and unique string identifying the user. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. // // UserId is a required field @@ -33082,8 +36995,7 @@ type UserDetail struct { // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS - // Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `min:"20" type:"string"` @@ -33097,25 +37009,25 @@ type UserDetail struct { // A list of IAM groups that the user is in. GroupList []*string `type:"list"` - // The path to the user. For more information about paths, see IAM Identifiers + // The path to the user. For more information about paths, see IAM identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. Path *string `min:"1" type:"string"` // The ARN of the policy used to set the permissions boundary for the user. // - // For more information about permissions boundaries, see Permissions Boundaries - // for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) + // For more information about permissions boundaries, see Permissions boundaries + // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"` - // A list of tags that are associated with the specified user. For more information - // about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // A list of tags that are associated with the user. For more information about + // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) // in the IAM User Guide. Tags []*Tag `type:"list"` // The stable and unique string identifying the user. For more information about - // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) + // IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) // in the IAM User Guide. UserId *string `min:"16" type:"string"` @@ -33222,6 +37134,11 @@ type VirtualMFADevice struct { // SerialNumber is a required field SerialNumber *string `min:"9" type:"string" required:"true"` + // A list of tags that are attached to the virtual MFA device. For more information + // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // The IAM user associated with this virtual MFA device. User *User `type:"structure"` } @@ -33260,6 +37177,12 @@ func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice { return s } +// SetTags sets the Tags field's value. +func (s *VirtualMFADevice) SetTags(v []*Tag) *VirtualMFADevice { + s.Tags = v + return s +} + // SetUser sets the User field's value. func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice { s.User = v @@ -33589,8 +37512,8 @@ func PolicyType_Values() []string { // The policy usage type that indicates whether the policy is used as a permissions // policy or as the permissions boundary for an entity. // -// For more information about permissions boundaries, see Permissions Boundaries -// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) +// For more information about permissions boundaries, see Permissions boundaries +// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // in the IAM User Guide. const ( // PolicyUsageTypePermissionsPolicy is a PolicyUsageType enum value diff --git a/vendor/github.com/aws/aws-sdk-go/service/iam/errors.go b/vendor/github.com/aws/aws-sdk-go/service/iam/errors.go index 74afac25e..3a4ff5f05 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/iam/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/iam/errors.go @@ -17,7 +17,7 @@ const ( // // The request was rejected because the most recent credential report has expired. // To generate a new credential report, use GenerateCredentialReport. For more - // information about credential report expiration, see Getting Credential Reports + // information about credential report expiration, see Getting credential reports // (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) // in the IAM User Guide. ErrCodeCredentialReportExpiredException = "ReportExpired" @@ -117,8 +117,7 @@ const ( // "LimitExceeded". // // The request was rejected because it attempted to create resources beyond - // the current AWS account limitations. The error message describes the limit - // exceeded. + // the current AWS account limits. The error message describes the limit exceeded. ErrCodeLimitExceededException = "LimitExceeded" // ErrCodeMalformedCertificateException for service response error code diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go index 66700cce1..89a0a29af 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/s3/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/s3/api.go @@ -19563,7 +19563,7 @@ type GetObjectInput struct { ResponseContentType *string `location:"querystring" locationName:"response-content-type" type:"string"` // Sets the Expires header of the response. - ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp"` + ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp" timestampFormat:"rfc822"` // Specifies the algorithm to use to when encrypting the object (for example, // AES256). diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go index 403aebb68..6346b9279 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go +++ b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go @@ -98,7 +98,7 @@ func endpointHandler(req *request.Request) { Request: req, } - if resReq.IsCrossPartition() { + if len(resReq.Request.ClientInfo.PartitionID) != 0 && resReq.IsCrossPartition() { req.Error = s3shared.NewClientPartitionMismatchError(resource, req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) return @@ -110,11 +110,6 @@ func endpointHandler(req *request.Request) { return } - if resReq.HasCustomEndpoint() { - req.Error = s3shared.NewInvalidARNWithCustomEndpointError(resource, nil) - return - } - switch tv := resource.(type) { case arn.AccessPointARN: err = updateRequestAccessPointEndpoint(req, tv) @@ -155,8 +150,7 @@ func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.Acce req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) } - // Ignore the disable host prefix for access points since custom endpoints - // are not supported. + // Ignore the disable host prefix for access points req.Config.DisableEndpointHostPrefix = aws.Bool(false) if err := accessPointEndpointBuilder(accessPoint).build(req); err != nil { @@ -181,8 +175,7 @@ func updateRequestOutpostAccessPointEndpoint(req *request.Request, accessPoint a req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) } - // Ignore the disable host prefix for access points since custom endpoints - // are not supported. + // Ignore the disable host prefix for access points req.Config.DisableEndpointHostPrefix = aws.Bool(false) if err := outpostAccessPointEndpointBuilder(accessPoint).build(req); err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go index c1c77da9a..eb77d981e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go +++ b/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go @@ -22,6 +22,11 @@ const ( outpostAccessPointPrefixTemplate = accessPointPrefixTemplate + "{" + outpostPrefixLabel + "}." ) +// hasCustomEndpoint returns true if endpoint is a custom endpoint +func hasCustomEndpoint(r *request.Request) bool { + return len(aws.StringValue(r.Config.Endpoint)) > 0 +} + // accessPointEndpointBuilder represents the endpoint builder for access point arn type accessPointEndpointBuilder arn.AccessPointARN @@ -55,16 +60,19 @@ func (a accessPointEndpointBuilder) build(req *request.Request) error { req.ClientInfo.PartitionID, cfgRegion, err) } - if err = updateRequestEndpoint(req, endpoint.URL); err != nil { - return err - } + endpoint.URL = endpoints.AddScheme(endpoint.URL, aws.BoolValue(req.Config.DisableSSL)) - const serviceEndpointLabel = "s3-accesspoint" + if !hasCustomEndpoint(req) { + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + return err + } + const serviceEndpointLabel = "s3-accesspoint" - // dual stack provided by endpoint resolver - cfgHost := req.HTTPRequest.URL.Host - if strings.HasPrefix(cfgHost, "s3") { - req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:] + // dual stack provided by endpoint resolver + cfgHost := req.HTTPRequest.URL.Host + if strings.HasPrefix(cfgHost, "s3") { + req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:] + } } protocol.HostPrefixBuilder{ @@ -116,14 +124,17 @@ func (o outpostAccessPointEndpointBuilder) build(req *request.Request) error { req.ClientInfo.PartitionID, resolveRegion, err) } - if err = updateRequestEndpoint(req, endpoint.URL); err != nil { - return err - } + endpoint.URL = endpoints.AddScheme(endpoint.URL, aws.BoolValue(req.Config.DisableSSL)) - // add url host as s3-outposts - cfgHost := req.HTTPRequest.URL.Host - if strings.HasPrefix(cfgHost, endpointsID) { - req.HTTPRequest.URL.Host = resolveService + cfgHost[len(endpointsID):] + if !hasCustomEndpoint(req) { + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + return err + } + // add url host as s3-outposts + cfgHost := req.HTTPRequest.URL.Host + if strings.HasPrefix(cfgHost, endpointsID) { + req.HTTPRequest.URL.Host = resolveService + cfgHost[len(endpointsID):] + } } protocol.HostPrefixBuilder{ @@ -159,7 +170,6 @@ func resolveRegionalEndpoint(r *request.Request, region string, endpointsID stri } func updateRequestEndpoint(r *request.Request, endpoint string) (err error) { - endpoint = endpoints.AddScheme(endpoint, aws.BoolValue(r.Config.DisableSSL)) r.HTTPRequest.URL, err = url.Parse(endpoint + r.Operation.HTTPPath) if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go index 8770d4041..7dba8347b 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go +++ b/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go @@ -109,6 +109,9 @@ type UploadOutput struct { // The ID for a multipart upload to S3. In the case of an error the error // can be cast to the MultiUploadFailure interface to extract the upload ID. UploadID string + + // Entity tag of the object. + ETag *string } // WithUploaderRequestOptions appends to the Uploader's API request options. @@ -527,6 +530,7 @@ func (u *uploader) singlePart(r io.ReadSeeker, cleanup func()) (*UploadOutput, e return &UploadOutput{ Location: url, VersionID: out.VersionId, + ETag: out.ETag, }, nil } @@ -632,6 +636,7 @@ func (u *multiuploader) upload(firstBuf io.ReadSeeker, cleanup func()) (*UploadO Location: uploadLocation, VersionID: complete.VersionId, UploadID: u.uploadID, + ETag: complete.ETag, }, nil } diff --git a/vendor/github.com/aws/aws-sdk-go/service/s3/service.go b/vendor/github.com/aws/aws-sdk-go/service/s3/service.go index b4c07b4d4..1b78b5d45 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/s3/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/s3/service.go @@ -48,6 +48,9 @@ const ( // svc := s3.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *S3 { c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "s3" + } return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index 1318b44d3..537ba3dc4 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -1007,9 +1007,9 @@ func (c *SSM) CreateOpsMetadataRequest(input *CreateOpsMetadataInput) (req *requ // CreateOpsMetadata API operation for Amazon Simple Systems Manager (SSM). // -// If you create a new application in AppManager, Systems Manager calls this -// API action to specify information about the new application, including the -// application type. +// If you create a new application in Application Manager, Systems Manager calls +// this API action to specify information about the new application, including +// the application type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1031,8 +1031,8 @@ func (c *SSM) CreateOpsMetadataRequest(input *CreateOpsMetadataInput) (req *requ // // * OpsMetadataLimitExceededException // Your account reached the maximum number of OpsMetadata objects allowed by -// AppManager. The maximum is 200 OpsMetadata objects. Delete one or more OpsMetadata -// object and try again. +// Application Manager. The maximum is 200 OpsMetadata objects. Delete one or +// more OpsMetadata object and try again. // // * InternalServerError // An error occurred on the server side. @@ -3635,10 +3635,17 @@ func (c *SSM) DescribeDocumentPermissionRequest(input *DescribeDocumentPermissio // * InvalidDocument // The specified document does not exist. // +// * InvalidNextToken +// The specified token is not valid. +// // * InvalidPermissionType // The permission type is not supported. Share is the only supported permission // type. // +// * InvalidDocumentOperation +// You attempted to delete a document while it is still shared. You must stop +// sharing the document before you can delete it. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeDocumentPermission func (c *SSM) DescribeDocumentPermission(input *DescribeDocumentPermissionInput) (*DescribeDocumentPermissionOutput, error) { req, out := c.DescribeDocumentPermissionRequest(input) @@ -5647,6 +5654,11 @@ func (c *SSM) DescribeMaintenanceWindowTasksRequest(input *DescribeMaintenanceWi // // Lists the tasks in a maintenance window. // +// For maintenance window tasks without a specified target, you cannot supply +// values for --max-errors and --max-concurrency. Instead, the system inserts +// a placeholder value of 1, which may be reported in the response to this command. +// These values do not affect the running of your task and can be ignored. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -8326,6 +8338,11 @@ func (c *SSM) GetMaintenanceWindowTaskRequest(input *GetMaintenanceWindowTaskInp // // Lists the tasks in a maintenance window. // +// For maintenance window tasks without a specified target, you cannot supply +// values for --max-errors and --max-concurrency. Instead, the system inserts +// a placeholder value of 1, which may be reported in the response to this command. +// These values do not affect the running of your task and can be ignored. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -8502,7 +8519,7 @@ func (c *SSM) GetOpsMetadataRequest(input *GetOpsMetadataInput) (req *request.Re // GetOpsMetadata API operation for Amazon Simple Systems Manager (SSM). // -// View operational metadata related to an application in AppManager. +// View operational metadata related to an application in Application Manager. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10470,6 +10487,94 @@ func (c *SSM) ListComplianceSummariesPagesWithContext(ctx aws.Context, input *Li return p.Err() } +const opListDocumentMetadataHistory = "ListDocumentMetadataHistory" + +// ListDocumentMetadataHistoryRequest generates a "aws/request.Request" representing the +// client's request for the ListDocumentMetadataHistory operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListDocumentMetadataHistory for more information on using the ListDocumentMetadataHistory +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListDocumentMetadataHistoryRequest method. +// req, resp := client.ListDocumentMetadataHistoryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/ListDocumentMetadataHistory +func (c *SSM) ListDocumentMetadataHistoryRequest(input *ListDocumentMetadataHistoryInput) (req *request.Request, output *ListDocumentMetadataHistoryOutput) { + op := &request.Operation{ + Name: opListDocumentMetadataHistory, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ListDocumentMetadataHistoryInput{} + } + + output = &ListDocumentMetadataHistoryOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListDocumentMetadataHistory API operation for Amazon Simple Systems Manager (SSM). +// +// Information about approval reviews for a version of an SSM document. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation ListDocumentMetadataHistory for usage and error information. +// +// Returned Error Types: +// * InternalServerError +// An error occurred on the server side. +// +// * InvalidDocument +// The specified document does not exist. +// +// * InvalidDocumentVersion +// The document version is not valid or does not exist. +// +// * InvalidNextToken +// The specified token is not valid. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/ListDocumentMetadataHistory +func (c *SSM) ListDocumentMetadataHistory(input *ListDocumentMetadataHistoryInput) (*ListDocumentMetadataHistoryOutput, error) { + req, out := c.ListDocumentMetadataHistoryRequest(input) + return out, req.Send() +} + +// ListDocumentMetadataHistoryWithContext is the same as ListDocumentMetadataHistory with the addition of +// the ability to pass a context and additional request options. +// +// See ListDocumentMetadataHistory for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) ListDocumentMetadataHistoryWithContext(ctx aws.Context, input *ListDocumentMetadataHistoryInput, opts ...request.Option) (*ListDocumentMetadataHistoryOutput, error) { + req, out := c.ListDocumentMetadataHistoryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListDocumentVersions = "ListDocumentVersions" // ListDocumentVersionsRequest generates a "aws/request.Request" representing the @@ -10858,6 +10963,156 @@ func (c *SSM) ListInventoryEntriesWithContext(ctx aws.Context, input *ListInvent return out, req.Send() } +const opListOpsItemEvents = "ListOpsItemEvents" + +// ListOpsItemEventsRequest generates a "aws/request.Request" representing the +// client's request for the ListOpsItemEvents operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListOpsItemEvents for more information on using the ListOpsItemEvents +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListOpsItemEventsRequest method. +// req, resp := client.ListOpsItemEventsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/ListOpsItemEvents +func (c *SSM) ListOpsItemEventsRequest(input *ListOpsItemEventsInput) (req *request.Request, output *ListOpsItemEventsOutput) { + op := &request.Operation{ + Name: opListOpsItemEvents, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListOpsItemEventsInput{} + } + + output = &ListOpsItemEventsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListOpsItemEvents API operation for Amazon Simple Systems Manager (SSM). +// +// Returns a list of all OpsItem events in the current AWS account and Region. +// You can limit the results to events associated with specific OpsItems by +// specifying a filter. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation ListOpsItemEvents for usage and error information. +// +// Returned Error Types: +// * InternalServerError +// An error occurred on the server side. +// +// * OpsItemNotFoundException +// The specified OpsItem ID doesn't exist. Verify the ID and try again. +// +// * OpsItemLimitExceededException +// The request caused OpsItems to exceed one or more quotas. For information +// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// +// * OpsItemInvalidParameterException +// A specified parameter argument isn't valid. Verify the available arguments +// and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/ListOpsItemEvents +func (c *SSM) ListOpsItemEvents(input *ListOpsItemEventsInput) (*ListOpsItemEventsOutput, error) { + req, out := c.ListOpsItemEventsRequest(input) + return out, req.Send() +} + +// ListOpsItemEventsWithContext is the same as ListOpsItemEvents with the addition of +// the ability to pass a context and additional request options. +// +// See ListOpsItemEvents for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) ListOpsItemEventsWithContext(ctx aws.Context, input *ListOpsItemEventsInput, opts ...request.Option) (*ListOpsItemEventsOutput, error) { + req, out := c.ListOpsItemEventsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListOpsItemEventsPages iterates over the pages of a ListOpsItemEvents operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListOpsItemEvents method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListOpsItemEvents operation. +// pageNum := 0 +// err := client.ListOpsItemEventsPages(params, +// func(page *ssm.ListOpsItemEventsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *SSM) ListOpsItemEventsPages(input *ListOpsItemEventsInput, fn func(*ListOpsItemEventsOutput, bool) bool) error { + return c.ListOpsItemEventsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListOpsItemEventsPagesWithContext same as ListOpsItemEventsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) ListOpsItemEventsPagesWithContext(ctx aws.Context, input *ListOpsItemEventsInput, fn func(*ListOpsItemEventsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListOpsItemEventsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListOpsItemEventsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListOpsItemEventsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListOpsMetadata = "ListOpsMetadata" // ListOpsMetadataRequest generates a "aws/request.Request" representing the @@ -10889,6 +11144,12 @@ func (c *SSM) ListOpsMetadataRequest(input *ListOpsMetadataInput) (req *request. Name: opListOpsMetadata, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10902,8 +11163,8 @@ func (c *SSM) ListOpsMetadataRequest(input *ListOpsMetadataInput) (req *request. // ListOpsMetadata API operation for Amazon Simple Systems Manager (SSM). // -// Systems Manager calls this API action when displaying all AppManager OpsMetadata -// objects or blobs. +// Systems Manager calls this API action when displaying all Application Manager +// OpsMetadata objects or blobs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10941,6 +11202,58 @@ func (c *SSM) ListOpsMetadataWithContext(ctx aws.Context, input *ListOpsMetadata return out, req.Send() } +// ListOpsMetadataPages iterates over the pages of a ListOpsMetadata operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListOpsMetadata method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListOpsMetadata operation. +// pageNum := 0 +// err := client.ListOpsMetadataPages(params, +// func(page *ssm.ListOpsMetadataOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *SSM) ListOpsMetadataPages(input *ListOpsMetadataInput, fn func(*ListOpsMetadataOutput, bool) bool) error { + return c.ListOpsMetadataPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListOpsMetadataPagesWithContext same as ListOpsMetadataPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) ListOpsMetadataPagesWithContext(ctx aws.Context, input *ListOpsMetadataInput, fn func(*ListOpsMetadataOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListOpsMetadataInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListOpsMetadataRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListOpsMetadataOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListResourceComplianceSummaries = "ListResourceComplianceSummaries" // ListResourceComplianceSummariesRequest generates a "aws/request.Request" representing the @@ -12934,6 +13247,110 @@ func (c *SSM) StartAutomationExecutionWithContext(ctx aws.Context, input *StartA return out, req.Send() } +const opStartChangeRequestExecution = "StartChangeRequestExecution" + +// StartChangeRequestExecutionRequest generates a "aws/request.Request" representing the +// client's request for the StartChangeRequestExecution operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartChangeRequestExecution for more information on using the StartChangeRequestExecution +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartChangeRequestExecutionRequest method. +// req, resp := client.StartChangeRequestExecutionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/StartChangeRequestExecution +func (c *SSM) StartChangeRequestExecutionRequest(input *StartChangeRequestExecutionInput) (req *request.Request, output *StartChangeRequestExecutionOutput) { + op := &request.Operation{ + Name: opStartChangeRequestExecution, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartChangeRequestExecutionInput{} + } + + output = &StartChangeRequestExecutionOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartChangeRequestExecution API operation for Amazon Simple Systems Manager (SSM). +// +// Creates a change request for Change Manager. The runbooks (Automation documents) +// specified in the change request run only after all required approvals for +// the change request have been received. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation StartChangeRequestExecution for usage and error information. +// +// Returned Error Types: +// * AutomationDefinitionNotFoundException +// An Automation document with the specified name could not be found. +// +// * InvalidAutomationExecutionParametersException +// The supplied parameters for invoking the specified Automation document are +// incorrect. For example, they may not match the set of parameters permitted +// for the specified Automation document. +// +// * AutomationExecutionLimitExceededException +// The number of simultaneously running Automation executions exceeded the allowable +// limit. +// +// * AutomationDefinitionVersionNotFoundException +// An Automation document with the specified name and version could not be found. +// +// * IdempotentParameterMismatch +// Error returned when an idempotent operation is retried and the parameters +// don't match the original call to the API with the same idempotency token. +// +// * InternalServerError +// An error occurred on the server side. +// +// * AutomationDefinitionNotApprovedException +// Indicates that the Change Manager change template used in the change request +// was rejected or is still in a pending state. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/StartChangeRequestExecution +func (c *SSM) StartChangeRequestExecution(input *StartChangeRequestExecutionInput) (*StartChangeRequestExecutionOutput, error) { + req, out := c.StartChangeRequestExecutionRequest(input) + return out, req.Send() +} + +// StartChangeRequestExecutionWithContext is the same as StartChangeRequestExecution with the addition of +// the ability to pass a context and additional request options. +// +// See StartChangeRequestExecution for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) StartChangeRequestExecutionWithContext(ctx aws.Context, input *StartChangeRequestExecutionInput, opts ...request.Option) (*StartChangeRequestExecutionOutput, error) { + req, out := c.StartChangeRequestExecutionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStartSession = "StartSession" // StartSessionRequest generates a "aws/request.Request" representing the @@ -13643,6 +14060,97 @@ func (c *SSM) UpdateDocumentDefaultVersionWithContext(ctx aws.Context, input *Up return out, req.Send() } +const opUpdateDocumentMetadata = "UpdateDocumentMetadata" + +// UpdateDocumentMetadataRequest generates a "aws/request.Request" representing the +// client's request for the UpdateDocumentMetadata operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateDocumentMetadata for more information on using the UpdateDocumentMetadata +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateDocumentMetadataRequest method. +// req, resp := client.UpdateDocumentMetadataRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateDocumentMetadata +func (c *SSM) UpdateDocumentMetadataRequest(input *UpdateDocumentMetadataInput) (req *request.Request, output *UpdateDocumentMetadataOutput) { + op := &request.Operation{ + Name: opUpdateDocumentMetadata, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateDocumentMetadataInput{} + } + + output = &UpdateDocumentMetadataOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateDocumentMetadata API operation for Amazon Simple Systems Manager (SSM). +// +// Updates information related to approval reviews for a specific version of +// a document. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation UpdateDocumentMetadata for usage and error information. +// +// Returned Error Types: +// * InternalServerError +// An error occurred on the server side. +// +// * InvalidDocument +// The specified document does not exist. +// +// * InvalidDocumentOperation +// You attempted to delete a document while it is still shared. You must stop +// sharing the document before you can delete it. +// +// * InvalidDocumentVersion +// The document version is not valid or does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateDocumentMetadata +func (c *SSM) UpdateDocumentMetadata(input *UpdateDocumentMetadataInput) (*UpdateDocumentMetadataOutput, error) { + req, out := c.UpdateDocumentMetadataRequest(input) + return out, req.Send() +} + +// UpdateDocumentMetadataWithContext is the same as UpdateDocumentMetadata with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateDocumentMetadata for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) UpdateDocumentMetadataWithContext(ctx aws.Context, input *UpdateDocumentMetadataInput, opts ...request.Option) (*UpdateDocumentMetadataOutput, error) { + req, out := c.UpdateDocumentMetadataRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUpdateMaintenanceWindow = "UpdateMaintenanceWindow" // UpdateMaintenanceWindowRequest generates a "aws/request.Request" representing the @@ -13901,6 +14409,13 @@ func (c *SSM) UpdateMaintenanceWindowTaskRequest(input *UpdateMaintenanceWindowT // // * MaxErrors // +// One or more targets must be specified for maintenance window Run Command-type +// tasks. Depending on the task, targets are optional for other maintenance +// window task types (Automation, AWS Lambda, and AWS Step Functions). For more +// information about running tasks that do not specify targets, see Registering +// maintenance window tasks without targets (https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) +// in the AWS Systems Manager User Guide. +// // If the value for a parameter in UpdateMaintenanceWindowTask is null, then // the corresponding field is not modified. If you set Replace to true, then // all fields required by the RegisterTaskWithMaintenanceWindow action are required @@ -14197,7 +14712,8 @@ func (c *SSM) UpdateOpsMetadataRequest(input *UpdateOpsMetadataInput) (req *requ // UpdateOpsMetadata API operation for Amazon Simple Systems Manager (SSM). // -// Systems Manager calls this API action when you edit OpsMetadata in AppManager. +// Systems Manager calls this API action when you edit OpsMetadata in Application +// Manager. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -14215,7 +14731,7 @@ func (c *SSM) UpdateOpsMetadataRequest(input *UpdateOpsMetadataInput) (req *requ // // * OpsMetadataKeyLimitExceededException // The OpsMetadata object exceeds the maximum number of OpsMetadata keys that -// you can assign to an application in AppManager. +// you can assign to an application in Application Manager. // // * OpsMetadataTooManyUpdatesException // The system is processing too many concurrent updates. Wait a few moments @@ -15170,6 +15686,10 @@ type AssociationDescription struct { // By default, all associations use AUTO mode. SyncCompliance *string `type:"string" enum:"AssociationSyncCompliance"` + // The combination of AWS Regions and AWS accounts where you want to run the + // association. + TargetLocations []*TargetLocation `min:"1" type:"list"` + // The instances targeted by the request. Targets []*Target `type:"list"` } @@ -15310,6 +15830,12 @@ func (s *AssociationDescription) SetSyncCompliance(v string) *AssociationDescrip return s } +// SetTargetLocations sets the TargetLocations field's value. +func (s *AssociationDescription) SetTargetLocations(v []*TargetLocation) *AssociationDescription { + s.TargetLocations = v + return s +} + // SetTargets sets the Targets field's value. func (s *AssociationDescription) SetTargets(v []*Target) *AssociationDescription { s.Targets = v @@ -16059,6 +16585,10 @@ type AssociationVersionInfo struct { // By default, all associations use AUTO mode. SyncCompliance *string `type:"string" enum:"AssociationSyncCompliance"` + // The combination of AWS Regions and AWS accounts where you wanted to run the + // association when this association version was created. + TargetLocations []*TargetLocation `min:"1" type:"list"` + // The targets specified for the association when the association version was // created. Targets []*Target `type:"list"` @@ -16158,6 +16688,12 @@ func (s *AssociationVersionInfo) SetSyncCompliance(v string) *AssociationVersion return s } +// SetTargetLocations sets the TargetLocations field's value. +func (s *AssociationVersionInfo) SetTargetLocations(v []*TargetLocation) *AssociationVersionInfo { + s.TargetLocations = v + return s +} + // SetTargets sets the Targets field's value. func (s *AssociationVersionInfo) SetTargets(v []*Target) *AssociationVersionInfo { s.Targets = v @@ -16378,6 +16914,63 @@ func (s *AttachmentsSource) SetValues(v []*string) *AttachmentsSource { return s } +// Indicates that the Change Manager change template used in the change request +// was rejected or is still in a pending state. +type AutomationDefinitionNotApprovedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s AutomationDefinitionNotApprovedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AutomationDefinitionNotApprovedException) GoString() string { + return s.String() +} + +func newErrorAutomationDefinitionNotApprovedException(v protocol.ResponseMetadata) error { + return &AutomationDefinitionNotApprovedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AutomationDefinitionNotApprovedException) Code() string { + return "AutomationDefinitionNotApprovedException" +} + +// Message returns the exception's message. +func (s *AutomationDefinitionNotApprovedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AutomationDefinitionNotApprovedException) OrigErr() error { + return nil +} + +func (s *AutomationDefinitionNotApprovedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AutomationDefinitionNotApprovedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AutomationDefinitionNotApprovedException) RequestID() string { + return s.RespMetadata.RequestID +} + // An Automation document with the specified name could not be found. type AutomationDefinitionNotFoundException struct { _ struct{} `type:"structure"` @@ -16495,12 +17088,22 @@ func (s *AutomationDefinitionVersionNotFoundException) RequestID() string { type AutomationExecution struct { _ struct{} `type:"structure"` + // The ID of a State Manager association used in the Automation operation. + AssociationId *string `type:"string"` + // The execution ID. AutomationExecutionId *string `min:"36" type:"string"` // The execution status of the Automation. AutomationExecutionStatus *string `type:"string" enum:"AutomationExecutionStatus"` + // The subtype of the Automation operation. Currently, the only supported value + // is ChangeRequest. + AutomationSubtype *string `type:"string" enum:"AutomationSubtype"` + + // The name of the Change Manager change request. + ChangeRequestName *string `min:"1" type:"string"` + // The action of the step that is currently running. CurrentAction *string `type:"string"` @@ -16535,6 +17138,10 @@ type AutomationExecution struct { // The automation execution mode. Mode *string `type:"string" enum:"ExecutionMode"` + // The ID of an OpsItem that is created to represent a Change Manager change + // request. + OpsItemId *string `type:"string"` + // The list of execution outputs as defined in the automation document. Outputs map[string][]*string `min:"1" type:"map"` @@ -16552,6 +17159,16 @@ type AutomationExecution struct { // A list of resolved targets in the rate control execution. ResolvedTargets *ResolvedTargets `type:"structure"` + // Information about the Automation runbooks (Automation documents) that are + // run as part of a runbook workflow. + // + // The Automation runbooks specified for the runbook workflow can't run until + // all required approvals for the change request have been received. + Runbooks []*Runbook `min:"1" type:"list"` + + // The date and time the Automation operation is scheduled to start. + ScheduledTime *time.Time `type:"timestamp"` + // A list of details about the current state of all steps that comprise an execution. // An Automation document contains a list of steps that are run in order. StepExecutions []*StepExecution `type:"list"` @@ -16588,6 +17205,12 @@ func (s AutomationExecution) GoString() string { return s.String() } +// SetAssociationId sets the AssociationId field's value. +func (s *AutomationExecution) SetAssociationId(v string) *AutomationExecution { + s.AssociationId = &v + return s +} + // SetAutomationExecutionId sets the AutomationExecutionId field's value. func (s *AutomationExecution) SetAutomationExecutionId(v string) *AutomationExecution { s.AutomationExecutionId = &v @@ -16600,6 +17223,18 @@ func (s *AutomationExecution) SetAutomationExecutionStatus(v string) *Automation return s } +// SetAutomationSubtype sets the AutomationSubtype field's value. +func (s *AutomationExecution) SetAutomationSubtype(v string) *AutomationExecution { + s.AutomationSubtype = &v + return s +} + +// SetChangeRequestName sets the ChangeRequestName field's value. +func (s *AutomationExecution) SetChangeRequestName(v string) *AutomationExecution { + s.ChangeRequestName = &v + return s +} + // SetCurrentAction sets the CurrentAction field's value. func (s *AutomationExecution) SetCurrentAction(v string) *AutomationExecution { s.CurrentAction = &v @@ -16666,6 +17301,12 @@ func (s *AutomationExecution) SetMode(v string) *AutomationExecution { return s } +// SetOpsItemId sets the OpsItemId field's value. +func (s *AutomationExecution) SetOpsItemId(v string) *AutomationExecution { + s.OpsItemId = &v + return s +} + // SetOutputs sets the Outputs field's value. func (s *AutomationExecution) SetOutputs(v map[string][]*string) *AutomationExecution { s.Outputs = v @@ -16696,6 +17337,18 @@ func (s *AutomationExecution) SetResolvedTargets(v *ResolvedTargets) *Automation return s } +// SetRunbooks sets the Runbooks field's value. +func (s *AutomationExecution) SetRunbooks(v []*Runbook) *AutomationExecution { + s.Runbooks = v + return s +} + +// SetScheduledTime sets the ScheduledTime field's value. +func (s *AutomationExecution) SetScheduledTime(v time.Time) *AutomationExecution { + s.ScheduledTime = &v + return s +} + // SetStepExecutions sets the StepExecutions field's value. func (s *AutomationExecution) SetStepExecutions(v []*StepExecution) *AutomationExecution { s.StepExecutions = v @@ -16743,9 +17396,7 @@ func (s *AutomationExecution) SetTargets(v []*Target) *AutomationExecution { type AutomationExecutionFilter struct { _ struct{} `type:"structure"` - // One or more keys to limit the results. Valid filter keys include the following: - // DocumentNamePrefix, ExecutionStatus, ExecutionId, ParentExecutionId, CurrentAction, - // StartTimeBefore, StartTimeAfter, TargetResourceGroup. + // One or more keys to limit the results. // // Key is a required field Key *string `type:"string" required:"true" enum:"AutomationExecutionFilterKey"` @@ -16859,12 +17510,19 @@ func (s *AutomationExecutionLimitExceededException) RequestID() string { type AutomationExecutionMetadata struct { _ struct{} `type:"structure"` + // The ID of a State Manager association used in the Automation operation. + AssociationId *string `type:"string"` + // The execution ID. AutomationExecutionId *string `min:"36" type:"string"` // The status of the execution. AutomationExecutionStatus *string `type:"string" enum:"AutomationExecutionStatus"` + // The subtype of the Automation operation. Currently, the only supported value + // is ChangeRequest. + AutomationSubtype *string `type:"string" enum:"AutomationSubtype"` + // Use this filter with DescribeAutomationExecutions. Specify either Local or // CrossAccount. CrossAccount is an Automation that runs in multiple AWS Regions // and accounts. For more information, see Running Automation workflows in multiple @@ -16872,6 +17530,9 @@ type AutomationExecutionMetadata struct { // in the AWS Systems Manager User Guide. AutomationType *string `type:"string" enum:"AutomationType"` + // The name of the Change Manager change request. + ChangeRequestName *string `min:"1" type:"string"` + // The action of the step that is currently running. CurrentAction *string `type:"string"` @@ -16909,6 +17570,10 @@ type AutomationExecutionMetadata struct { // The Automation execution mode. Mode *string `type:"string" enum:"ExecutionMode"` + // The ID of an OpsItem that is created to represent a Change Manager change + // request. + OpsItemId *string `type:"string"` + // The list of execution outputs as defined in the Automation document. Outputs map[string][]*string `min:"1" type:"map"` @@ -16918,6 +17583,16 @@ type AutomationExecutionMetadata struct { // A list of targets that resolved during the execution. ResolvedTargets *ResolvedTargets `type:"structure"` + // Information about the Automation runbooks (Automation documents) that are + // run during a runbook workflow in Change Manager. + // + // The Automation runbooks specified for the runbook workflow can't run until + // all required approvals for the change request have been received. + Runbooks []*Runbook `min:"1" type:"list"` + + // The date and time the Automation operation is scheduled to start. + ScheduledTime *time.Time `type:"timestamp"` + // The list of execution outputs as defined in the Automation document. Target *string `type:"string"` @@ -16941,6 +17616,12 @@ func (s AutomationExecutionMetadata) GoString() string { return s.String() } +// SetAssociationId sets the AssociationId field's value. +func (s *AutomationExecutionMetadata) SetAssociationId(v string) *AutomationExecutionMetadata { + s.AssociationId = &v + return s +} + // SetAutomationExecutionId sets the AutomationExecutionId field's value. func (s *AutomationExecutionMetadata) SetAutomationExecutionId(v string) *AutomationExecutionMetadata { s.AutomationExecutionId = &v @@ -16953,12 +17634,24 @@ func (s *AutomationExecutionMetadata) SetAutomationExecutionStatus(v string) *Au return s } +// SetAutomationSubtype sets the AutomationSubtype field's value. +func (s *AutomationExecutionMetadata) SetAutomationSubtype(v string) *AutomationExecutionMetadata { + s.AutomationSubtype = &v + return s +} + // SetAutomationType sets the AutomationType field's value. func (s *AutomationExecutionMetadata) SetAutomationType(v string) *AutomationExecutionMetadata { s.AutomationType = &v return s } +// SetChangeRequestName sets the ChangeRequestName field's value. +func (s *AutomationExecutionMetadata) SetChangeRequestName(v string) *AutomationExecutionMetadata { + s.ChangeRequestName = &v + return s +} + // SetCurrentAction sets the CurrentAction field's value. func (s *AutomationExecutionMetadata) SetCurrentAction(v string) *AutomationExecutionMetadata { s.CurrentAction = &v @@ -17031,6 +17724,12 @@ func (s *AutomationExecutionMetadata) SetMode(v string) *AutomationExecutionMeta return s } +// SetOpsItemId sets the OpsItemId field's value. +func (s *AutomationExecutionMetadata) SetOpsItemId(v string) *AutomationExecutionMetadata { + s.OpsItemId = &v + return s +} + // SetOutputs sets the Outputs field's value. func (s *AutomationExecutionMetadata) SetOutputs(v map[string][]*string) *AutomationExecutionMetadata { s.Outputs = v @@ -17049,6 +17748,18 @@ func (s *AutomationExecutionMetadata) SetResolvedTargets(v *ResolvedTargets) *Au return s } +// SetRunbooks sets the Runbooks field's value. +func (s *AutomationExecutionMetadata) SetRunbooks(v []*Runbook) *AutomationExecutionMetadata { + s.Runbooks = v + return s +} + +// SetScheduledTime sets the ScheduledTime field's value. +func (s *AutomationExecutionMetadata) SetScheduledTime(v time.Time) *AutomationExecutionMetadata { + s.ScheduledTime = &v + return s +} + // SetTarget sets the Target field's value. func (s *AutomationExecutionMetadata) SetTarget(v string) *AutomationExecutionMetadata { s.Target = &v @@ -18933,6 +19644,10 @@ type CreateAssociationBatchRequestEntry struct { // By default, all associations use AUTO mode. SyncCompliance *string `type:"string" enum:"AssociationSyncCompliance"` + // Use this action to create an association in multiple Regions and multiple + // accounts. + TargetLocations []*TargetLocation `min:"1" type:"list"` + // The instances targeted by the request. Targets []*Target `type:"list"` } @@ -18965,11 +19680,24 @@ func (s *CreateAssociationBatchRequestEntry) Validate() error { if s.ScheduleExpression != nil && len(*s.ScheduleExpression) < 1 { invalidParams.Add(request.NewErrParamMinLen("ScheduleExpression", 1)) } + if s.TargetLocations != nil && len(s.TargetLocations) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetLocations", 1)) + } if s.OutputLocation != nil { if err := s.OutputLocation.Validate(); err != nil { invalidParams.AddNested("OutputLocation", err.(request.ErrInvalidParams)) } } + if s.TargetLocations != nil { + for i, v := range s.TargetLocations { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TargetLocations", i), err.(request.ErrInvalidParams)) + } + } + } if s.Targets != nil { for i, v := range s.Targets { if v == nil { @@ -19065,6 +19793,12 @@ func (s *CreateAssociationBatchRequestEntry) SetSyncCompliance(v string) *Create return s } +// SetTargetLocations sets the TargetLocations field's value. +func (s *CreateAssociationBatchRequestEntry) SetTargetLocations(v []*TargetLocation) *CreateAssociationBatchRequestEntry { + s.TargetLocations = v + return s +} + // SetTargets sets the Targets field's value. func (s *CreateAssociationBatchRequestEntry) SetTargets(v []*Target) *CreateAssociationBatchRequestEntry { s.Targets = v @@ -19175,6 +19909,11 @@ type CreateAssociationInput struct { // By default, all associations use AUTO mode. SyncCompliance *string `type:"string" enum:"AssociationSyncCompliance"` + // A location is a combination of AWS Regions and AWS accounts where you want + // to run the association. Use this action to create an association in multiple + // Regions and multiple accounts. + TargetLocations []*TargetLocation `min:"1" type:"list"` + // The targets for the association. You can target instances by using tags, // AWS Resource Groups, all instances in an AWS account, or individual instance // IDs. For more information about choosing targets for an association, see @@ -19211,11 +19950,24 @@ func (s *CreateAssociationInput) Validate() error { if s.ScheduleExpression != nil && len(*s.ScheduleExpression) < 1 { invalidParams.Add(request.NewErrParamMinLen("ScheduleExpression", 1)) } + if s.TargetLocations != nil && len(s.TargetLocations) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetLocations", 1)) + } if s.OutputLocation != nil { if err := s.OutputLocation.Validate(); err != nil { invalidParams.AddNested("OutputLocation", err.(request.ErrInvalidParams)) } } + if s.TargetLocations != nil { + for i, v := range s.TargetLocations { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TargetLocations", i), err.(request.ErrInvalidParams)) + } + } + } if s.Targets != nil { for i, v := range s.Targets { if v == nil { @@ -19311,6 +20063,12 @@ func (s *CreateAssociationInput) SetSyncCompliance(v string) *CreateAssociationI return s } +// SetTargetLocations sets the TargetLocations field's value. +func (s *CreateAssociationInput) SetTargetLocations(v []*TargetLocation) *CreateAssociationInput { + s.TargetLocations = v + return s +} + // SetTargets sets the Targets field's value. func (s *CreateAssociationInput) SetTargets(v []*Target) *CreateAssociationInput { s.Targets = v @@ -19612,7 +20370,7 @@ type CreateMaintenanceWindowInput struct { // For example, the following cron expression schedules a maintenance window // to run on the third Tuesday of every month at 11:30 PM. // - // cron(0 30 23 ? * TUE#3 *) + // cron(30 23 ? * TUE#3 *) // // If the schedule offset is 2, the maintenance window won't run until two days // later. @@ -19620,7 +20378,7 @@ type CreateMaintenanceWindowInput struct { // The time zone that the scheduled maintenance window executions are based // on, in Internet Assigned Numbers Authority (IANA) format. For example: "America/Los_Angeles", - // "etc/UTC", or "Asia/Seoul". For more information, see the Time Zone Database + // "UTC", or "Asia/Seoul". For more information, see the Time Zone Database // (https://www.iana.org/time-zones) on the IANA website. ScheduleTimezone *string `type:"string"` @@ -19807,6 +20565,14 @@ func (s *CreateMaintenanceWindowOutput) SetWindowId(v string) *CreateMaintenance type CreateOpsItemInput struct { _ struct{} `type:"structure"` + // The time a runbook workflow ended. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualEndTime *time.Time `type:"timestamp"` + + // The time a runbook workflow started. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualStartTime *time.Time `type:"timestamp"` + // Specify a category to assign to an OpsItem. Category *string `min:"1" type:"string"` @@ -19842,6 +20608,18 @@ type CreateOpsItemInput struct { // in the AWS Systems Manager User Guide. OperationalData map[string]*OpsItemDataValue `type:"map"` + // The type of OpsItem to create. Currently, the only valid values are /aws/changerequest + // and /aws/issue. + OpsItemType *string `type:"string"` + + // The time specified in a change request for a runbook workflow to end. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedEndTime *time.Time `type:"timestamp"` + + // The time specified in a change request for a runbook workflow to start. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedStartTime *time.Time `type:"timestamp"` + // The importance of this OpsItem in relation to other OpsItems in the system. Priority *int64 `min:"1" type:"integer"` @@ -19946,6 +20724,18 @@ func (s *CreateOpsItemInput) Validate() error { return nil } +// SetActualEndTime sets the ActualEndTime field's value. +func (s *CreateOpsItemInput) SetActualEndTime(v time.Time) *CreateOpsItemInput { + s.ActualEndTime = &v + return s +} + +// SetActualStartTime sets the ActualStartTime field's value. +func (s *CreateOpsItemInput) SetActualStartTime(v time.Time) *CreateOpsItemInput { + s.ActualStartTime = &v + return s +} + // SetCategory sets the Category field's value. func (s *CreateOpsItemInput) SetCategory(v string) *CreateOpsItemInput { s.Category = &v @@ -19970,6 +20760,24 @@ func (s *CreateOpsItemInput) SetOperationalData(v map[string]*OpsItemDataValue) return s } +// SetOpsItemType sets the OpsItemType field's value. +func (s *CreateOpsItemInput) SetOpsItemType(v string) *CreateOpsItemInput { + s.OpsItemType = &v + return s +} + +// SetPlannedEndTime sets the PlannedEndTime field's value. +func (s *CreateOpsItemInput) SetPlannedEndTime(v time.Time) *CreateOpsItemInput { + s.PlannedEndTime = &v + return s +} + +// SetPlannedStartTime sets the PlannedStartTime field's value. +func (s *CreateOpsItemInput) SetPlannedStartTime(v time.Time) *CreateOpsItemInput { + s.PlannedStartTime = &v + return s +} + // SetPriority sets the Priority field's value. func (s *CreateOpsItemInput) SetPriority(v int64) *CreateOpsItemInput { s.Priority = &v @@ -20032,10 +20840,10 @@ func (s *CreateOpsItemOutput) SetOpsItemId(v string) *CreateOpsItemOutput { type CreateOpsMetadataInput struct { _ struct{} `type:"structure"` - // Metadata for a new AppManager application. + // Metadata for a new Application Manager application. Metadata map[string]*MetadataValue `min:"1" type:"map"` - // A resource ID for a new AppManager application. + // A resource ID for a new Application Manager application. // // ResourceId is a required field ResourceId *string `min:"1" type:"string" required:"true"` @@ -22431,11 +23239,20 @@ func (s *DescribeDocumentOutput) SetDocument(v *DocumentDescription) *DescribeDo type DescribeDocumentPermissionInput struct { _ struct{} `type:"structure"` + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + MaxResults *int64 `min:"1" type:"integer"` + // The name of the document for which you are the owner. // // Name is a required field Name *string `type:"string" required:"true"` + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `type:"string"` + // The permission type for the document. The permission type can be Share. // // PermissionType is a required field @@ -22455,6 +23272,9 @@ func (s DescribeDocumentPermissionInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeDocumentPermissionInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeDocumentPermissionInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } if s.Name == nil { invalidParams.Add(request.NewErrParamRequired("Name")) } @@ -22468,12 +23288,24 @@ func (s *DescribeDocumentPermissionInput) Validate() error { return nil } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeDocumentPermissionInput) SetMaxResults(v int64) *DescribeDocumentPermissionInput { + s.MaxResults = &v + return s +} + // SetName sets the Name field's value. func (s *DescribeDocumentPermissionInput) SetName(v string) *DescribeDocumentPermissionInput { s.Name = &v return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeDocumentPermissionInput) SetNextToken(v string) *DescribeDocumentPermissionInput { + s.NextToken = &v + return s +} + // SetPermissionType sets the PermissionType field's value. func (s *DescribeDocumentPermissionInput) SetPermissionType(v string) *DescribeDocumentPermissionInput { s.PermissionType = &v @@ -22490,6 +23322,10 @@ type DescribeDocumentPermissionOutput struct { // A list of AWS accounts where the current document is shared and the version // shared with each account. AccountSharingInfoList []*AccountSharingInfo `type:"list"` + + // The token for the next set of items to return. Use this token to get the + // next set of results. + NextToken *string `type:"string"` } // String returns the string representation @@ -22514,6 +23350,12 @@ func (s *DescribeDocumentPermissionOutput) SetAccountSharingInfoList(v []*Accoun return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeDocumentPermissionOutput) SetNextToken(v string) *DescribeDocumentPermissionOutput { + s.NextToken = &v + return s +} + type DescribeEffectiveInstanceAssociationsInput struct { _ struct{} `type:"structure"` @@ -25285,10 +26127,16 @@ func (s *DocumentDefaultVersionDescription) SetName(v string) *DocumentDefaultVe type DocumentDescription struct { _ struct{} `type:"structure"` + // The version of the document currently approved for use in the organization. + ApprovedVersion *string `type:"string"` + // Details about the document attachments, including names, locations, sizes, // and so on. AttachmentsInformation []*AttachmentInformation `type:"list"` + // The user in your organization who created the document. + Author *string `type:"string"` + // The date when the document was created. CreatedDate *time.Time `type:"timestamp"` @@ -25329,6 +26177,9 @@ type DocumentDescription struct { // A description of the parameters for a document. Parameters []*DocumentParameter `type:"list"` + // The version of the document that is currently under review. + PendingReviewVersion *string `type:"string"` + // The list of OS platforms compatible with this Systems Manager document. PlatformTypes []*string `type:"list"` @@ -25336,6 +26187,12 @@ type DocumentDescription struct { // document requires an ApplicationConfigurationSchema document. Requires []*DocumentRequires `min:"1" type:"list"` + // Details about the review of a document. + ReviewInformation []*ReviewInformation `min:"1" type:"list"` + + // The current status of the review. + ReviewStatus *string `type:"string" enum:"ReviewStatus"` + // The schema version. SchemaVersion *string `type:"string"` @@ -25374,12 +26231,24 @@ func (s DocumentDescription) GoString() string { return s.String() } +// SetApprovedVersion sets the ApprovedVersion field's value. +func (s *DocumentDescription) SetApprovedVersion(v string) *DocumentDescription { + s.ApprovedVersion = &v + return s +} + // SetAttachmentsInformation sets the AttachmentsInformation field's value. func (s *DocumentDescription) SetAttachmentsInformation(v []*AttachmentInformation) *DocumentDescription { s.AttachmentsInformation = v return s } +// SetAuthor sets the Author field's value. +func (s *DocumentDescription) SetAuthor(v string) *DocumentDescription { + s.Author = &v + return s +} + // SetCreatedDate sets the CreatedDate field's value. func (s *DocumentDescription) SetCreatedDate(v time.Time) *DocumentDescription { s.CreatedDate = &v @@ -25452,6 +26321,12 @@ func (s *DocumentDescription) SetParameters(v []*DocumentParameter) *DocumentDes return s } +// SetPendingReviewVersion sets the PendingReviewVersion field's value. +func (s *DocumentDescription) SetPendingReviewVersion(v string) *DocumentDescription { + s.PendingReviewVersion = &v + return s +} + // SetPlatformTypes sets the PlatformTypes field's value. func (s *DocumentDescription) SetPlatformTypes(v []*string) *DocumentDescription { s.PlatformTypes = v @@ -25464,6 +26339,18 @@ func (s *DocumentDescription) SetRequires(v []*DocumentRequires) *DocumentDescri return s } +// SetReviewInformation sets the ReviewInformation field's value. +func (s *DocumentDescription) SetReviewInformation(v []*ReviewInformation) *DocumentDescription { + s.ReviewInformation = v + return s +} + +// SetReviewStatus sets the ReviewStatus field's value. +func (s *DocumentDescription) SetReviewStatus(v string) *DocumentDescription { + s.ReviewStatus = &v + return s +} + // SetSchemaVersion sets the SchemaVersion field's value. func (s *DocumentDescription) SetSchemaVersion(v string) *DocumentDescription { s.SchemaVersion = &v @@ -25566,6 +26453,9 @@ func (s *DocumentFilter) SetValue(v string) *DocumentFilter { type DocumentIdentifier struct { _ struct{} `type:"structure"` + // The user in your organization who created the document. + Author *string `type:"string"` + // The document format, either JSON or YAML. DocumentFormat *string `type:"string" enum:"DocumentFormat"` @@ -25588,6 +26478,9 @@ type DocumentIdentifier struct { // document requires an ApplicationConfigurationSchema document. Requires []*DocumentRequires `min:"1" type:"list"` + // The current status of a document review. + ReviewStatus *string `type:"string" enum:"ReviewStatus"` + // The schema version. SchemaVersion *string `type:"string"` @@ -25616,6 +26509,12 @@ func (s DocumentIdentifier) GoString() string { return s.String() } +// SetAuthor sets the Author field's value. +func (s *DocumentIdentifier) SetAuthor(v string) *DocumentIdentifier { + s.Author = &v + return s +} + // SetDocumentFormat sets the DocumentFormat field's value. func (s *DocumentIdentifier) SetDocumentFormat(v string) *DocumentIdentifier { s.DocumentFormat = &v @@ -25658,6 +26557,12 @@ func (s *DocumentIdentifier) SetRequires(v []*DocumentRequires) *DocumentIdentif return s } +// SetReviewStatus sets the ReviewStatus field's value. +func (s *DocumentIdentifier) SetReviewStatus(v string) *DocumentIdentifier { + s.ReviewStatus = &v + return s +} + // SetSchemaVersion sets the SchemaVersion field's value. func (s *DocumentIdentifier) SetSchemaVersion(v string) *DocumentIdentifier { s.SchemaVersion = &v @@ -25852,6 +26757,30 @@ func (s *DocumentLimitExceeded) RequestID() string { return s.RespMetadata.RequestID } +// Details about the response to a document review request. +type DocumentMetadataResponseInfo struct { + _ struct{} `type:"structure"` + + // Details about a reviewer's response to a document review request. + ReviewerResponse []*DocumentReviewerResponseSource `type:"list"` +} + +// String returns the string representation +func (s DocumentMetadataResponseInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DocumentMetadataResponseInfo) GoString() string { + return s.String() +} + +// SetReviewerResponse sets the ReviewerResponse field's value. +func (s *DocumentMetadataResponseInfo) SetReviewerResponse(v []*DocumentReviewerResponseSource) *DocumentMetadataResponseInfo { + s.ReviewerResponse = v + return s +} + // Parameters specified in a System Manager document that run on the server // when the command is run. type DocumentParameter struct { @@ -26013,6 +26942,182 @@ func (s *DocumentRequires) SetVersion(v string) *DocumentRequires { return s } +// Information about comments added to a document review request. +type DocumentReviewCommentSource struct { + _ struct{} `type:"structure"` + + // The content of a comment entered by a user who requests a review of a new + // document version, or who reviews the new version. + Content *string `min:"1" type:"string"` + + // The type of information added to a review request. Currently, only the value + // Comment is supported. + Type *string `type:"string" enum:"DocumentReviewCommentType"` +} + +// String returns the string representation +func (s DocumentReviewCommentSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DocumentReviewCommentSource) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DocumentReviewCommentSource) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DocumentReviewCommentSource"} + if s.Content != nil && len(*s.Content) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Content", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetContent sets the Content field's value. +func (s *DocumentReviewCommentSource) SetContent(v string) *DocumentReviewCommentSource { + s.Content = &v + return s +} + +// SetType sets the Type field's value. +func (s *DocumentReviewCommentSource) SetType(v string) *DocumentReviewCommentSource { + s.Type = &v + return s +} + +// Information about a reviewer's response to a document review request. +type DocumentReviewerResponseSource struct { + _ struct{} `type:"structure"` + + // The comment entered by a reviewer as part of their document review response. + Comment []*DocumentReviewCommentSource `type:"list"` + + // The date and time that a reviewer entered a response to a document review + // request. + CreateTime *time.Time `type:"timestamp"` + + // The current review status of a new custom SSM document created by a member + // of your organization, or of the latest version of an existing SSM document. + // + // Only one version of a document can be in the APPROVED state at a time. When + // a new version is approved, the status of the previous version changes to + // REJECTED. + // + // Only one version of a document can be in review, or PENDING, at a time. + ReviewStatus *string `type:"string" enum:"ReviewStatus"` + + // The user in your organization assigned to review a document request. + Reviewer *string `type:"string"` + + // The date and time that a reviewer last updated a response to a document review + // request. + UpdatedTime *time.Time `type:"timestamp"` +} + +// String returns the string representation +func (s DocumentReviewerResponseSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DocumentReviewerResponseSource) GoString() string { + return s.String() +} + +// SetComment sets the Comment field's value. +func (s *DocumentReviewerResponseSource) SetComment(v []*DocumentReviewCommentSource) *DocumentReviewerResponseSource { + s.Comment = v + return s +} + +// SetCreateTime sets the CreateTime field's value. +func (s *DocumentReviewerResponseSource) SetCreateTime(v time.Time) *DocumentReviewerResponseSource { + s.CreateTime = &v + return s +} + +// SetReviewStatus sets the ReviewStatus field's value. +func (s *DocumentReviewerResponseSource) SetReviewStatus(v string) *DocumentReviewerResponseSource { + s.ReviewStatus = &v + return s +} + +// SetReviewer sets the Reviewer field's value. +func (s *DocumentReviewerResponseSource) SetReviewer(v string) *DocumentReviewerResponseSource { + s.Reviewer = &v + return s +} + +// SetUpdatedTime sets the UpdatedTime field's value. +func (s *DocumentReviewerResponseSource) SetUpdatedTime(v time.Time) *DocumentReviewerResponseSource { + s.UpdatedTime = &v + return s +} + +// Information about a document approval review. +type DocumentReviews struct { + _ struct{} `type:"structure"` + + // The action to take on a document approval review request. + // + // Action is a required field + Action *string `type:"string" required:"true" enum:"DocumentReviewAction"` + + // A comment entered by a user in your organization about the document review + // request. + Comment []*DocumentReviewCommentSource `type:"list"` +} + +// String returns the string representation +func (s DocumentReviews) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DocumentReviews) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DocumentReviews) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DocumentReviews"} + if s.Action == nil { + invalidParams.Add(request.NewErrParamRequired("Action")) + } + if s.Comment != nil { + for i, v := range s.Comment { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Comment", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAction sets the Action field's value. +func (s *DocumentReviews) SetAction(v string) *DocumentReviews { + s.Action = &v + return s +} + +// SetComment sets the Comment field's value. +func (s *DocumentReviews) SetComment(v []*DocumentReviewCommentSource) *DocumentReviews { + s.Comment = v + return s +} + // Version information about the document. type DocumentVersionInfo struct { _ struct{} `type:"structure"` @@ -26032,6 +27137,9 @@ type DocumentVersionInfo struct { // The document name. Name *string `type:"string"` + // The current status of the approval review for the latest version of the document. + ReviewStatus *string `type:"string" enum:"ReviewStatus"` + // The status of the Systems Manager document, such as Creating, Active, Failed, // and Deleting. Status *string `type:"string" enum:"DocumentStatus"` @@ -26088,6 +27196,12 @@ func (s *DocumentVersionInfo) SetName(v string) *DocumentVersionInfo { return s } +// SetReviewStatus sets the ReviewStatus field's value. +func (s *DocumentVersionInfo) SetReviewStatus(v string) *DocumentVersionInfo { + s.ReviewStatus = &v + return s +} + // SetStatus sets the Status field's value. func (s *DocumentVersionInfo) SetStatus(v string) *DocumentVersionInfo { s.Status = &v @@ -27381,6 +28495,17 @@ type GetDocumentOutput struct { // document requires an ApplicationConfigurationSchema document. Requires []*DocumentRequires `min:"1" type:"list"` + // The current review status of a new custom Systems Manager document (SSM document) + // created by a member of your organization, or of the latest version of an + // existing SSM document. + // + // Only one version of an SSM document can be in the APPROVED state at a time. + // When a new version is approved, the status of the previous version changes + // to REJECTED. + // + // Only one version of an SSM document can be in review, or PENDING, at a time. + ReviewStatus *string `type:"string" enum:"ReviewStatus"` + // The status of the Systems Manager document, such as Creating, Active, Updating, // Failed, and Deleting. Status *string `type:"string" enum:"DocumentStatus"` @@ -27449,6 +28574,12 @@ func (s *GetDocumentOutput) SetRequires(v []*DocumentRequires) *GetDocumentOutpu return s } +// SetReviewStatus sets the ReviewStatus field's value. +func (s *GetDocumentOutput) SetReviewStatus(v string) *GetDocumentOutput { + s.ReviewStatus = &v + return s +} + // SetStatus sets the Status field's value. func (s *GetDocumentOutput) SetStatus(v string) *GetDocumentOutput { s.Status = &v @@ -28328,7 +29459,7 @@ type GetMaintenanceWindowOutput struct { // The time zone that the scheduled maintenance window executions are based // on, in Internet Assigned Numbers Authority (IANA) format. For example: "America/Los_Angeles", - // "etc/UTC", or "Asia/Seoul". For more information, see the Time Zone Database + // "UTC", or "Asia/Seoul". For more information, see the Time Zone Database // (https://www.iana.org/time-zones) on the IANA website. ScheduleTimezone *string `type:"string"` @@ -28514,9 +29645,19 @@ type GetMaintenanceWindowTaskOutput struct { LoggingInfo *LoggingInfo `type:"structure"` // The maximum number of targets allowed to run this task in parallel. + // + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1, which may be reported in the response to this command. This value does + // not affect the running of your task and can be ignored. MaxConcurrency *string `min:"1" type:"string"` // The maximum number of errors allowed before the task stops being scheduled. + // + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1, which may be reported in the response to this command. This value does + // not affect the running of your task and can be ignored. MaxErrors *string `min:"1" type:"string"` // The retrieved task name. @@ -28782,14 +29923,14 @@ func (s *GetOpsMetadataInput) SetOpsMetadataArn(v string) *GetOpsMetadataInput { type GetOpsMetadataOutput struct { _ struct{} `type:"structure"` - // OpsMetadata for an AppManager application. + // OpsMetadata for an Application Manager application. Metadata map[string]*MetadataValue `min:"1" type:"map"` // The token for the next set of items to return. Use this token to get the // next set of results. NextToken *string `type:"string"` - // The resource ID of the AppManager application. + // The resource ID of the Application Manager application. ResourceId *string `min:"1" type:"string"` } @@ -29182,9 +30323,11 @@ type GetParametersByPathInput struct { // Name, Path, and Tier. ParameterFilters []*ParameterStringFilter `type:"list"` - // The hierarchy for the parameter. Hierarchies start with a forward slash (/) - // and end with the parameter name. A parameter name hierarchy can have a maximum - // of 15 levels. Here is an example of a hierarchy: /Finance/Prod/IAD/WinServ2016/license33 + // The hierarchy for the parameter. Hierarchies start with a forward slash (/). + // The hierachy is the parameter name except the last part of the parameter. + // For the API call to succeeed, the last part of the parameter name cannot + // be in the path. A parameter name hierarchy can have a maximum of 15 levels. + // Here is an example of a hierarchy: /Finance/Prod/IAD/WinServ2016/license33 // // Path is a required field Path *string `min:"1" type:"string" required:"true"` @@ -30300,7 +31443,7 @@ type InstanceInformation struct { // The date the association was last run. LastAssociationExecutionDate *time.Time `type:"timestamp"` - // The date and time when agent last pinged Systems Manager service. + // The date and time when the agent last pinged the Systems Manager service. LastPingDateTime *time.Time `type:"timestamp"` // The last date the association was successfully run. @@ -35309,6 +36452,154 @@ func (s *ListComplianceSummariesOutput) SetNextToken(v string) *ListComplianceSu return s } +type ListDocumentMetadataHistoryInput struct { + _ struct{} `type:"structure"` + + // The version of the document. + DocumentVersion *string `type:"string"` + + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + MaxResults *int64 `min:"1" type:"integer"` + + // The type of data for which details are being requested. Currently, the only + // supported value is DocumentReviews. + // + // Metadata is a required field + Metadata *string `type:"string" required:"true" enum:"DocumentMetadataEnum"` + + // The name of the document. + // + // Name is a required field + Name *string `type:"string" required:"true"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s ListDocumentMetadataHistoryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListDocumentMetadataHistoryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListDocumentMetadataHistoryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListDocumentMetadataHistoryInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.Metadata == nil { + invalidParams.Add(request.NewErrParamRequired("Metadata")) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *ListDocumentMetadataHistoryInput) SetDocumentVersion(v string) *ListDocumentMetadataHistoryInput { + s.DocumentVersion = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListDocumentMetadataHistoryInput) SetMaxResults(v int64) *ListDocumentMetadataHistoryInput { + s.MaxResults = &v + return s +} + +// SetMetadata sets the Metadata field's value. +func (s *ListDocumentMetadataHistoryInput) SetMetadata(v string) *ListDocumentMetadataHistoryInput { + s.Metadata = &v + return s +} + +// SetName sets the Name field's value. +func (s *ListDocumentMetadataHistoryInput) SetName(v string) *ListDocumentMetadataHistoryInput { + s.Name = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListDocumentMetadataHistoryInput) SetNextToken(v string) *ListDocumentMetadataHistoryInput { + s.NextToken = &v + return s +} + +type ListDocumentMetadataHistoryOutput struct { + _ struct{} `type:"structure"` + + // The user ID of the person in the organization who requested the document + // review. + Author *string `type:"string"` + + // The version of the document. + DocumentVersion *string `type:"string"` + + // Information about the response to the document approval request. + Metadata *DocumentMetadataResponseInfo `type:"structure"` + + // The name of the document. + Name *string `type:"string"` + + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s ListDocumentMetadataHistoryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListDocumentMetadataHistoryOutput) GoString() string { + return s.String() +} + +// SetAuthor sets the Author field's value. +func (s *ListDocumentMetadataHistoryOutput) SetAuthor(v string) *ListDocumentMetadataHistoryOutput { + s.Author = &v + return s +} + +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *ListDocumentMetadataHistoryOutput) SetDocumentVersion(v string) *ListDocumentMetadataHistoryOutput { + s.DocumentVersion = &v + return s +} + +// SetMetadata sets the Metadata field's value. +func (s *ListDocumentMetadataHistoryOutput) SetMetadata(v *DocumentMetadataResponseInfo) *ListDocumentMetadataHistoryOutput { + s.Metadata = v + return s +} + +// SetName sets the Name field's value. +func (s *ListDocumentMetadataHistoryOutput) SetName(v string) *ListDocumentMetadataHistoryOutput { + s.Name = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListDocumentMetadataHistoryOutput) SetNextToken(v string) *ListDocumentMetadataHistoryOutput { + s.NextToken = &v + return s +} + type ListDocumentVersionsInput struct { _ struct{} `type:"structure"` @@ -35416,6 +36707,9 @@ type ListDocumentsInput struct { // Owner, Name, PlatformTypes, DocumentType, and TargetType. For example, to // return documents you own use Key=Owner,Values=Self. To specify a custom key-value // pair, use the format Key=tag:tagName,Values=valueName. + // + // This API action only supports filtering documents by using a single tag key + // and one or more tag values. For example: Key=tag:tagName,Values=valueName1,valueName2 Filters []*DocumentKeyValuesFilter `type:"list"` // The maximum number of items to return for this call. The call also returns @@ -35701,6 +36995,106 @@ func (s *ListInventoryEntriesOutput) SetTypeName(v string) *ListInventoryEntries return s } +type ListOpsItemEventsInput struct { + _ struct{} `type:"structure"` + + // One or more OpsItem filters. Use a filter to return a more specific list + // of results. + Filters []*OpsItemEventFilter `type:"list"` + + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + MaxResults *int64 `min:"1" type:"integer"` + + // A token to start the list. Use this token to get the next set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s ListOpsItemEventsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListOpsItemEventsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListOpsItemEventsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListOpsItemEventsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *ListOpsItemEventsInput) SetFilters(v []*OpsItemEventFilter) *ListOpsItemEventsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListOpsItemEventsInput) SetMaxResults(v int64) *ListOpsItemEventsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListOpsItemEventsInput) SetNextToken(v string) *ListOpsItemEventsInput { + s.NextToken = &v + return s +} + +type ListOpsItemEventsOutput struct { + _ struct{} `type:"structure"` + + // The token for the next set of items to return. Use this token to get the + // next set of results. + NextToken *string `type:"string"` + + // A list of event information for the specified OpsItems. + Summaries []*OpsItemEventSummary `type:"list"` +} + +// String returns the string representation +func (s ListOpsItemEventsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListOpsItemEventsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListOpsItemEventsOutput) SetNextToken(v string) *ListOpsItemEventsOutput { + s.NextToken = &v + return s +} + +// SetSummaries sets the Summaries field's value. +func (s *ListOpsItemEventsOutput) SetSummaries(v []*OpsItemEventSummary) *ListOpsItemEventsOutput { + s.Summaries = v + return s +} + type ListOpsMetadataInput struct { _ struct{} `type:"structure"` @@ -37409,11 +38803,11 @@ func (s *MaxDocumentSizeExceeded) RequestID() string { return s.RespMetadata.RequestID } -// Metadata to assign to an AppManager application. +// Metadata to assign to an Application Manager application. type MetadataValue struct { _ struct{} `type:"structure"` - // Metadata value to assign to an AppManager application. + // Metadata value to assign to an Application Manager application. Value *string `min:"1" type:"string"` } @@ -37885,6 +39279,14 @@ func (s *OpsFilter) SetValues(v []*string) *OpsFilter { type OpsItem struct { _ struct{} `type:"structure"` + // The time a runbook workflow ended. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualEndTime *time.Time `type:"timestamp"` + + // The time a runbook workflow started. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualStartTime *time.Time `type:"timestamp"` + // An OpsItem category. Category options include: Availability, Cost, Performance, // Recovery, Security. Category *string `min:"1" type:"string"` @@ -37934,6 +39336,18 @@ type OpsItem struct { // The ID of the OpsItem. OpsItemId *string `type:"string"` + // The type of OpsItem. Currently, the only valid values are /aws/changerequest + // and /aws/issue. + OpsItemType *string `type:"string"` + + // The time specified in a change request for a runbook workflow to end. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedEndTime *time.Time `type:"timestamp"` + + // The time specified in a change request for a runbook workflow to start. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedStartTime *time.Time `type:"timestamp"` + // The importance of this OpsItem in relation to other OpsItems in the system. Priority *int64 `min:"1" type:"integer"` @@ -37973,6 +39387,18 @@ func (s OpsItem) GoString() string { return s.String() } +// SetActualEndTime sets the ActualEndTime field's value. +func (s *OpsItem) SetActualEndTime(v time.Time) *OpsItem { + s.ActualEndTime = &v + return s +} + +// SetActualStartTime sets the ActualStartTime field's value. +func (s *OpsItem) SetActualStartTime(v time.Time) *OpsItem { + s.ActualStartTime = &v + return s +} + // SetCategory sets the Category field's value. func (s *OpsItem) SetCategory(v string) *OpsItem { s.Category = &v @@ -38027,6 +39453,24 @@ func (s *OpsItem) SetOpsItemId(v string) *OpsItem { return s } +// SetOpsItemType sets the OpsItemType field's value. +func (s *OpsItem) SetOpsItemType(v string) *OpsItem { + s.OpsItemType = &v + return s +} + +// SetPlannedEndTime sets the PlannedEndTime field's value. +func (s *OpsItem) SetPlannedEndTime(v time.Time) *OpsItem { + s.PlannedEndTime = &v + return s +} + +// SetPlannedStartTime sets the PlannedStartTime field's value. +func (s *OpsItem) SetPlannedStartTime(v time.Time) *OpsItem { + s.PlannedStartTime = &v + return s +} + // SetPriority sets the Priority field's value. func (s *OpsItem) SetPriority(v int64) *OpsItem { s.Priority = &v @@ -38161,6 +39605,154 @@ func (s *OpsItemDataValue) SetValue(v string) *OpsItemDataValue { return s } +// Describes a filter for a specific list of OpsItem events. You can filter +// event information by using tags. You specify tags by using a key-value pair +// mapping. +type OpsItemEventFilter struct { + _ struct{} `type:"structure"` + + // The name of the filter key. Currently, the only supported value is OpsItemId. + // + // Key is a required field + Key *string `type:"string" required:"true" enum:"OpsItemEventFilterKey"` + + // The operator used by the filter call. Currently, the only supported value + // is Equal. + // + // Operator is a required field + Operator *string `type:"string" required:"true" enum:"OpsItemEventFilterOperator"` + + // The values for the filter, consisting of one or more OpsItem IDs. + // + // Values is a required field + Values []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s OpsItemEventFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemEventFilter) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *OpsItemEventFilter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "OpsItemEventFilter"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Operator == nil { + invalidParams.Add(request.NewErrParamRequired("Operator")) + } + if s.Values == nil { + invalidParams.Add(request.NewErrParamRequired("Values")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *OpsItemEventFilter) SetKey(v string) *OpsItemEventFilter { + s.Key = &v + return s +} + +// SetOperator sets the Operator field's value. +func (s *OpsItemEventFilter) SetOperator(v string) *OpsItemEventFilter { + s.Operator = &v + return s +} + +// SetValues sets the Values field's value. +func (s *OpsItemEventFilter) SetValues(v []*string) *OpsItemEventFilter { + s.Values = v + return s +} + +// Summary information about an OpsItem event. +type OpsItemEventSummary struct { + _ struct{} `type:"structure"` + + // Information about the user or resource that created the OpsItem event. + CreatedBy *OpsItemIdentity `type:"structure"` + + // The date and time the OpsItem event was created. + CreatedTime *time.Time `type:"timestamp"` + + // Specific information about the OpsItem event. + Detail *string `type:"string"` + + // The type of information provided as a detail. + DetailType *string `type:"string"` + + // The ID of the OpsItem event. + EventId *string `type:"string"` + + // The ID of the OpsItem. + OpsItemId *string `type:"string"` + + // The source of the OpsItem event. + Source *string `type:"string"` +} + +// String returns the string representation +func (s OpsItemEventSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemEventSummary) GoString() string { + return s.String() +} + +// SetCreatedBy sets the CreatedBy field's value. +func (s *OpsItemEventSummary) SetCreatedBy(v *OpsItemIdentity) *OpsItemEventSummary { + s.CreatedBy = v + return s +} + +// SetCreatedTime sets the CreatedTime field's value. +func (s *OpsItemEventSummary) SetCreatedTime(v time.Time) *OpsItemEventSummary { + s.CreatedTime = &v + return s +} + +// SetDetail sets the Detail field's value. +func (s *OpsItemEventSummary) SetDetail(v string) *OpsItemEventSummary { + s.Detail = &v + return s +} + +// SetDetailType sets the DetailType field's value. +func (s *OpsItemEventSummary) SetDetailType(v string) *OpsItemEventSummary { + s.DetailType = &v + return s +} + +// SetEventId sets the EventId field's value. +func (s *OpsItemEventSummary) SetEventId(v string) *OpsItemEventSummary { + s.EventId = &v + return s +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *OpsItemEventSummary) SetOpsItemId(v string) *OpsItemEventSummary { + s.OpsItemId = &v + return s +} + +// SetSource sets the Source field's value. +func (s *OpsItemEventSummary) SetSource(v string) *OpsItemEventSummary { + s.Source = &v + return s +} + // Describes an OpsItem filter. type OpsItemFilter struct { _ struct{} `type:"structure"` @@ -38228,6 +39820,31 @@ func (s *OpsItemFilter) SetValues(v []*string) *OpsItemFilter { return s } +// Information about the user or resource that created an OpsItem event. +type OpsItemIdentity struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM entity that created the OpsItem + // event. + Arn *string `type:"string"` +} + +// String returns the string representation +func (s OpsItemIdentity) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemIdentity) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *OpsItemIdentity) SetArn(v string) *OpsItemIdentity { + s.Arn = &v + return s +} + // A specified parameter argument isn't valid. Verify the available arguments // and try again. type OpsItemInvalidParameterException struct { @@ -38435,6 +40052,14 @@ func (s *OpsItemNotification) SetArn(v string) *OpsItemNotification { type OpsItemSummary struct { _ struct{} `type:"structure"` + // The time a runbook workflow ended. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualEndTime *time.Time `type:"timestamp"` + + // The time a runbook workflow started. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualStartTime *time.Time `type:"timestamp"` + // A list of OpsItems by category. Category *string `min:"1" type:"string"` @@ -38457,6 +40082,18 @@ type OpsItemSummary struct { // The ID of the OpsItem. OpsItemId *string `type:"string"` + // The type of OpsItem. Currently, the only valid values are /aws/changerequest + // and /aws/issue. + OpsItemType *string `type:"string"` + + // The time specified in a change request for a runbook workflow to end. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedEndTime *time.Time `type:"timestamp"` + + // The time specified in a change request for a runbook workflow to start. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedStartTime *time.Time `type:"timestamp"` + // The importance of this OpsItem in relation to other OpsItems in the system. Priority *int64 `min:"1" type:"integer"` @@ -38484,6 +40121,18 @@ func (s OpsItemSummary) GoString() string { return s.String() } +// SetActualEndTime sets the ActualEndTime field's value. +func (s *OpsItemSummary) SetActualEndTime(v time.Time) *OpsItemSummary { + s.ActualEndTime = &v + return s +} + +// SetActualStartTime sets the ActualStartTime field's value. +func (s *OpsItemSummary) SetActualStartTime(v time.Time) *OpsItemSummary { + s.ActualStartTime = &v + return s +} + // SetCategory sets the Category field's value. func (s *OpsItemSummary) SetCategory(v string) *OpsItemSummary { s.Category = &v @@ -38526,6 +40175,24 @@ func (s *OpsItemSummary) SetOpsItemId(v string) *OpsItemSummary { return s } +// SetOpsItemType sets the OpsItemType field's value. +func (s *OpsItemSummary) SetOpsItemType(v string) *OpsItemSummary { + s.OpsItemType = &v + return s +} + +// SetPlannedEndTime sets the PlannedEndTime field's value. +func (s *OpsItemSummary) SetPlannedEndTime(v time.Time) *OpsItemSummary { + s.PlannedEndTime = &v + return s +} + +// SetPlannedStartTime sets the PlannedStartTime field's value. +func (s *OpsItemSummary) SetPlannedStartTime(v time.Time) *OpsItemSummary { + s.PlannedStartTime = &v + return s +} + // SetPriority sets the Priority field's value. func (s *OpsItemSummary) SetPriority(v int64) *OpsItemSummary { s.Priority = &v @@ -38556,7 +40223,7 @@ func (s *OpsItemSummary) SetTitle(v string) *OpsItemSummary { return s } -// Operational metadata for an application in AppManager. +// Operational metadata for an application in Application Manager. type OpsMetadata struct { _ struct{} `type:"structure"` @@ -38572,7 +40239,7 @@ type OpsMetadata struct { // The Amazon Resource Name (ARN) of the OpsMetadata Object or blob. OpsMetadataArn *string `min:"1" type:"string"` - // The ID of the AppManager application. + // The ID of the Application Manager application. ResourceId *string `min:"1" type:"string"` } @@ -38788,7 +40455,7 @@ func (s *OpsMetadataInvalidArgumentException) RequestID() string { } // The OpsMetadata object exceeds the maximum number of OpsMetadata keys that -// you can assign to an application in AppManager. +// you can assign to an application in Application Manager. type OpsMetadataKeyLimitExceededException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -38845,8 +40512,8 @@ func (s *OpsMetadataKeyLimitExceededException) RequestID() string { } // Your account reached the maximum number of OpsMetadata objects allowed by -// AppManager. The maximum is 200 OpsMetadata objects. Delete one or more OpsMetadata -// object and try again. +// Application Manager. The maximum is 200 OpsMetadata objects. Delete one or +// more OpsMetadata object and try again. type OpsMetadataLimitExceededException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -40811,11 +42478,14 @@ type PatchSource struct { // // [main] // - // cachedir=/var/cache/yum/$basesearch$releasever + // name=MyCustomRepository // - // keepcache=0 + // baseurl=https://my-custom-repository // - // debuglevel=2 + // enabled=1 + // + // For information about other options available for your yum repository configuration, + // see dnf.conf(5) (https://man7.org/linux/man-pages/man5/dnf.conf.5.html). // // Configuration is a required field Configuration *string `min:"1" type:"string" required:"true" sensitive:"true"` @@ -42026,13 +43696,17 @@ type RegisterTaskWithMaintenanceWindowInput struct { // The maximum number of targets this task can be run for in parallel. // - // MaxConcurrency is a required field - MaxConcurrency *string `min:"1" type:"string" required:"true"` + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1. This value does not affect the running of your task. + MaxConcurrency *string `min:"1" type:"string"` // The maximum number of errors allowed before this task stops being scheduled. // - // MaxErrors is a required field - MaxErrors *string `min:"1" type:"string" required:"true"` + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1. This value does not affect the running of your task. + MaxErrors *string `min:"1" type:"string"` // An optional name for the task. Name *string `min:"3" type:"string"` @@ -42058,16 +43732,21 @@ type RegisterTaskWithMaintenanceWindowInput struct { // The targets (either instances or maintenance window targets). // + // One or more targets must be specified for maintenance window Run Command-type + // tasks. Depending on the task, targets are optional for other maintenance + // window task types (Automation, AWS Lambda, and AWS Step Functions). For more + // information about running tasks that do not specify targets, see Registering + // maintenance window tasks without targets (https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) + // in the AWS Systems Manager User Guide. + // // Specify instances using the following format: // // Key=InstanceIds,Values=, // // Specify maintenance window targets using the following format: // - // Key=WindowTargetIds;,Values=, - // - // Targets is a required field - Targets []*Target `type:"list" required:"true"` + // Key=WindowTargetIds,Values=, + Targets []*Target `type:"list"` // The ARN of the task to run. // @@ -42116,24 +43795,15 @@ func (s *RegisterTaskWithMaintenanceWindowInput) Validate() error { if s.Description != nil && len(*s.Description) < 1 { invalidParams.Add(request.NewErrParamMinLen("Description", 1)) } - if s.MaxConcurrency == nil { - invalidParams.Add(request.NewErrParamRequired("MaxConcurrency")) - } if s.MaxConcurrency != nil && len(*s.MaxConcurrency) < 1 { invalidParams.Add(request.NewErrParamMinLen("MaxConcurrency", 1)) } - if s.MaxErrors == nil { - invalidParams.Add(request.NewErrParamRequired("MaxErrors")) - } if s.MaxErrors != nil && len(*s.MaxErrors) < 1 { invalidParams.Add(request.NewErrParamMinLen("MaxErrors", 1)) } if s.Name != nil && len(*s.Name) < 3 { invalidParams.Add(request.NewErrParamMinLen("Name", 3)) } - if s.Targets == nil { - invalidParams.Add(request.NewErrParamRequired("Targets")) - } if s.TaskArn == nil { invalidParams.Add(request.NewErrParamRequired("TaskArn")) } @@ -43689,6 +45359,199 @@ func (s *ResumeSessionOutput) SetTokenValue(v string) *ResumeSessionOutput { return s } +// Information about the result of a document review request. +type ReviewInformation struct { + _ struct{} `type:"structure"` + + // The time that the reviewer took action on the document review request. + ReviewedTime *time.Time `type:"timestamp"` + + // The reviewer assigned to take action on the document review request. + Reviewer *string `type:"string"` + + // The current status of the document review request. + Status *string `type:"string" enum:"ReviewStatus"` +} + +// String returns the string representation +func (s ReviewInformation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ReviewInformation) GoString() string { + return s.String() +} + +// SetReviewedTime sets the ReviewedTime field's value. +func (s *ReviewInformation) SetReviewedTime(v time.Time) *ReviewInformation { + s.ReviewedTime = &v + return s +} + +// SetReviewer sets the Reviewer field's value. +func (s *ReviewInformation) SetReviewer(v string) *ReviewInformation { + s.Reviewer = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ReviewInformation) SetStatus(v string) *ReviewInformation { + s.Status = &v + return s +} + +// Information about an Automation runbook (Automation document) used in a runbook +// workflow in Change Manager. +// +// The Automation runbooks specified for the runbook workflow can't run until +// all required approvals for the change request have been received. +type Runbook struct { + _ struct{} `type:"structure"` + + // The name of the Automation runbook (Automation document) used in a runbook + // workflow. + // + // DocumentName is a required field + DocumentName *string `type:"string" required:"true"` + + // The version of the Automation runbook (Automation document) used in a runbook + // workflow. + DocumentVersion *string `type:"string"` + + // The MaxConcurrency value specified by the user when the operation started, + // indicating the maximum number of resources that the runbook operation can + // run on at the same time. + MaxConcurrency *string `min:"1" type:"string"` + + // The MaxErrors value specified by the user when the execution started, indicating + // the maximum number of errors that can occur during the operation before the + // updates are stopped or rolled back. + MaxErrors *string `min:"1" type:"string"` + + // The key-value map of execution parameters, which were supplied when calling + // StartChangeRequestExecution. + Parameters map[string][]*string `min:"1" type:"map"` + + // Information about the AWS Regions and accounts targeted by the current Runbook + // operation. + TargetLocations []*TargetLocation `min:"1" type:"list"` + + // The name of the parameter used as the target resource for the rate-controlled + // runbook workflow. Required if you specify Targets. + TargetParameterName *string `min:"1" type:"string"` + + // A key-value mapping to target resources that the Runbook operation performs + // tasks on. Required if you specify TargetParameterName. + Targets []*Target `type:"list"` +} + +// String returns the string representation +func (s Runbook) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Runbook) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Runbook) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Runbook"} + if s.DocumentName == nil { + invalidParams.Add(request.NewErrParamRequired("DocumentName")) + } + if s.MaxConcurrency != nil && len(*s.MaxConcurrency) < 1 { + invalidParams.Add(request.NewErrParamMinLen("MaxConcurrency", 1)) + } + if s.MaxErrors != nil && len(*s.MaxErrors) < 1 { + invalidParams.Add(request.NewErrParamMinLen("MaxErrors", 1)) + } + if s.Parameters != nil && len(s.Parameters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Parameters", 1)) + } + if s.TargetLocations != nil && len(s.TargetLocations) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetLocations", 1)) + } + if s.TargetParameterName != nil && len(*s.TargetParameterName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetParameterName", 1)) + } + if s.TargetLocations != nil { + for i, v := range s.TargetLocations { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TargetLocations", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Targets != nil { + for i, v := range s.Targets { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Targets", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDocumentName sets the DocumentName field's value. +func (s *Runbook) SetDocumentName(v string) *Runbook { + s.DocumentName = &v + return s +} + +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *Runbook) SetDocumentVersion(v string) *Runbook { + s.DocumentVersion = &v + return s +} + +// SetMaxConcurrency sets the MaxConcurrency field's value. +func (s *Runbook) SetMaxConcurrency(v string) *Runbook { + s.MaxConcurrency = &v + return s +} + +// SetMaxErrors sets the MaxErrors field's value. +func (s *Runbook) SetMaxErrors(v string) *Runbook { + s.MaxErrors = &v + return s +} + +// SetParameters sets the Parameters field's value. +func (s *Runbook) SetParameters(v map[string][]*string) *Runbook { + s.Parameters = v + return s +} + +// SetTargetLocations sets the TargetLocations field's value. +func (s *Runbook) SetTargetLocations(v []*TargetLocation) *Runbook { + s.TargetLocations = v + return s +} + +// SetTargetParameterName sets the TargetParameterName field's value. +func (s *Runbook) SetTargetParameterName(v string) *Runbook { + s.TargetParameterName = &v + return s +} + +// SetTargets sets the Targets field's value. +func (s *Runbook) SetTargets(v []*Target) *Runbook { + s.Targets = v + return s +} + // An S3 bucket where you want to store the results of this request. type S3OutputLocation struct { _ struct{} `type:"structure"` @@ -43934,8 +45797,11 @@ type SendCommandInput struct { // Sha1 hashes have been deprecated. DocumentHashType *string `type:"string" enum:"DocumentHashType"` - // Required. The name of the Systems Manager document to run. This can be a - // public document or a custom document. + // The name of the Systems Manager document to run. This can be a public document + // or a custom document. To run a shared document belonging to another account, + // specify the document ARN. For more information about how to use shared documents, + // see Using shared SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html) + // in the AWS Systems Manager User Guide. // // DocumentName is a required field DocumentName *string `type:"string" required:"true"` @@ -44703,7 +46569,11 @@ type StartAutomationExecutionInput struct { // enforces the UUID format, and can't be reused. ClientToken *string `min:"36" type:"string"` - // The name of the Automation document to use for this execution. + // The name of the Systems Manager document to run. This can be a public document + // or a custom document. To run a shared document belonging to another account, + // specify the document ARN. For more information about how to use shared documents, + // see Using shared SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html) + // in the AWS Systems Manager User Guide. // // DocumentName is a required field DocumentName *string `type:"string" required:"true"` @@ -44938,6 +46808,186 @@ func (s *StartAutomationExecutionOutput) SetAutomationExecutionId(v string) *Sta return s } +type StartChangeRequestExecutionInput struct { + _ struct{} `type:"structure"` + + // The name of the change request associated with the runbook workflow to be + // run. + ChangeRequestName *string `min:"1" type:"string"` + + // The user-provided idempotency token. The token must be unique, is case insensitive, + // enforces the UUID format, and can't be reused. + ClientToken *string `min:"36" type:"string"` + + // The name of the change template document to run during the runbook workflow. + // + // DocumentName is a required field + DocumentName *string `type:"string" required:"true"` + + // The version of the change template document to run during the runbook workflow. + DocumentVersion *string `type:"string"` + + // A key-value map of parameters that match the declared parameters in the change + // template document. + Parameters map[string][]*string `min:"1" type:"map"` + + // Information about the Automation runbooks (Automation documents) that are + // run during the runbook workflow. + // + // The Automation runbooks specified for the runbook workflow can't run until + // all required approvals for the change request have been received. + // + // Runbooks is a required field + Runbooks []*Runbook `min:"1" type:"list" required:"true"` + + // The date and time specified in the change request to run the Automation runbooks. + // + // The Automation runbooks specified for the runbook workflow can't run until + // all required approvals for the change request have been received. + ScheduledTime *time.Time `type:"timestamp"` + + // Optional metadata that you assign to a resource. You can specify a maximum + // of five tags for a change request. Tags enable you to categorize a resource + // in different ways, such as by purpose, owner, or environment. For example, + // you might want to tag a change request to identify an environment or target + // AWS Region. In this case, you could specify the following key-value pairs: + // + // * Key=Environment,Value=Production + // + // * Key=Region,Value=us-east-2 + Tags []*Tag `type:"list"` +} + +// String returns the string representation +func (s StartChangeRequestExecutionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartChangeRequestExecutionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartChangeRequestExecutionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartChangeRequestExecutionInput"} + if s.ChangeRequestName != nil && len(*s.ChangeRequestName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ChangeRequestName", 1)) + } + if s.ClientToken != nil && len(*s.ClientToken) < 36 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 36)) + } + if s.DocumentName == nil { + invalidParams.Add(request.NewErrParamRequired("DocumentName")) + } + if s.Parameters != nil && len(s.Parameters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Parameters", 1)) + } + if s.Runbooks == nil { + invalidParams.Add(request.NewErrParamRequired("Runbooks")) + } + if s.Runbooks != nil && len(s.Runbooks) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Runbooks", 1)) + } + if s.Runbooks != nil { + for i, v := range s.Runbooks { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Runbooks", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetChangeRequestName sets the ChangeRequestName field's value. +func (s *StartChangeRequestExecutionInput) SetChangeRequestName(v string) *StartChangeRequestExecutionInput { + s.ChangeRequestName = &v + return s +} + +// SetClientToken sets the ClientToken field's value. +func (s *StartChangeRequestExecutionInput) SetClientToken(v string) *StartChangeRequestExecutionInput { + s.ClientToken = &v + return s +} + +// SetDocumentName sets the DocumentName field's value. +func (s *StartChangeRequestExecutionInput) SetDocumentName(v string) *StartChangeRequestExecutionInput { + s.DocumentName = &v + return s +} + +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *StartChangeRequestExecutionInput) SetDocumentVersion(v string) *StartChangeRequestExecutionInput { + s.DocumentVersion = &v + return s +} + +// SetParameters sets the Parameters field's value. +func (s *StartChangeRequestExecutionInput) SetParameters(v map[string][]*string) *StartChangeRequestExecutionInput { + s.Parameters = v + return s +} + +// SetRunbooks sets the Runbooks field's value. +func (s *StartChangeRequestExecutionInput) SetRunbooks(v []*Runbook) *StartChangeRequestExecutionInput { + s.Runbooks = v + return s +} + +// SetScheduledTime sets the ScheduledTime field's value. +func (s *StartChangeRequestExecutionInput) SetScheduledTime(v time.Time) *StartChangeRequestExecutionInput { + s.ScheduledTime = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *StartChangeRequestExecutionInput) SetTags(v []*Tag) *StartChangeRequestExecutionInput { + s.Tags = v + return s +} + +type StartChangeRequestExecutionOutput struct { + _ struct{} `type:"structure"` + + // The unique ID of a runbook workflow operation. (A runbook workflow is a type + // of Automation operation.) + AutomationExecutionId *string `min:"36" type:"string"` +} + +// String returns the string representation +func (s StartChangeRequestExecutionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartChangeRequestExecutionOutput) GoString() string { + return s.String() +} + +// SetAutomationExecutionId sets the AutomationExecutionId field's value. +func (s *StartChangeRequestExecutionOutput) SetAutomationExecutionId(v string) *StartChangeRequestExecutionOutput { + s.AutomationExecutionId = &v + return s +} + type StartSessionInput struct { _ struct{} `type:"structure"` @@ -45577,6 +47627,13 @@ func (s *Tag) SetValue(v string) *Tag { // An array of search criteria that targets instances using a Key,Value combination // that you specify. // +// One or more targets must be specified for maintenance window Run Command-type +// tasks. Depending on the task, targets are optional for other maintenance +// window task types (Automation, AWS Lambda, and AWS Step Functions). For more +// information about running tasks that do not specify targets, see Registering +// maintenance window tasks without targets (https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) +// in the AWS Systems Manager User Guide. +// // Supported formats include the following. // // * Key=InstanceIds,Values=instance-id-1,instance-id-2,instance-id-3 @@ -45729,14 +47786,15 @@ type TargetLocation struct { // The AWS accounts targeted by the current Automation execution. Accounts []*string `min:"1" type:"list"` - // The Automation execution role used by the currently running Automation. + // The Automation execution role used by the currently running Automation. If + // not specified, the default value is AWS-SystemsManager-AutomationExecutionRole. ExecutionRoleName *string `min:"1" type:"string"` // The AWS Regions targeted by the current Automation execution. Regions []*string `min:"1" type:"list"` // The maximum number of AWS accounts and AWS regions allowed to run the Automation - // concurrently + // concurrently. TargetLocationMaxConcurrency *string `min:"1" type:"string"` // The maximum number of errors allowed before the system stops queueing additional @@ -46617,6 +48675,11 @@ type UpdateAssociationInput struct { // By default, all associations use AUTO mode. SyncCompliance *string `type:"string" enum:"AssociationSyncCompliance"` + // A location is a combination of AWS Regions and AWS accounts where you want + // to run the association. Use this action to update an association in multiple + // Regions and multiple accounts. + TargetLocations []*TargetLocation `min:"1" type:"list"` + // The targets of the association. Targets []*Target `type:"list"` } @@ -46649,11 +48712,24 @@ func (s *UpdateAssociationInput) Validate() error { if s.ScheduleExpression != nil && len(*s.ScheduleExpression) < 1 { invalidParams.Add(request.NewErrParamMinLen("ScheduleExpression", 1)) } + if s.TargetLocations != nil && len(s.TargetLocations) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetLocations", 1)) + } if s.OutputLocation != nil { if err := s.OutputLocation.Validate(); err != nil { invalidParams.AddNested("OutputLocation", err.(request.ErrInvalidParams)) } } + if s.TargetLocations != nil { + for i, v := range s.TargetLocations { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TargetLocations", i), err.(request.ErrInvalidParams)) + } + } + } if s.Targets != nil { for i, v := range s.Targets { if v == nil { @@ -46755,6 +48831,12 @@ func (s *UpdateAssociationInput) SetSyncCompliance(v string) *UpdateAssociationI return s } +// SetTargetLocations sets the TargetLocations field's value. +func (s *UpdateAssociationInput) SetTargetLocations(v []*TargetLocation) *UpdateAssociationInput { + s.TargetLocations = v + return s +} + // SetTargets sets the Targets field's value. func (s *UpdateAssociationInput) SetTargets(v []*Target) *UpdateAssociationInput { s.Targets = v @@ -47070,6 +49152,86 @@ func (s *UpdateDocumentInput) SetVersionName(v string) *UpdateDocumentInput { return s } +type UpdateDocumentMetadataInput struct { + _ struct{} `type:"structure"` + + // The document review details to update. + // + // DocumentReviews is a required field + DocumentReviews *DocumentReviews `type:"structure" required:"true"` + + // The version of a document to update. + DocumentVersion *string `type:"string"` + + // The name of the document for which a version is to be updated. + // + // Name is a required field + Name *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s UpdateDocumentMetadataInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateDocumentMetadataInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateDocumentMetadataInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateDocumentMetadataInput"} + if s.DocumentReviews == nil { + invalidParams.Add(request.NewErrParamRequired("DocumentReviews")) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.DocumentReviews != nil { + if err := s.DocumentReviews.Validate(); err != nil { + invalidParams.AddNested("DocumentReviews", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDocumentReviews sets the DocumentReviews field's value. +func (s *UpdateDocumentMetadataInput) SetDocumentReviews(v *DocumentReviews) *UpdateDocumentMetadataInput { + s.DocumentReviews = v + return s +} + +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *UpdateDocumentMetadataInput) SetDocumentVersion(v string) *UpdateDocumentMetadataInput { + s.DocumentVersion = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateDocumentMetadataInput) SetName(v string) *UpdateDocumentMetadataInput { + s.Name = &v + return s +} + +type UpdateDocumentMetadataOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateDocumentMetadataOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateDocumentMetadataOutput) GoString() string { + return s.String() +} + type UpdateDocumentOutput struct { _ struct{} `type:"structure"` @@ -47135,7 +49297,7 @@ type UpdateMaintenanceWindowInput struct { // For example, the following cron expression schedules a maintenance window // to run the third Tuesday of every month at 11:30 PM. // - // cron(0 30 23 ? * TUE#3 *) + // cron(30 23 ? * TUE#3 *) // // If the schedule offset is 2, the maintenance window won't run until two days // later. @@ -47143,13 +49305,13 @@ type UpdateMaintenanceWindowInput struct { // The time zone that the scheduled maintenance window executions are based // on, in Internet Assigned Numbers Authority (IANA) format. For example: "America/Los_Angeles", - // "etc/UTC", or "Asia/Seoul". For more information, see the Time Zone Database + // "UTC", or "Asia/Seoul". For more information, see the Time Zone Database // (https://www.iana.org/time-zones) on the IANA website. ScheduleTimezone *string `type:"string"` // The time zone that the scheduled maintenance window executions are based // on, in Internet Assigned Numbers Authority (IANA) format. For example: "America/Los_Angeles", - // "etc/UTC", or "Asia/Seoul". For more information, see the Time Zone Database + // "UTC", or "Asia/Seoul". For more information, see the Time Zone Database // (https://www.iana.org/time-zones) on the IANA website. StartDate *string `type:"string"` @@ -47315,7 +49477,7 @@ type UpdateMaintenanceWindowOutput struct { // The time zone that the scheduled maintenance window executions are based // on, in Internet Assigned Numbers Authority (IANA) format. For example: "America/Los_Angeles", - // "etc/UTC", or "Asia/Seoul". For more information, see the Time Zone Database + // "UTC", or "Asia/Seoul". For more information, see the Time Zone Database // (https://www.iana.org/time-zones) on the IANA website. ScheduleTimezone *string `type:"string"` @@ -47619,10 +49781,20 @@ type UpdateMaintenanceWindowTaskInput struct { // The new MaxConcurrency value you want to specify. MaxConcurrency is the number // of targets that are allowed to run this task in parallel. + // + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1, which may be reported in the response to this command. This value does + // not affect the running of your task and can be ignored. MaxConcurrency *string `min:"1" type:"string"` // The new MaxErrors value to specify. MaxErrors is the maximum number of errors // that are allowed before the task stops being scheduled. + // + // For maintenance window tasks without a target specified, you cannot supply + // a value for this option. Instead, the system inserts a placeholder value + // of 1, which may be reported in the response to this command. This value does + // not affect the running of your task and can be ignored. MaxErrors *string `min:"1" type:"string"` // The new task name to specify. @@ -47654,6 +49826,13 @@ type UpdateMaintenanceWindowTaskInput struct { // The targets (either instances or tags) to modify. Instances are specified // using Key=instanceids,Values=instanceID_1,instanceID_2. Tags are specified // using Key=tag_name,Values=tag_value. + // + // One or more targets must be specified for maintenance window Run Command-type + // tasks. Depending on the task, targets are optional for other maintenance + // window task types (Automation, AWS Lambda, and AWS Step Functions). For more + // information about running tasks that do not specify targets, see Registering + // maintenance window tasks without targets (https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) + // in the AWS Systems Manager User Guide. Targets []*Target `type:"list"` // The task ARN to modify. @@ -48058,6 +50237,14 @@ func (s UpdateManagedInstanceRoleOutput) GoString() string { type UpdateOpsItemInput struct { _ struct{} `type:"structure"` + // The time a runbook workflow ended. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualEndTime *time.Time `type:"timestamp"` + + // The time a runbook workflow started. Currently reported only for the OpsItem + // type /aws/changerequest. + ActualStartTime *time.Time `type:"timestamp"` + // Specify a new category for an OpsItem. Category *string `min:"1" type:"string"` @@ -48103,6 +50290,14 @@ type UpdateOpsItemInput struct { // OpsItemId is a required field OpsItemId *string `type:"string" required:"true"` + // The time specified in a change request for a runbook workflow to end. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedEndTime *time.Time `type:"timestamp"` + + // The time specified in a change request for a runbook workflow to start. Currently + // supported only for the OpsItem type /aws/changerequest. + PlannedStartTime *time.Time `type:"timestamp"` + // The importance of this OpsItem in relation to other OpsItems in the system. Priority *int64 `min:"1" type:"integer"` @@ -48172,6 +50367,18 @@ func (s *UpdateOpsItemInput) Validate() error { return nil } +// SetActualEndTime sets the ActualEndTime field's value. +func (s *UpdateOpsItemInput) SetActualEndTime(v time.Time) *UpdateOpsItemInput { + s.ActualEndTime = &v + return s +} + +// SetActualStartTime sets the ActualStartTime field's value. +func (s *UpdateOpsItemInput) SetActualStartTime(v time.Time) *UpdateOpsItemInput { + s.ActualStartTime = &v + return s +} + // SetCategory sets the Category field's value. func (s *UpdateOpsItemInput) SetCategory(v string) *UpdateOpsItemInput { s.Category = &v @@ -48208,6 +50415,18 @@ func (s *UpdateOpsItemInput) SetOpsItemId(v string) *UpdateOpsItemInput { return s } +// SetPlannedEndTime sets the PlannedEndTime field's value. +func (s *UpdateOpsItemInput) SetPlannedEndTime(v time.Time) *UpdateOpsItemInput { + s.PlannedEndTime = &v + return s +} + +// SetPlannedStartTime sets the PlannedStartTime field's value. +func (s *UpdateOpsItemInput) SetPlannedStartTime(v time.Time) *UpdateOpsItemInput { + s.PlannedStartTime = &v + return s +} + // SetPriority sets the Priority field's value. func (s *UpdateOpsItemInput) SetPriority(v int64) *UpdateOpsItemInput { s.Priority = &v @@ -49098,6 +51317,12 @@ const ( // AutomationExecutionFilterKeyTargetResourceGroup is a AutomationExecutionFilterKey enum value AutomationExecutionFilterKeyTargetResourceGroup = "TargetResourceGroup" + + // AutomationExecutionFilterKeyAutomationSubtype is a AutomationExecutionFilterKey enum value + AutomationExecutionFilterKeyAutomationSubtype = "AutomationSubtype" + + // AutomationExecutionFilterKeyOpsItemId is a AutomationExecutionFilterKey enum value + AutomationExecutionFilterKeyOpsItemId = "OpsItemId" ) // AutomationExecutionFilterKey_Values returns all elements of the AutomationExecutionFilterKey enum @@ -49113,6 +51338,8 @@ func AutomationExecutionFilterKey_Values() []string { AutomationExecutionFilterKeyAutomationType, AutomationExecutionFilterKeyTagKey, AutomationExecutionFilterKeyTargetResourceGroup, + AutomationExecutionFilterKeyAutomationSubtype, + AutomationExecutionFilterKeyOpsItemId, } } @@ -49140,6 +51367,36 @@ const ( // AutomationExecutionStatusFailed is a AutomationExecutionStatus enum value AutomationExecutionStatusFailed = "Failed" + + // AutomationExecutionStatusPendingApproval is a AutomationExecutionStatus enum value + AutomationExecutionStatusPendingApproval = "PendingApproval" + + // AutomationExecutionStatusApproved is a AutomationExecutionStatus enum value + AutomationExecutionStatusApproved = "Approved" + + // AutomationExecutionStatusRejected is a AutomationExecutionStatus enum value + AutomationExecutionStatusRejected = "Rejected" + + // AutomationExecutionStatusScheduled is a AutomationExecutionStatus enum value + AutomationExecutionStatusScheduled = "Scheduled" + + // AutomationExecutionStatusRunbookInProgress is a AutomationExecutionStatus enum value + AutomationExecutionStatusRunbookInProgress = "RunbookInProgress" + + // AutomationExecutionStatusPendingChangeCalendarOverride is a AutomationExecutionStatus enum value + AutomationExecutionStatusPendingChangeCalendarOverride = "PendingChangeCalendarOverride" + + // AutomationExecutionStatusChangeCalendarOverrideApproved is a AutomationExecutionStatus enum value + AutomationExecutionStatusChangeCalendarOverrideApproved = "ChangeCalendarOverrideApproved" + + // AutomationExecutionStatusChangeCalendarOverrideRejected is a AutomationExecutionStatus enum value + AutomationExecutionStatusChangeCalendarOverrideRejected = "ChangeCalendarOverrideRejected" + + // AutomationExecutionStatusCompletedWithSuccess is a AutomationExecutionStatus enum value + AutomationExecutionStatusCompletedWithSuccess = "CompletedWithSuccess" + + // AutomationExecutionStatusCompletedWithFailure is a AutomationExecutionStatus enum value + AutomationExecutionStatusCompletedWithFailure = "CompletedWithFailure" ) // AutomationExecutionStatus_Values returns all elements of the AutomationExecutionStatus enum @@ -49153,6 +51410,28 @@ func AutomationExecutionStatus_Values() []string { AutomationExecutionStatusCancelling, AutomationExecutionStatusCancelled, AutomationExecutionStatusFailed, + AutomationExecutionStatusPendingApproval, + AutomationExecutionStatusApproved, + AutomationExecutionStatusRejected, + AutomationExecutionStatusScheduled, + AutomationExecutionStatusRunbookInProgress, + AutomationExecutionStatusPendingChangeCalendarOverride, + AutomationExecutionStatusChangeCalendarOverrideApproved, + AutomationExecutionStatusChangeCalendarOverrideRejected, + AutomationExecutionStatusCompletedWithSuccess, + AutomationExecutionStatusCompletedWithFailure, + } +} + +const ( + // AutomationSubtypeChangeRequest is a AutomationSubtype enum value + AutomationSubtypeChangeRequest = "ChangeRequest" +) + +// AutomationSubtype_Values returns all elements of the AutomationSubtype enum +func AutomationSubtype_Values() []string { + return []string{ + AutomationSubtypeChangeRequest, } } @@ -49512,6 +51791,18 @@ func DocumentHashType_Values() []string { } } +const ( + // DocumentMetadataEnumDocumentReviews is a DocumentMetadataEnum enum value + DocumentMetadataEnumDocumentReviews = "DocumentReviews" +) + +// DocumentMetadataEnum_Values returns all elements of the DocumentMetadataEnum enum +func DocumentMetadataEnum_Values() []string { + return []string{ + DocumentMetadataEnumDocumentReviews, + } +} + const ( // DocumentParameterTypeString is a DocumentParameterType enum value DocumentParameterTypeString = "String" @@ -49540,6 +51831,42 @@ func DocumentPermissionType_Values() []string { } } +const ( + // DocumentReviewActionSendForReview is a DocumentReviewAction enum value + DocumentReviewActionSendForReview = "SendForReview" + + // DocumentReviewActionUpdateReview is a DocumentReviewAction enum value + DocumentReviewActionUpdateReview = "UpdateReview" + + // DocumentReviewActionApprove is a DocumentReviewAction enum value + DocumentReviewActionApprove = "Approve" + + // DocumentReviewActionReject is a DocumentReviewAction enum value + DocumentReviewActionReject = "Reject" +) + +// DocumentReviewAction_Values returns all elements of the DocumentReviewAction enum +func DocumentReviewAction_Values() []string { + return []string{ + DocumentReviewActionSendForReview, + DocumentReviewActionUpdateReview, + DocumentReviewActionApprove, + DocumentReviewActionReject, + } +} + +const ( + // DocumentReviewCommentTypeComment is a DocumentReviewCommentType enum value + DocumentReviewCommentTypeComment = "Comment" +) + +// DocumentReviewCommentType_Values returns all elements of the DocumentReviewCommentType enum +func DocumentReviewCommentType_Values() []string { + return []string{ + DocumentReviewCommentTypeComment, + } +} + // The status of a document. const ( // DocumentStatusCreating is a DocumentStatus enum value @@ -49596,6 +51923,9 @@ const ( // DocumentTypeChangeCalendar is a DocumentType enum value DocumentTypeChangeCalendar = "ChangeCalendar" + + // DocumentTypeAutomationChangeTemplate is a DocumentType enum value + DocumentTypeAutomationChangeTemplate = "Automation.ChangeTemplate" ) // DocumentType_Values returns all elements of the DocumentType enum @@ -49610,6 +51940,7 @@ func DocumentType_Values() []string { DocumentTypeApplicationConfigurationSchema, DocumentTypeDeploymentStrategy, DocumentTypeChangeCalendar, + DocumentTypeAutomationChangeTemplate, } } @@ -50037,6 +52368,30 @@ func OpsItemDataType_Values() []string { } } +const ( + // OpsItemEventFilterKeyOpsItemId is a OpsItemEventFilterKey enum value + OpsItemEventFilterKeyOpsItemId = "OpsItemId" +) + +// OpsItemEventFilterKey_Values returns all elements of the OpsItemEventFilterKey enum +func OpsItemEventFilterKey_Values() []string { + return []string{ + OpsItemEventFilterKeyOpsItemId, + } +} + +const ( + // OpsItemEventFilterOperatorEqual is a OpsItemEventFilterOperator enum value + OpsItemEventFilterOperatorEqual = "Equal" +) + +// OpsItemEventFilterOperator_Values returns all elements of the OpsItemEventFilterOperator enum +func OpsItemEventFilterOperator_Values() []string { + return []string{ + OpsItemEventFilterOperatorEqual, + } +} + const ( // OpsItemFilterKeyStatus is a OpsItemFilterKey enum value OpsItemFilterKeyStatus = "Status" @@ -50062,6 +52417,18 @@ const ( // OpsItemFilterKeyLastModifiedTime is a OpsItemFilterKey enum value OpsItemFilterKeyLastModifiedTime = "LastModifiedTime" + // OpsItemFilterKeyActualStartTime is a OpsItemFilterKey enum value + OpsItemFilterKeyActualStartTime = "ActualStartTime" + + // OpsItemFilterKeyActualEndTime is a OpsItemFilterKey enum value + OpsItemFilterKeyActualEndTime = "ActualEndTime" + + // OpsItemFilterKeyPlannedStartTime is a OpsItemFilterKey enum value + OpsItemFilterKeyPlannedStartTime = "PlannedStartTime" + + // OpsItemFilterKeyPlannedEndTime is a OpsItemFilterKey enum value + OpsItemFilterKeyPlannedEndTime = "PlannedEndTime" + // OpsItemFilterKeyOperationalData is a OpsItemFilterKey enum value OpsItemFilterKeyOperationalData = "OperationalData" @@ -50082,6 +52449,27 @@ const ( // OpsItemFilterKeySeverity is a OpsItemFilterKey enum value OpsItemFilterKeySeverity = "Severity" + + // OpsItemFilterKeyOpsItemType is a OpsItemFilterKey enum value + OpsItemFilterKeyOpsItemType = "OpsItemType" + + // OpsItemFilterKeyChangeRequestByRequesterArn is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByRequesterArn = "ChangeRequestByRequesterArn" + + // OpsItemFilterKeyChangeRequestByRequesterName is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByRequesterName = "ChangeRequestByRequesterName" + + // OpsItemFilterKeyChangeRequestByApproverArn is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByApproverArn = "ChangeRequestByApproverArn" + + // OpsItemFilterKeyChangeRequestByApproverName is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByApproverName = "ChangeRequestByApproverName" + + // OpsItemFilterKeyChangeRequestByTemplate is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByTemplate = "ChangeRequestByTemplate" + + // OpsItemFilterKeyChangeRequestByTargetsResourceGroup is a OpsItemFilterKey enum value + OpsItemFilterKeyChangeRequestByTargetsResourceGroup = "ChangeRequestByTargetsResourceGroup" ) // OpsItemFilterKey_Values returns all elements of the OpsItemFilterKey enum @@ -50095,6 +52483,10 @@ func OpsItemFilterKey_Values() []string { OpsItemFilterKeyOpsItemId, OpsItemFilterKeyCreatedTime, OpsItemFilterKeyLastModifiedTime, + OpsItemFilterKeyActualStartTime, + OpsItemFilterKeyActualEndTime, + OpsItemFilterKeyPlannedStartTime, + OpsItemFilterKeyPlannedEndTime, OpsItemFilterKeyOperationalData, OpsItemFilterKeyOperationalDataKey, OpsItemFilterKeyOperationalDataValue, @@ -50102,6 +52494,13 @@ func OpsItemFilterKey_Values() []string { OpsItemFilterKeyAutomationId, OpsItemFilterKeyCategory, OpsItemFilterKeySeverity, + OpsItemFilterKeyOpsItemType, + OpsItemFilterKeyChangeRequestByRequesterArn, + OpsItemFilterKeyChangeRequestByRequesterName, + OpsItemFilterKeyChangeRequestByApproverArn, + OpsItemFilterKeyChangeRequestByApproverName, + OpsItemFilterKeyChangeRequestByTemplate, + OpsItemFilterKeyChangeRequestByTargetsResourceGroup, } } @@ -50138,6 +52537,51 @@ const ( // OpsItemStatusResolved is a OpsItemStatus enum value OpsItemStatusResolved = "Resolved" + + // OpsItemStatusPending is a OpsItemStatus enum value + OpsItemStatusPending = "Pending" + + // OpsItemStatusTimedOut is a OpsItemStatus enum value + OpsItemStatusTimedOut = "TimedOut" + + // OpsItemStatusCancelling is a OpsItemStatus enum value + OpsItemStatusCancelling = "Cancelling" + + // OpsItemStatusCancelled is a OpsItemStatus enum value + OpsItemStatusCancelled = "Cancelled" + + // OpsItemStatusFailed is a OpsItemStatus enum value + OpsItemStatusFailed = "Failed" + + // OpsItemStatusCompletedWithSuccess is a OpsItemStatus enum value + OpsItemStatusCompletedWithSuccess = "CompletedWithSuccess" + + // OpsItemStatusCompletedWithFailure is a OpsItemStatus enum value + OpsItemStatusCompletedWithFailure = "CompletedWithFailure" + + // OpsItemStatusScheduled is a OpsItemStatus enum value + OpsItemStatusScheduled = "Scheduled" + + // OpsItemStatusRunbookInProgress is a OpsItemStatus enum value + OpsItemStatusRunbookInProgress = "RunbookInProgress" + + // OpsItemStatusPendingChangeCalendarOverride is a OpsItemStatus enum value + OpsItemStatusPendingChangeCalendarOverride = "PendingChangeCalendarOverride" + + // OpsItemStatusChangeCalendarOverrideApproved is a OpsItemStatus enum value + OpsItemStatusChangeCalendarOverrideApproved = "ChangeCalendarOverrideApproved" + + // OpsItemStatusChangeCalendarOverrideRejected is a OpsItemStatus enum value + OpsItemStatusChangeCalendarOverrideRejected = "ChangeCalendarOverrideRejected" + + // OpsItemStatusPendingApproval is a OpsItemStatus enum value + OpsItemStatusPendingApproval = "PendingApproval" + + // OpsItemStatusApproved is a OpsItemStatus enum value + OpsItemStatusApproved = "Approved" + + // OpsItemStatusRejected is a OpsItemStatus enum value + OpsItemStatusRejected = "Rejected" ) // OpsItemStatus_Values returns all elements of the OpsItemStatus enum @@ -50146,6 +52590,21 @@ func OpsItemStatus_Values() []string { OpsItemStatusOpen, OpsItemStatusInProgress, OpsItemStatusResolved, + OpsItemStatusPending, + OpsItemStatusTimedOut, + OpsItemStatusCancelling, + OpsItemStatusCancelled, + OpsItemStatusFailed, + OpsItemStatusCompletedWithSuccess, + OpsItemStatusCompletedWithFailure, + OpsItemStatusScheduled, + OpsItemStatusRunbookInProgress, + OpsItemStatusPendingChangeCalendarOverride, + OpsItemStatusChangeCalendarOverrideApproved, + OpsItemStatusChangeCalendarOverrideRejected, + OpsItemStatusPendingApproval, + OpsItemStatusApproved, + OpsItemStatusRejected, } } @@ -50581,6 +53040,30 @@ func ResourceTypeForTagging_Values() []string { } } +const ( + // ReviewStatusApproved is a ReviewStatus enum value + ReviewStatusApproved = "APPROVED" + + // ReviewStatusNotReviewed is a ReviewStatus enum value + ReviewStatusNotReviewed = "NOT_REVIEWED" + + // ReviewStatusPending is a ReviewStatus enum value + ReviewStatusPending = "PENDING" + + // ReviewStatusRejected is a ReviewStatus enum value + ReviewStatusRejected = "REJECTED" +) + +// ReviewStatus_Values returns all elements of the ReviewStatus enum +func ReviewStatus_Values() []string { + return []string{ + ReviewStatusApproved, + ReviewStatusNotReviewed, + ReviewStatusPending, + ReviewStatusRejected, + } +} + const ( // SessionFilterKeyInvokedAfter is a SessionFilterKey enum value SessionFilterKeyInvokedAfter = "InvokedAfter" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go index 199710e71..d060be8c8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go @@ -53,6 +53,13 @@ const ( // Each association has a limit of 1,000 versions. ErrCodeAssociationVersionLimitExceeded = "AssociationVersionLimitExceeded" + // ErrCodeAutomationDefinitionNotApprovedException for service response error code + // "AutomationDefinitionNotApprovedException". + // + // Indicates that the Change Manager change template used in the change request + // was rejected or is still in a pending state. + ErrCodeAutomationDefinitionNotApprovedException = "AutomationDefinitionNotApprovedException" + // ErrCodeAutomationDefinitionNotFoundException for service response error code // "AutomationDefinitionNotFoundException". // @@ -585,15 +592,15 @@ const ( // "OpsMetadataKeyLimitExceededException". // // The OpsMetadata object exceeds the maximum number of OpsMetadata keys that - // you can assign to an application in AppManager. + // you can assign to an application in Application Manager. ErrCodeOpsMetadataKeyLimitExceededException = "OpsMetadataKeyLimitExceededException" // ErrCodeOpsMetadataLimitExceededException for service response error code // "OpsMetadataLimitExceededException". // // Your account reached the maximum number of OpsMetadata objects allowed by - // AppManager. The maximum is 200 OpsMetadata objects. Delete one or more OpsMetadata - // object and try again. + // Application Manager. The maximum is 200 OpsMetadata objects. Delete one or + // more OpsMetadata object and try again. ErrCodeOpsMetadataLimitExceededException = "OpsMetadataLimitExceededException" // ErrCodeOpsMetadataNotFoundException for service response error code @@ -846,6 +853,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "AssociationExecutionDoesNotExist": newErrorAssociationExecutionDoesNotExist, "AssociationLimitExceeded": newErrorAssociationLimitExceeded, "AssociationVersionLimitExceeded": newErrorAssociationVersionLimitExceeded, + "AutomationDefinitionNotApprovedException": newErrorAutomationDefinitionNotApprovedException, "AutomationDefinitionNotFoundException": newErrorAutomationDefinitionNotFoundException, "AutomationDefinitionVersionNotFoundException": newErrorAutomationDefinitionVersionNotFoundException, "AutomationExecutionLimitExceededException": newErrorAutomationExecutionLimitExceededException, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/ssmiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/ssmiface/interface.go index b1ebed82e..2a03444a3 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/ssmiface/interface.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/ssmiface/interface.go @@ -533,6 +533,10 @@ type SSMAPI interface { ListComplianceSummariesPages(*ssm.ListComplianceSummariesInput, func(*ssm.ListComplianceSummariesOutput, bool) bool) error ListComplianceSummariesPagesWithContext(aws.Context, *ssm.ListComplianceSummariesInput, func(*ssm.ListComplianceSummariesOutput, bool) bool, ...request.Option) error + ListDocumentMetadataHistory(*ssm.ListDocumentMetadataHistoryInput) (*ssm.ListDocumentMetadataHistoryOutput, error) + ListDocumentMetadataHistoryWithContext(aws.Context, *ssm.ListDocumentMetadataHistoryInput, ...request.Option) (*ssm.ListDocumentMetadataHistoryOutput, error) + ListDocumentMetadataHistoryRequest(*ssm.ListDocumentMetadataHistoryInput) (*request.Request, *ssm.ListDocumentMetadataHistoryOutput) + ListDocumentVersions(*ssm.ListDocumentVersionsInput) (*ssm.ListDocumentVersionsOutput, error) ListDocumentVersionsWithContext(aws.Context, *ssm.ListDocumentVersionsInput, ...request.Option) (*ssm.ListDocumentVersionsOutput, error) ListDocumentVersionsRequest(*ssm.ListDocumentVersionsInput) (*request.Request, *ssm.ListDocumentVersionsOutput) @@ -551,10 +555,20 @@ type SSMAPI interface { ListInventoryEntriesWithContext(aws.Context, *ssm.ListInventoryEntriesInput, ...request.Option) (*ssm.ListInventoryEntriesOutput, error) ListInventoryEntriesRequest(*ssm.ListInventoryEntriesInput) (*request.Request, *ssm.ListInventoryEntriesOutput) + ListOpsItemEvents(*ssm.ListOpsItemEventsInput) (*ssm.ListOpsItemEventsOutput, error) + ListOpsItemEventsWithContext(aws.Context, *ssm.ListOpsItemEventsInput, ...request.Option) (*ssm.ListOpsItemEventsOutput, error) + ListOpsItemEventsRequest(*ssm.ListOpsItemEventsInput) (*request.Request, *ssm.ListOpsItemEventsOutput) + + ListOpsItemEventsPages(*ssm.ListOpsItemEventsInput, func(*ssm.ListOpsItemEventsOutput, bool) bool) error + ListOpsItemEventsPagesWithContext(aws.Context, *ssm.ListOpsItemEventsInput, func(*ssm.ListOpsItemEventsOutput, bool) bool, ...request.Option) error + ListOpsMetadata(*ssm.ListOpsMetadataInput) (*ssm.ListOpsMetadataOutput, error) ListOpsMetadataWithContext(aws.Context, *ssm.ListOpsMetadataInput, ...request.Option) (*ssm.ListOpsMetadataOutput, error) ListOpsMetadataRequest(*ssm.ListOpsMetadataInput) (*request.Request, *ssm.ListOpsMetadataOutput) + ListOpsMetadataPages(*ssm.ListOpsMetadataInput, func(*ssm.ListOpsMetadataOutput, bool) bool) error + ListOpsMetadataPagesWithContext(aws.Context, *ssm.ListOpsMetadataInput, func(*ssm.ListOpsMetadataOutput, bool) bool, ...request.Option) error + ListResourceComplianceSummaries(*ssm.ListResourceComplianceSummariesInput) (*ssm.ListResourceComplianceSummariesOutput, error) ListResourceComplianceSummariesWithContext(aws.Context, *ssm.ListResourceComplianceSummariesInput, ...request.Option) (*ssm.ListResourceComplianceSummariesOutput, error) ListResourceComplianceSummariesRequest(*ssm.ListResourceComplianceSummariesInput) (*request.Request, *ssm.ListResourceComplianceSummariesOutput) @@ -633,6 +647,10 @@ type SSMAPI interface { StartAutomationExecutionWithContext(aws.Context, *ssm.StartAutomationExecutionInput, ...request.Option) (*ssm.StartAutomationExecutionOutput, error) StartAutomationExecutionRequest(*ssm.StartAutomationExecutionInput) (*request.Request, *ssm.StartAutomationExecutionOutput) + StartChangeRequestExecution(*ssm.StartChangeRequestExecutionInput) (*ssm.StartChangeRequestExecutionOutput, error) + StartChangeRequestExecutionWithContext(aws.Context, *ssm.StartChangeRequestExecutionInput, ...request.Option) (*ssm.StartChangeRequestExecutionOutput, error) + StartChangeRequestExecutionRequest(*ssm.StartChangeRequestExecutionInput) (*request.Request, *ssm.StartChangeRequestExecutionOutput) + StartSession(*ssm.StartSessionInput) (*ssm.StartSessionOutput, error) StartSessionWithContext(aws.Context, *ssm.StartSessionInput, ...request.Option) (*ssm.StartSessionOutput, error) StartSessionRequest(*ssm.StartSessionInput) (*request.Request, *ssm.StartSessionOutput) @@ -661,6 +679,10 @@ type SSMAPI interface { UpdateDocumentDefaultVersionWithContext(aws.Context, *ssm.UpdateDocumentDefaultVersionInput, ...request.Option) (*ssm.UpdateDocumentDefaultVersionOutput, error) UpdateDocumentDefaultVersionRequest(*ssm.UpdateDocumentDefaultVersionInput) (*request.Request, *ssm.UpdateDocumentDefaultVersionOutput) + UpdateDocumentMetadata(*ssm.UpdateDocumentMetadataInput) (*ssm.UpdateDocumentMetadataOutput, error) + UpdateDocumentMetadataWithContext(aws.Context, *ssm.UpdateDocumentMetadataInput, ...request.Option) (*ssm.UpdateDocumentMetadataOutput, error) + UpdateDocumentMetadataRequest(*ssm.UpdateDocumentMetadataInput) (*request.Request, *ssm.UpdateDocumentMetadataOutput) + UpdateMaintenanceWindow(*ssm.UpdateMaintenanceWindowInput) (*ssm.UpdateMaintenanceWindowOutput, error) UpdateMaintenanceWindowWithContext(aws.Context, *ssm.UpdateMaintenanceWindowInput, ...request.Option) (*ssm.UpdateMaintenanceWindowOutput, error) UpdateMaintenanceWindowRequest(*ssm.UpdateMaintenanceWindowInput) (*request.Request, *ssm.UpdateMaintenanceWindowOutput) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/api.go b/vendor/github.com/aws/aws-sdk-go/service/sso/api.go new file mode 100644 index 000000000..4498f285e --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sso/api.go @@ -0,0 +1,1210 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +const opGetRoleCredentials = "GetRoleCredentials" + +// GetRoleCredentialsRequest generates a "aws/request.Request" representing the +// client's request for the GetRoleCredentials operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetRoleCredentials for more information on using the GetRoleCredentials +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetRoleCredentialsRequest method. +// req, resp := client.GetRoleCredentialsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials +func (c *SSO) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) (req *request.Request, output *GetRoleCredentialsOutput) { + op := &request.Operation{ + Name: opGetRoleCredentials, + HTTPMethod: "GET", + HTTPPath: "/federation/credentials", + } + + if input == nil { + input = &GetRoleCredentialsInput{} + } + + output = &GetRoleCredentialsOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// GetRoleCredentials API operation for AWS Single Sign-On. +// +// Returns the STS short-term credentials for a given role name that is assigned +// to the user. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation GetRoleCredentials for usage and error information. +// +// Returned Error Types: +// * InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// * UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// * TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials +func (c *SSO) GetRoleCredentials(input *GetRoleCredentialsInput) (*GetRoleCredentialsOutput, error) { + req, out := c.GetRoleCredentialsRequest(input) + return out, req.Send() +} + +// GetRoleCredentialsWithContext is the same as GetRoleCredentials with the addition of +// the ability to pass a context and additional request options. +// +// See GetRoleCredentials for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) GetRoleCredentialsWithContext(ctx aws.Context, input *GetRoleCredentialsInput, opts ...request.Option) (*GetRoleCredentialsOutput, error) { + req, out := c.GetRoleCredentialsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opListAccountRoles = "ListAccountRoles" + +// ListAccountRolesRequest generates a "aws/request.Request" representing the +// client's request for the ListAccountRoles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAccountRoles for more information on using the ListAccountRoles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListAccountRolesRequest method. +// req, resp := client.ListAccountRolesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles +func (c *SSO) ListAccountRolesRequest(input *ListAccountRolesInput) (req *request.Request, output *ListAccountRolesOutput) { + op := &request.Operation{ + Name: opListAccountRoles, + HTTPMethod: "GET", + HTTPPath: "/assignment/roles", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListAccountRolesInput{} + } + + output = &ListAccountRolesOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// ListAccountRoles API operation for AWS Single Sign-On. +// +// Lists all roles that are assigned to the user for a given AWS account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation ListAccountRoles for usage and error information. +// +// Returned Error Types: +// * InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// * UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// * TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles +func (c *SSO) ListAccountRoles(input *ListAccountRolesInput) (*ListAccountRolesOutput, error) { + req, out := c.ListAccountRolesRequest(input) + return out, req.Send() +} + +// ListAccountRolesWithContext is the same as ListAccountRoles with the addition of +// the ability to pass a context and additional request options. +// +// See ListAccountRoles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountRolesWithContext(ctx aws.Context, input *ListAccountRolesInput, opts ...request.Option) (*ListAccountRolesOutput, error) { + req, out := c.ListAccountRolesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListAccountRolesPages iterates over the pages of a ListAccountRoles operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListAccountRoles method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListAccountRoles operation. +// pageNum := 0 +// err := client.ListAccountRolesPages(params, +// func(page *sso.ListAccountRolesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *SSO) ListAccountRolesPages(input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool) error { + return c.ListAccountRolesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAccountRolesPagesWithContext same as ListAccountRolesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountRolesPagesWithContext(ctx aws.Context, input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListAccountRolesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAccountRolesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAccountRolesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListAccounts = "ListAccounts" + +// ListAccountsRequest generates a "aws/request.Request" representing the +// client's request for the ListAccounts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAccounts for more information on using the ListAccounts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListAccountsRequest method. +// req, resp := client.ListAccountsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts +func (c *SSO) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) { + op := &request.Operation{ + Name: opListAccounts, + HTTPMethod: "GET", + HTTPPath: "/assignment/accounts", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListAccountsInput{} + } + + output = &ListAccountsOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// ListAccounts API operation for AWS Single Sign-On. +// +// Lists all AWS accounts assigned to the user. These AWS accounts are assigned +// by the administrator of the account. For more information, see Assign User +// Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers) +// in the AWS SSO User Guide. This operation returns a paginated response. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation ListAccounts for usage and error information. +// +// Returned Error Types: +// * InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// * UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// * TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts +func (c *SSO) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) { + req, out := c.ListAccountsRequest(input) + return out, req.Send() +} + +// ListAccountsWithContext is the same as ListAccounts with the addition of +// the ability to pass a context and additional request options. +// +// See ListAccounts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) { + req, out := c.ListAccountsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListAccountsPages iterates over the pages of a ListAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListAccounts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListAccounts operation. +// pageNum := 0 +// err := client.ListAccountsPages(params, +// func(page *sso.ListAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *SSO) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error { + return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAccountsPagesWithContext same as ListAccountsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opLogout = "Logout" + +// LogoutRequest generates a "aws/request.Request" representing the +// client's request for the Logout operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See Logout for more information on using the Logout +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the LogoutRequest method. +// req, resp := client.LogoutRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout +func (c *SSO) LogoutRequest(input *LogoutInput) (req *request.Request, output *LogoutOutput) { + op := &request.Operation{ + Name: opLogout, + HTTPMethod: "POST", + HTTPPath: "/logout", + } + + if input == nil { + input = &LogoutInput{} + } + + output = &LogoutOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// Logout API operation for AWS Single Sign-On. +// +// Removes the client- and server-side session that is associated with the user. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation Logout for usage and error information. +// +// Returned Error Types: +// * InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// * UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// * TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout +func (c *SSO) Logout(input *LogoutInput) (*LogoutOutput, error) { + req, out := c.LogoutRequest(input) + return out, req.Send() +} + +// LogoutWithContext is the same as Logout with the addition of +// the ability to pass a context and additional request options. +// +// See Logout for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) LogoutWithContext(ctx aws.Context, input *LogoutInput, opts ...request.Option) (*LogoutOutput, error) { + req, out := c.LogoutRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// Provides information about your AWS account. +type AccountInfo struct { + _ struct{} `type:"structure"` + + // The identifier of the AWS account that is assigned to the user. + AccountId *string `locationName:"accountId" type:"string"` + + // The display name of the AWS account that is assigned to the user. + AccountName *string `locationName:"accountName" type:"string"` + + // The email address of the AWS account that is assigned to the user. + EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"` +} + +// String returns the string representation +func (s AccountInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AccountInfo) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *AccountInfo) SetAccountId(v string) *AccountInfo { + s.AccountId = &v + return s +} + +// SetAccountName sets the AccountName field's value. +func (s *AccountInfo) SetAccountName(v string) *AccountInfo { + s.AccountName = &v + return s +} + +// SetEmailAddress sets the EmailAddress field's value. +func (s *AccountInfo) SetEmailAddress(v string) *AccountInfo { + s.EmailAddress = &v + return s +} + +type GetRoleCredentialsInput struct { + _ struct{} `type:"structure"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the AWS SSO OIDC API Reference Guide. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // The identifier for the AWS account that is assigned to the user. + // + // AccountId is a required field + AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` + + // The friendly name of the role that is assigned to the user. + // + // RoleName is a required field + RoleName *string `location:"querystring" locationName:"role_name" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetRoleCredentialsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetRoleCredentialsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetRoleCredentialsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetRoleCredentialsInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.AccountId == nil { + invalidParams.Add(request.NewErrParamRequired("AccountId")) + } + if s.RoleName == nil { + invalidParams.Add(request.NewErrParamRequired("RoleName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *GetRoleCredentialsInput) SetAccessToken(v string) *GetRoleCredentialsInput { + s.AccessToken = &v + return s +} + +// SetAccountId sets the AccountId field's value. +func (s *GetRoleCredentialsInput) SetAccountId(v string) *GetRoleCredentialsInput { + s.AccountId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *GetRoleCredentialsInput) SetRoleName(v string) *GetRoleCredentialsInput { + s.RoleName = &v + return s +} + +type GetRoleCredentialsOutput struct { + _ struct{} `type:"structure"` + + // The credentials for the role that is assigned to the user. + RoleCredentials *RoleCredentials `locationName:"roleCredentials" type:"structure"` +} + +// String returns the string representation +func (s GetRoleCredentialsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetRoleCredentialsOutput) GoString() string { + return s.String() +} + +// SetRoleCredentials sets the RoleCredentials field's value. +func (s *GetRoleCredentialsOutput) SetRoleCredentials(v *RoleCredentials) *GetRoleCredentialsOutput { + s.RoleCredentials = v + return s +} + +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +type InvalidRequestException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidRequestException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidRequestException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { + return &InvalidRequestException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestException) Code() string { + return "InvalidRequestException" +} + +// Message returns the exception's message. +func (s *InvalidRequestException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestException) OrigErr() error { + return nil +} + +func (s *InvalidRequestException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestException) RequestID() string { + return s.RespMetadata.RequestID +} + +type ListAccountRolesInput struct { + _ struct{} `type:"structure"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the AWS SSO OIDC API Reference Guide. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // The identifier for the AWS account that is assigned to the user. + // + // AccountId is a required field + AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` + + // The number of items that clients can request per page. + MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` + + // The page token from the previous response output when you request subsequent + // pages. + NextToken *string `location:"querystring" locationName:"next_token" type:"string"` +} + +// String returns the string representation +func (s ListAccountRolesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListAccountRolesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAccountRolesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAccountRolesInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.AccountId == nil { + invalidParams.Add(request.NewErrParamRequired("AccountId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *ListAccountRolesInput) SetAccessToken(v string) *ListAccountRolesInput { + s.AccessToken = &v + return s +} + +// SetAccountId sets the AccountId field's value. +func (s *ListAccountRolesInput) SetAccountId(v string) *ListAccountRolesInput { + s.AccountId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAccountRolesInput) SetMaxResults(v int64) *ListAccountRolesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountRolesInput) SetNextToken(v string) *ListAccountRolesInput { + s.NextToken = &v + return s +} + +type ListAccountRolesOutput struct { + _ struct{} `type:"structure"` + + // The page token client that is used to retrieve the list of accounts. + NextToken *string `locationName:"nextToken" type:"string"` + + // A paginated response with the list of roles and the next token if more results + // are available. + RoleList []*RoleInfo `locationName:"roleList" type:"list"` +} + +// String returns the string representation +func (s ListAccountRolesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListAccountRolesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountRolesOutput) SetNextToken(v string) *ListAccountRolesOutput { + s.NextToken = &v + return s +} + +// SetRoleList sets the RoleList field's value. +func (s *ListAccountRolesOutput) SetRoleList(v []*RoleInfo) *ListAccountRolesOutput { + s.RoleList = v + return s +} + +type ListAccountsInput struct { + _ struct{} `type:"structure"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the AWS SSO OIDC API Reference Guide. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // This is the number of items clients can request per page. + MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` + + // (Optional) When requesting subsequent pages, this is the page token from + // the previous response output. + NextToken *string `location:"querystring" locationName:"next_token" type:"string"` +} + +// String returns the string representation +func (s ListAccountsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListAccountsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *ListAccountsInput) SetAccessToken(v string) *ListAccountsInput { + s.AccessToken = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput { + s.NextToken = &v + return s +} + +type ListAccountsOutput struct { + _ struct{} `type:"structure"` + + // A paginated response with the list of account information and the next token + // if more results are available. + AccountList []*AccountInfo `locationName:"accountList" type:"list"` + + // The page token client that is used to retrieve the list of accounts. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s ListAccountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListAccountsOutput) GoString() string { + return s.String() +} + +// SetAccountList sets the AccountList field's value. +func (s *ListAccountsOutput) SetAccountList(v []*AccountInfo) *ListAccountsOutput { + s.AccountList = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput { + s.NextToken = &v + return s +} + +type LogoutInput struct { + _ struct{} `type:"structure"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the AWS SSO OIDC API Reference Guide. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` +} + +// String returns the string representation +func (s LogoutInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LogoutInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *LogoutInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "LogoutInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *LogoutInput) SetAccessToken(v string) *LogoutInput { + s.AccessToken = &v + return s +} + +type LogoutOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s LogoutOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LogoutOutput) GoString() string { + return s.String() +} + +// The specified resource doesn't exist. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Provides information about the role credentials that are assigned to the +// user. +type RoleCredentials struct { + _ struct{} `type:"structure"` + + // The identifier used for the temporary security credentials. For more information, + // see Using Temporary Security Credentials to Request Access to AWS Resources + // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + AccessKeyId *string `locationName:"accessKeyId" type:"string"` + + // The date on which temporary security credentials expire. + Expiration *int64 `locationName:"expiration" type:"long"` + + // The key that is used to sign the request. For more information, see Using + // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"` + + // The token used for temporary credentials. For more information, see Using + // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + SessionToken *string `locationName:"sessionToken" type:"string" sensitive:"true"` +} + +// String returns the string representation +func (s RoleCredentials) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RoleCredentials) GoString() string { + return s.String() +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *RoleCredentials) SetAccessKeyId(v string) *RoleCredentials { + s.AccessKeyId = &v + return s +} + +// SetExpiration sets the Expiration field's value. +func (s *RoleCredentials) SetExpiration(v int64) *RoleCredentials { + s.Expiration = &v + return s +} + +// SetSecretAccessKey sets the SecretAccessKey field's value. +func (s *RoleCredentials) SetSecretAccessKey(v string) *RoleCredentials { + s.SecretAccessKey = &v + return s +} + +// SetSessionToken sets the SessionToken field's value. +func (s *RoleCredentials) SetSessionToken(v string) *RoleCredentials { + s.SessionToken = &v + return s +} + +// Provides information about the role that is assigned to the user. +type RoleInfo struct { + _ struct{} `type:"structure"` + + // The identifier of the AWS account assigned to the user. + AccountId *string `locationName:"accountId" type:"string"` + + // The friendly name of the role that is assigned to the user. + RoleName *string `locationName:"roleName" type:"string"` +} + +// String returns the string representation +func (s RoleInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RoleInfo) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *RoleInfo) SetAccountId(v string) *RoleInfo { + s.AccountId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *RoleInfo) SetRoleName(v string) *RoleInfo { + s.RoleName = &v + return s +} + +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +type TooManyRequestsException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s TooManyRequestsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TooManyRequestsException) GoString() string { + return s.String() +} + +func newErrorTooManyRequestsException(v protocol.ResponseMetadata) error { + return &TooManyRequestsException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *TooManyRequestsException) Code() string { + return "TooManyRequestsException" +} + +// Message returns the exception's message. +func (s *TooManyRequestsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *TooManyRequestsException) OrigErr() error { + return nil +} + +func (s *TooManyRequestsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *TooManyRequestsException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *TooManyRequestsException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +type UnauthorizedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s UnauthorizedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UnauthorizedException) GoString() string { + return s.String() +} + +func newErrorUnauthorizedException(v protocol.ResponseMetadata) error { + return &UnauthorizedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnauthorizedException) Code() string { + return "UnauthorizedException" +} + +// Message returns the exception's message. +func (s *UnauthorizedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnauthorizedException) OrigErr() error { + return nil +} + +func (s *UnauthorizedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnauthorizedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnauthorizedException) RequestID() string { + return s.RespMetadata.RequestID +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go b/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go new file mode 100644 index 000000000..92d82b2af --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go @@ -0,0 +1,44 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package sso provides the client and types for making API +// requests to AWS Single Sign-On. +// +// AWS Single Sign-On Portal is a web service that makes it easy for you to +// assign user access to AWS SSO resources such as the user portal. Users can +// get AWS account applications and roles assigned to them and get federated +// into the application. +// +// For general information about AWS SSO, see What is AWS Single Sign-On? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) +// in the AWS SSO User Guide. +// +// This API reference guide describes the AWS SSO Portal operations that you +// can call programatically and includes detailed information on data types +// and errors. +// +// AWS provides SDKs that consist of libraries and sample code for various programming +// languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs +// provide a convenient way to create programmatic access to AWS SSO and other +// AWS services. For more information about the AWS SDKs, including how to download +// and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/). +// +// See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service. +// +// See sso package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/ +// +// Using the Client +// +// To contact AWS Single Sign-On with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS Single Sign-On client SSO for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/#New +package sso diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go new file mode 100644 index 000000000..77a6792e3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go @@ -0,0 +1,44 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeInvalidRequestException for service response error code + // "InvalidRequestException". + // + // Indicates that a problem occurred with the input to the request. For example, + // a required parameter might be missing or out of range. + ErrCodeInvalidRequestException = "InvalidRequestException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The specified resource doesn't exist. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeTooManyRequestsException for service response error code + // "TooManyRequestsException". + // + // Indicates that the request is being made too frequently and is more than + // what the server can handle. + ErrCodeTooManyRequestsException = "TooManyRequestsException" + + // ErrCodeUnauthorizedException for service response error code + // "UnauthorizedException". + // + // Indicates that the request is not authorized. This can happen due to an invalid + // access token in the request. + ErrCodeUnauthorizedException = "UnauthorizedException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "InvalidRequestException": newErrorInvalidRequestException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "TooManyRequestsException": newErrorTooManyRequestsException, + "UnauthorizedException": newErrorUnauthorizedException, +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/service.go b/vendor/github.com/aws/aws-sdk-go/service/sso/service.go new file mode 100644 index 000000000..35175331f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sso/service.go @@ -0,0 +1,104 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// SSO provides the API operation methods for making requests to +// AWS Single Sign-On. See this package's package overview docs +// for details on the service. +// +// SSO methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type SSO struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "SSO" // Name of service. + EndpointsID = "portal.sso" // ID to lookup a service endpoint with. + ServiceID = "SSO" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the SSO client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// mySession := session.Must(session.NewSession()) +// +// // Create a SSO client from just a session. +// svc := sso.New(mySession) +// +// // Create a SSO client with additional configuration +// svc := sso.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSO { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "awsssoportal" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *SSO { + svc := &SSO{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-06-10", + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a SSO operation and runs any +// custom request initialization. +func (c *SSO) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go new file mode 100644 index 000000000..4cac247c1 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go @@ -0,0 +1,86 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package ssoiface provides an interface to enable mocking the AWS Single Sign-On service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package ssoiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/sso" +) + +// SSOAPI provides an interface to enable mocking the +// sso.SSO service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // AWS Single Sign-On. +// func myFunc(svc ssoiface.SSOAPI) bool { +// // Make svc.GetRoleCredentials request +// } +// +// func main() { +// sess := session.New() +// svc := sso.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockSSOClient struct { +// ssoiface.SSOAPI +// } +// func (m *mockSSOClient) GetRoleCredentials(input *sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockSSOClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type SSOAPI interface { + GetRoleCredentials(*sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) + GetRoleCredentialsWithContext(aws.Context, *sso.GetRoleCredentialsInput, ...request.Option) (*sso.GetRoleCredentialsOutput, error) + GetRoleCredentialsRequest(*sso.GetRoleCredentialsInput) (*request.Request, *sso.GetRoleCredentialsOutput) + + ListAccountRoles(*sso.ListAccountRolesInput) (*sso.ListAccountRolesOutput, error) + ListAccountRolesWithContext(aws.Context, *sso.ListAccountRolesInput, ...request.Option) (*sso.ListAccountRolesOutput, error) + ListAccountRolesRequest(*sso.ListAccountRolesInput) (*request.Request, *sso.ListAccountRolesOutput) + + ListAccountRolesPages(*sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool) error + ListAccountRolesPagesWithContext(aws.Context, *sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool, ...request.Option) error + + ListAccounts(*sso.ListAccountsInput) (*sso.ListAccountsOutput, error) + ListAccountsWithContext(aws.Context, *sso.ListAccountsInput, ...request.Option) (*sso.ListAccountsOutput, error) + ListAccountsRequest(*sso.ListAccountsInput) (*request.Request, *sso.ListAccountsOutput) + + ListAccountsPages(*sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool) error + ListAccountsPagesWithContext(aws.Context, *sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool, ...request.Option) error + + Logout(*sso.LogoutInput) (*sso.LogoutOutput, error) + LogoutWithContext(aws.Context, *sso.LogoutInput, ...request.Option) (*sso.LogoutOutput, error) + LogoutRequest(*sso.LogoutInput) (*request.Request, *sso.LogoutOutput) +} + +var _ SSOAPI = (*sso.SSO)(nil) diff --git a/vendor/modules.txt b/vendor/modules.txt index 9c7e5a01a..21fd4ed92 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -100,7 +100,7 @@ github.com/approvals/go-approval-tests/utils github.com/armon/go-metrics # github.com/armon/go-radix v1.0.0 github.com/armon/go-radix -# github.com/aws/aws-sdk-go v1.36.5 +# github.com/aws/aws-sdk-go v1.37.15 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn github.com/aws/aws-sdk-go/aws/awserr @@ -112,6 +112,7 @@ github.com/aws/aws-sdk-go/aws/credentials github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds github.com/aws/aws-sdk-go/aws/credentials/endpointcreds github.com/aws/aws-sdk-go/aws/credentials/processcreds +github.com/aws/aws-sdk-go/aws/credentials/ssocreds github.com/aws/aws-sdk-go/aws/credentials/stscreds github.com/aws/aws-sdk-go/aws/csm github.com/aws/aws-sdk-go/aws/defaults @@ -142,6 +143,7 @@ github.com/aws/aws-sdk-go/private/protocol/jsonrpc github.com/aws/aws-sdk-go/private/protocol/query github.com/aws/aws-sdk-go/private/protocol/query/queryutil github.com/aws/aws-sdk-go/private/protocol/rest +github.com/aws/aws-sdk-go/private/protocol/restjson github.com/aws/aws-sdk-go/private/protocol/restxml github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil github.com/aws/aws-sdk-go/service/ec2 @@ -155,6 +157,8 @@ github.com/aws/aws-sdk-go/service/secretsmanager github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface github.com/aws/aws-sdk-go/service/ssm github.com/aws/aws-sdk-go/service/ssm/ssmiface +github.com/aws/aws-sdk-go/service/sso +github.com/aws/aws-sdk-go/service/sso/ssoiface github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface # github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d