diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a642b64e60..ca1d36e5667 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,24 @@ +Release v1.44.282 (2023-06-13) +=== + +### Service Client Updates +* `service/cloudtrail`: Updates service API and documentation + * This feature allows users to view dashboards for CloudTrail Lake event data stores. +* `service/codeguru-security`: Adds new service +* `service/drs`: Updates service API, documentation, and paginators +* `service/ec2`: Updates service API, documentation, and paginators + * This release introduces a new feature, EC2 Instance Connect Endpoint, that enables you to connect to a resource over TCP, without requiring the resource to have a public IPv4 address. +* `service/imagebuilder`: Updates service documentation +* `service/lightsail`: Updates service API and documentation + * This release adds pagination for the Get Certificates API operation. +* `service/s3`: Updates service API and examples + * Integrate double encryption feature to SDKs. +* `service/securityhub`: Updates service API, documentation, and examples +* `service/simspaceweaver`: Updates service API and documentation +* `service/verifiedpermissions`: Adds new service +* `service/wafv2`: Updates service API and documentation +* `service/wellarchitected`: Updates service API, documentation, and paginators + Release v1.44.281 (2023-06-12) === diff --git a/aws/version.go b/aws/version.go index 07aee56e56f..151285dee57 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.281" +const SDKVersion = "1.44.282" diff --git a/models/apis/cloudtrail/2013-11-01/api-2.json b/models/apis/cloudtrail/2013-11-01/api-2.json index db80052b91b..5b04198a670 100644 --- a/models/apis/cloudtrail/2013-11-01/api-2.json +++ b/models/apis/cloudtrail/2013-11-01/api-2.json @@ -939,6 +939,7 @@ "input":{"shape":"UpdateEventDataStoreRequest"}, "output":{"shape":"UpdateEventDataStoreResponse"}, "errors":[ + {"shape":"EventDataStoreAlreadyExistsException"}, {"shape":"EventDataStoreARNInvalidException"}, {"shape":"EventDataStoreNotFoundException"}, {"shape":"InvalidEventSelectorsException"}, @@ -1397,14 +1398,14 @@ }, "DescribeQueryRequest":{ "type":"structure", - "required":["QueryId"], "members":{ "EventDataStore":{ "shape":"EventDataStoreArn", "deprecated":true, "deprecatedMessage":"EventDataStore is no longer required by DescribeQueryRequest" }, - "QueryId":{"shape":"UUID"} + "QueryId":{"shape":"UUID"}, + "QueryAlias":{"shape":"QueryAlias"} } }, "DescribeQueryResponse":{ @@ -2467,12 +2468,30 @@ "CreationTime":{"shape":"Date"} } }, + "QueryAlias":{ + "type":"string", + "max":256, + "min":1, + "pattern":"^[a-zA-Z][a-zA-Z0-9._\\-]*$" + }, "QueryIdNotFoundException":{ "type":"structure", "members":{ }, "exception":true }, + "QueryParameter":{ + "type":"string", + "max":1024, + "min":1, + "pattern":".*" + }, + "QueryParameters":{ + "type":"list", + "member":{"shape":"QueryParameter"}, + "max":10, + "min":1 + }, "QueryResultColumn":{ "type":"map", "key":{"shape":"QueryResultKey"}, @@ -2747,10 +2766,11 @@ }, "StartQueryRequest":{ "type":"structure", - "required":["QueryStatement"], "members":{ "QueryStatement":{"shape":"QueryStatement"}, - "DeliveryS3Uri":{"shape":"DeliveryS3Uri"} + "DeliveryS3Uri":{"shape":"DeliveryS3Uri"}, + "QueryAlias":{"shape":"QueryAlias"}, + "QueryParameters":{"shape":"QueryParameters"} } }, "StartQueryResponse":{ diff --git a/models/apis/cloudtrail/2013-11-01/docs-2.json b/models/apis/cloudtrail/2013-11-01/docs-2.json index 743012de487..0cf8bb4b55b 100644 --- a/models/apis/cloudtrail/2013-11-01/docs-2.json +++ b/models/apis/cloudtrail/2013-11-01/docs-2.json @@ -1,6 +1,6 @@ { "version": "2.0", - "service": "CloudTrail

This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.

CloudTrail is a web service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response elements returned by the service.

As an alternative to the API, you can use one of the Amazon Web Services SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests, managing errors, and retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.

See the CloudTrail User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.

Actions available for CloudTrail trails

The following actions are available for CloudTrail trails.

Actions available for CloudTrail event data stores

The following actions are available for CloudTrail event data stores.

Actions available for CloudTrail channels

The following actions are available for CloudTrail channels.

Actions available for managing delegated administrators

The following actions are available for adding or a removing a delegated administrator to manage an Organizations organization’s CloudTrail resources.

", + "service": "CloudTrail

This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.

CloudTrail is a web service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response elements returned by the service.

As an alternative to the API, you can use one of the Amazon Web Services SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests, managing errors, and retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.

See the CloudTrail User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.

", "operations": { "AddTags": "

Adds one or more tags to a trail, event data store, or channel, up to a limit of 50. Overwrites an existing tag's value when a new value is specified for an existing tag key. Tag key names must be unique; you cannot have two keys with the same name but different values. If you specify a key without a value, the tag will be created with the specified key and a value of null. You can tag a trail or event data store that applies to all Amazon Web Services Regions only from the Region in which the trail or event data store was created (also known as its home Region).

", "CancelQuery": "

Cancels a query if the query is not in a terminated state, such as CANCELLED, FAILED, TIMED_OUT, or FINISHED. You must specify an ARN value for EventDataStore. The ID of the query that you want to cancel is also required. When you run CancelQuery, the query status might show as CANCELLED even if the operation is not yet finished.

", @@ -12,14 +12,14 @@ "DeleteResourcePolicy": "

Deletes the resource-based policy attached to the CloudTrail channel.

", "DeleteTrail": "

Deletes a trail. This operation must be called from the Region in which the trail was created. DeleteTrail cannot be called on the shadow trails (replicated trails in other Regions) of a trail that is enabled in all Regions.

", "DeregisterOrganizationDelegatedAdmin": "

Removes CloudTrail delegated administrator permissions from a member account in an organization.

", - "DescribeQuery": "

Returns metadata about a query, including query run time in milliseconds, number of events scanned and matched, and query status. You must specify an ARN for EventDataStore, and a value for QueryID.

", + "DescribeQuery": "

Returns metadata about a query, including query run time in milliseconds, number of events scanned and matched, and query status. If the query results were delivered to an S3 bucket, the response also provides the S3 URI and the delivery status.

You must specify either a QueryID or a QueryAlias. Specifying the QueryAlias parameter returns information about the last query run for the alias.

", "DescribeTrails": "

Retrieves settings for one or more trails associated with the current Region for your account.

", "GetChannel": "

Returns information about a specific channel.

", "GetEventDataStore": "

Returns information about an event data store specified as either an ARN or the ID portion of the ARN.

", "GetEventSelectors": "

Describes the settings for the event selectors that you configured for your trail. The information returned for your event selectors includes the following:

For more information about logging management and data events, see the following topics in the CloudTrail User Guide:

", "GetImport": "

Returns information about a specific import.

", "GetInsightSelectors": "

Describes the settings for the Insights event selectors that you configured for your trail. GetInsightSelectors shows if CloudTrail Insights event logging is enabled on the trail, and if it is, which insight types are enabled. If you run GetInsightSelectors on a trail that does not have Insights events enabled, the operation throws the exception InsightNotEnabledException

For more information, see Logging CloudTrail Insights Events for Trails in the CloudTrail User Guide.

", - "GetQueryResults": "

Gets event data results of a query. You must specify the QueryID value returned by the StartQuery operation, and an ARN for EventDataStore.

", + "GetQueryResults": "

Gets event data results of a query. You must specify the QueryID value returned by the StartQuery operation.

", "GetResourcePolicy": "

Retrieves the JSON text of the resource-based policy document attached to the CloudTrail channel.

", "GetTrail": "

Returns settings information for a specified trail.

", "GetTrailStatus": "

Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail. This operation returns trail status from a single Region. To return trail status from all Regions, you must call the operation on each Region.

", @@ -41,12 +41,12 @@ "StartEventDataStoreIngestion": "

Starts the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN. To start ingestion, the event data store Status must be STOPPED_INGESTION and the eventCategory must be Management, Data, or ConfigurationItem.

", "StartImport": "

Starts an import of logged trail events from a source S3 bucket to a destination event data store. By default, CloudTrail only imports events contained in the S3 bucket's CloudTrail prefix and the prefixes inside the CloudTrail prefix, and does not check prefixes for other Amazon Web Services services. If you want to import CloudTrail events contained in another prefix, you must include the prefix in the S3LocationUri. For more considerations about importing trail events, see Considerations.

When you start a new import, the Destinations and ImportSource parameters are required. Before starting a new import, disable any access control lists (ACLs) attached to the source S3 bucket. For more information about disabling ACLs, see Controlling ownership of objects and disabling ACLs for your bucket.

When you retry an import, the ImportID parameter is required.

If the destination event data store is for an organization, you must use the management account to import trail events. You cannot use the delegated administrator account for the organization.

", "StartLogging": "

Starts the recording of Amazon Web Services API calls and log file delivery for a trail. For a trail that is enabled in all Regions, this operation must be called from the Region in which the trail was created. This operation cannot be called on the shadow trails (replicated trails in other Regions) of a trail that is enabled in all Regions.

", - "StartQuery": "

Starts a CloudTrail Lake query. The required QueryStatement parameter provides your SQL query, enclosed in single quotation marks. Use the optional DeliveryS3Uri parameter to deliver the query results to an S3 bucket.

", + "StartQuery": "

Starts a CloudTrail Lake query. Use the QueryStatement parameter to provide your SQL query, enclosed in single quotation marks. Use the optional DeliveryS3Uri parameter to deliver the query results to an S3 bucket.

StartQuery requires you specify either the QueryStatement parameter, or a QueryAlias and any QueryParameters. In the current release, the QueryAlias and QueryParameters parameters are used only for the queries that populate the CloudTrail Lake dashboards.

", "StopEventDataStoreIngestion": "

Stops the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN. To stop ingestion, the event data store Status must be ENABLED and the eventCategory must be Management, Data, or ConfigurationItem.

", "StopImport": "

Stops a specified import.

", "StopLogging": "

Suspends the recording of Amazon Web Services API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording. For a trail enabled in all Regions, this operation must be called from the Region in which the trail was created, or an InvalidHomeRegionException will occur. This operation cannot be called on the shadow trails (replicated trails in other Regions) of a trail enabled in all Regions.

", "UpdateChannel": "

Updates a channel specified by a required channel ARN or UUID.

", - "UpdateEventDataStore": "

Updates an event data store. The required EventDataStore value is an ARN or the ID portion of the ARN. Other parameters are optional, but at least one optional parameter must be specified, or CloudTrail throws an error. RetentionPeriod is in days, and valid values are integers between 90 and 2557. By default, TerminationProtection is enabled.

For event data stores for CloudTrail events, AdvancedEventSelectors includes or excludes management and data events in your event data store. For more information about AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors.

For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, AdvancedEventSelectors includes events of that type in your event data store.

", + "UpdateEventDataStore": "

Updates an event data store. The required EventDataStore value is an ARN or the ID portion of the ARN. Other parameters are optional, but at least one optional parameter must be specified, or CloudTrail throws an error. RetentionPeriod is in days, and valid values are integers between 90 and 2557. By default, TerminationProtection is enabled.

For event data stores for CloudTrail events, AdvancedEventSelectors includes or excludes management and data events in your event data store. For more information about AdvancedEventSelectors, see AdvancedEventSelectors.

For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, AdvancedEventSelectors includes events of that type in your event data store.

", "UpdateTrail": "

Updates trail settings that control what events you are logging, and how to handle log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket. UpdateTrail must be called from the Region in which the trail was created; otherwise, an InvalidHomeRegionException is thrown.

" }, "shapes": { @@ -1311,11 +1311,30 @@ "Queries$member": null } }, + "QueryAlias": { + "base": null, + "refs": { + "DescribeQueryRequest$QueryAlias": "

The alias that identifies a query template.

", + "StartQueryRequest$QueryAlias": "

The alias that identifies a query template.

" + } + }, "QueryIdNotFoundException": { "base": "

The query ID does not exist or does not map to a query.

", "refs": { } }, + "QueryParameter": { + "base": null, + "refs": { + "QueryParameters$member": null + } + }, + "QueryParameters": { + "base": null, + "refs": { + "StartQueryRequest$QueryParameters": "

The query parameters for the specified QueryAlias.

" + } + }, "QueryResultColumn": { "base": null, "refs": { @@ -1510,7 +1529,7 @@ "SelectorField": { "base": null, "refs": { - "AdvancedFieldSelector$Field": "

A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for selecting events as filtering is not supported.

For CloudTrail event records, supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.

For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the only supported field is eventCategory.

" + "AdvancedFieldSelector$Field": "

A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for selecting events as filtering is not supported.

For CloudTrail event records, supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.

For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the only supported field is eventCategory.

" } }, "SelectorName": { @@ -1618,13 +1637,13 @@ "CreateTrailResponse$Name": "

Specifies the name of the trail.

", "CreateTrailResponse$S3BucketName": "

Specifies the name of the Amazon S3 bucket designated for publishing log files.

", "CreateTrailResponse$S3KeyPrefix": "

Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files.

", - "CreateTrailResponse$SnsTopicName": "

This field is no longer in use. Use SnsTopicARN.

", + "CreateTrailResponse$SnsTopicName": "

This field is no longer in use. Use SnsTopicARN.

", "CreateTrailResponse$SnsTopicARN": "

Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The format of a topic ARN is:

arn:aws:sns:us-east-2:123456789012:MyTopic

", "CreateTrailResponse$TrailARN": "

Specifies the ARN of the trail that was created. The format of a trail ARN is:

arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail

", "CreateTrailResponse$CloudWatchLogsLogGroupArn": "

Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs will be delivered.

", "CreateTrailResponse$CloudWatchLogsRoleArn": "

Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.

", "CreateTrailResponse$KmsKeyId": "

Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.

arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012

", - "DataResource$Type": "

The resource type in which you want to log data events. You can specify the following basic event selector resource types:

The following resource types are also available through advanced event selectors. Basic event selector resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in basic event selectors. For more information, see AdvancedFieldSelector$Field.

", + "DataResource$Type": "

The resource type in which you want to log data events. You can specify the following basic event selector resource types:

The following resource types are also available through advanced event selectors. Basic event selector resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in basic event selectors. For more information, see AdvancedFieldSelector.

", "DataResourceValues$member": null, "DeleteTrailRequest$Name": "

Specifies the name or the CloudTrail ARN of the trail to be deleted. The following is the format of a trail ARN. arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail

", "Event$EventId": "

The CloudTrail ID of the event returned.

", @@ -1678,7 +1697,7 @@ "Trail$Name": "

Name of the trail set by calling CreateTrail. The maximum length is 128 characters.

", "Trail$S3BucketName": "

Name of the Amazon S3 bucket into which CloudTrail delivers your trail files. See Amazon S3 Bucket Naming Requirements.

", "Trail$S3KeyPrefix": "

Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.

", - "Trail$SnsTopicName": "

This field is no longer in use. Use SnsTopicARN.

", + "Trail$SnsTopicName": "

This field is no longer in use. Use SnsTopicARN.

", "Trail$SnsTopicARN": "

Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The following is the format of a topic ARN.

arn:aws:sns:us-east-2:123456789012:MyTopic

", "Trail$HomeRegion": "

The Region in which the trail was created.

", "Trail$TrailARN": "

Specifies the ARN of the trail. The following is the format of a trail ARN.

arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail

", @@ -1699,7 +1718,7 @@ "UpdateTrailResponse$Name": "

Specifies the name of the trail.

", "UpdateTrailResponse$S3BucketName": "

Specifies the name of the Amazon S3 bucket designated for publishing log files.

", "UpdateTrailResponse$S3KeyPrefix": "

Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your IAM Log Files.

", - "UpdateTrailResponse$SnsTopicName": "

This field is no longer in use. Use UpdateTrailResponse$SnsTopicARN.

", + "UpdateTrailResponse$SnsTopicName": "

This field is no longer in use. Use SnsTopicARN.

", "UpdateTrailResponse$SnsTopicARN": "

Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The following is the format of a topic ARN.

arn:aws:sns:us-east-2:123456789012:MyTopic

", "UpdateTrailResponse$TrailARN": "

Specifies the ARN of the trail that was updated. The following is the format of a trail ARN.

arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail

", "UpdateTrailResponse$CloudWatchLogsLogGroupArn": "

Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs are delivered.

", diff --git a/models/apis/codeguru-security/2018-05-10/api-2.json b/models/apis/codeguru-security/2018-05-10/api-2.json new file mode 100644 index 00000000000..e0967279776 --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/api-2.json @@ -0,0 +1,1067 @@ +{ + "version":"2.0", + "metadata":{ + "apiVersion":"2018-05-10", + "endpointPrefix":"codeguru-security", + "jsonVersion":"1.1", + "protocol":"rest-json", + "serviceFullName":"Amazon CodeGuru Security", + "serviceId":"CodeGuru Security", + "signatureVersion":"v4", + "signingName":"codeguru-security", + "uid":"codeguru-security-2018-05-10" + }, + "operations":{ + "BatchGetFindings":{ + "name":"BatchGetFindings", + "http":{ + "method":"POST", + "requestUri":"/batchGetFindings", + "responseCode":200 + }, + "input":{"shape":"BatchGetFindingsRequest"}, + "output":{"shape":"BatchGetFindingsResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "CreateScan":{ + "name":"CreateScan", + "http":{ + "method":"POST", + "requestUri":"/scans", + "responseCode":200 + }, + "input":{"shape":"CreateScanRequest"}, + "output":{"shape":"CreateScanResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "CreateUploadUrl":{ + "name":"CreateUploadUrl", + "http":{ + "method":"POST", + "requestUri":"/uploadUrl", + "responseCode":200 + }, + "input":{"shape":"CreateUploadUrlRequest"}, + "output":{"shape":"CreateUploadUrlResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetAccountConfiguration":{ + "name":"GetAccountConfiguration", + "http":{ + "method":"GET", + "requestUri":"/accountConfiguration/get", + "responseCode":200 + }, + "input":{"shape":"GetAccountConfigurationRequest"}, + "output":{"shape":"GetAccountConfigurationResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetFindings":{ + "name":"GetFindings", + "http":{ + "method":"GET", + "requestUri":"/findings/{scanName}", + "responseCode":200 + }, + "input":{"shape":"GetFindingsRequest"}, + "output":{"shape":"GetFindingsResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetMetricsSummary":{ + "name":"GetMetricsSummary", + "http":{ + "method":"GET", + "requestUri":"/metrics/summary", + "responseCode":200 + }, + "input":{"shape":"GetMetricsSummaryRequest"}, + "output":{"shape":"GetMetricsSummaryResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetScan":{ + "name":"GetScan", + "http":{ + "method":"GET", + "requestUri":"/scans/{scanName}", + "responseCode":200 + }, + "input":{"shape":"GetScanRequest"}, + "output":{"shape":"GetScanResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListFindingsMetrics":{ + "name":"ListFindingsMetrics", + "http":{ + "method":"GET", + "requestUri":"/metrics/findings", + "responseCode":200 + }, + "input":{"shape":"ListFindingsMetricsRequest"}, + "output":{"shape":"ListFindingsMetricsResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListScans":{ + "name":"ListScans", + "http":{ + "method":"GET", + "requestUri":"/scans", + "responseCode":200 + }, + "input":{"shape":"ListScansRequest"}, + "output":{"shape":"ListScansResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListTagsForResource":{ + "name":"ListTagsForResource", + "http":{ + "method":"GET", + "requestUri":"/tags/{resourceArn}", + "responseCode":200 + }, + "input":{"shape":"ListTagsForResourceRequest"}, + "output":{"shape":"ListTagsForResourceResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "TagResource":{ + "name":"TagResource", + "http":{ + "method":"POST", + "requestUri":"/tags/{resourceArn}", + "responseCode":204 + }, + "input":{"shape":"TagResourceRequest"}, + "output":{"shape":"TagResourceResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "UntagResource":{ + "name":"UntagResource", + "http":{ + "method":"DELETE", + "requestUri":"/tags/{resourceArn}", + "responseCode":204 + }, + "input":{"shape":"UntagResourceRequest"}, + "output":{"shape":"UntagResourceResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + }, + "UpdateAccountConfiguration":{ + "name":"UpdateAccountConfiguration", + "http":{ + "method":"PUT", + "requestUri":"/updateAccountConfiguration", + "responseCode":200 + }, + "input":{"shape":"UpdateAccountConfigurationRequest"}, + "output":{"shape":"UpdateAccountConfigurationResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + } + }, + "shapes":{ + "AccessDeniedException":{ + "type":"structure", + "required":[ + "errorCode", + "message" + ], + "members":{ + "errorCode":{"shape":"String"}, + "message":{"shape":"String"}, + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"String"} + }, + "error":{ + "httpStatusCode":403, + "senderFault":true + }, + "exception":true + }, + "AccountFindingsMetric":{ + "type":"structure", + "members":{ + "closedFindings":{"shape":"FindingMetricsValuePerSeverity"}, + "date":{"shape":"Timestamp"}, + "meanTimeToClose":{"shape":"FindingMetricsValuePerSeverity"}, + "newFindings":{"shape":"FindingMetricsValuePerSeverity"}, + "openFindings":{"shape":"FindingMetricsValuePerSeverity"} + } + }, + "AnalysisType":{ + "type":"string", + "enum":[ + "Security", + "All" + ] + }, + "BatchGetFindingsError":{ + "type":"structure", + "required":[ + "errorCode", + "findingId", + "message", + "scanName" + ], + "members":{ + "errorCode":{"shape":"ErrorCode"}, + "findingId":{"shape":"String"}, + "message":{"shape":"String"}, + "scanName":{"shape":"ScanName"} + } + }, + "BatchGetFindingsErrors":{ + "type":"list", + "member":{"shape":"BatchGetFindingsError"} + }, + "BatchGetFindingsRequest":{ + "type":"structure", + "required":["findingIdentifiers"], + "members":{ + "findingIdentifiers":{"shape":"FindingIdentifiers"} + } + }, + "BatchGetFindingsResponse":{ + "type":"structure", + "required":[ + "failedFindings", + "findings" + ], + "members":{ + "failedFindings":{"shape":"BatchGetFindingsErrors"}, + "findings":{"shape":"Findings"} + } + }, + "CategoriesWithMostFindings":{ + "type":"list", + "member":{"shape":"CategoryWithFindingNum"}, + "max":5, + "min":0 + }, + "CategoryWithFindingNum":{ + "type":"structure", + "members":{ + "categoryName":{"shape":"String"}, + "findingNumber":{"shape":"Integer"} + } + }, + "ClientToken":{ + "type":"string", + "max":64, + "min":1, + "pattern":"^[\\S]+$" + }, + "CodeLine":{ + "type":"structure", + "members":{ + "content":{"shape":"String"}, + "number":{"shape":"Integer"} + } + }, + "CodeSnippet":{ + "type":"list", + "member":{"shape":"CodeLine"} + }, + "ConflictException":{ + "type":"structure", + "required":[ + "errorCode", + "message", + "resourceId", + "resourceType" + ], + "members":{ + "errorCode":{"shape":"String"}, + "message":{"shape":"String"}, + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"String"} + }, + "error":{ + "httpStatusCode":409, + "senderFault":true + }, + "exception":true + }, + "CreateScanRequest":{ + "type":"structure", + "required":[ + "resourceId", + "scanName" + ], + "members":{ + "analysisType":{"shape":"AnalysisType"}, + "clientToken":{ + "shape":"ClientToken", + "idempotencyToken":true + }, + "resourceId":{"shape":"ResourceId"}, + "scanName":{"shape":"ScanName"}, + "scanType":{"shape":"ScanType"}, + "tags":{"shape":"TagMap"} + } + }, + "CreateScanResponse":{ + "type":"structure", + "required":[ + "resourceId", + "runId", + "scanName", + "scanState" + ], + "members":{ + "resourceId":{"shape":"ResourceId"}, + "runId":{"shape":"Uuid"}, + "scanName":{"shape":"ScanName"}, + "scanNameArn":{"shape":"ScanNameArn"}, + "scanState":{"shape":"ScanState"} + } + }, + "CreateUploadUrlRequest":{ + "type":"structure", + "required":["scanName"], + "members":{ + "scanName":{"shape":"ScanName"} + } + }, + "CreateUploadUrlResponse":{ + "type":"structure", + "required":[ + "codeArtifactId", + "requestHeaders", + "s3Url" + ], + "members":{ + "codeArtifactId":{"shape":"Uuid"}, + "requestHeaders":{"shape":"RequestHeaderMap"}, + "s3Url":{"shape":"S3Url"} + } + }, + "DetectorTags":{ + "type":"list", + "member":{"shape":"String"} + }, + "Double":{ + "type":"double", + "box":true + }, + "EncryptionConfig":{ + "type":"structure", + "members":{ + "kmsKeyArn":{"shape":"KmsKeyArn"} + } + }, + "ErrorCode":{ + "type":"string", + "enum":[ + "DUPLICATE_IDENTIFIER", + "ITEM_DOES_NOT_EXIST", + "INTERNAL_ERROR", + "INVALID_FINDING_ID", + "INVALID_SCAN_NAME" + ] + }, + "FilePath":{ + "type":"structure", + "members":{ + "codeSnippet":{"shape":"CodeSnippet"}, + "endLine":{"shape":"Integer"}, + "name":{"shape":"String"}, + "path":{"shape":"String"}, + "startLine":{"shape":"Integer"} + } + }, + "Finding":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"Timestamp"}, + "description":{"shape":"String"}, + "detectorId":{"shape":"String"}, + "detectorName":{"shape":"String"}, + "detectorTags":{"shape":"DetectorTags"}, + "generatorId":{"shape":"String"}, + "id":{"shape":"String"}, + "remediation":{"shape":"Remediation"}, + "resource":{"shape":"Resource"}, + "ruleId":{"shape":"String"}, + "severity":{"shape":"Severity"}, + "status":{"shape":"Status"}, + "title":{"shape":"String"}, + "type":{"shape":"String"}, + "updatedAt":{"shape":"Timestamp"}, + "vulnerability":{"shape":"Vulnerability"} + } + }, + "FindingIdentifier":{ + "type":"structure", + "required":[ + "findingId", + "scanName" + ], + "members":{ + "findingId":{"shape":"String"}, + "scanName":{"shape":"String"} + } + }, + "FindingIdentifiers":{ + "type":"list", + "member":{"shape":"FindingIdentifier"}, + "max":25, + "min":1 + }, + "FindingMetricsValuePerSeverity":{ + "type":"structure", + "members":{ + "critical":{"shape":"Double"}, + "high":{"shape":"Double"}, + "info":{"shape":"Double"}, + "low":{"shape":"Double"}, + "medium":{"shape":"Double"} + } + }, + "Findings":{ + "type":"list", + "member":{"shape":"Finding"} + }, + "FindingsMetricList":{ + "type":"list", + "member":{"shape":"AccountFindingsMetric"} + }, + "GetAccountConfigurationRequest":{ + "type":"structure", + "members":{ + } + }, + "GetAccountConfigurationResponse":{ + "type":"structure", + "required":["encryptionConfig"], + "members":{ + "encryptionConfig":{"shape":"EncryptionConfig"} + } + }, + "GetFindingsRequest":{ + "type":"structure", + "required":["scanName"], + "members":{ + "maxResults":{ + "shape":"GetFindingsRequestMaxResultsInteger", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"nextToken" + }, + "scanName":{ + "shape":"ScanName", + "location":"uri", + "locationName":"scanName" + }, + "status":{ + "shape":"Status", + "location":"querystring", + "locationName":"status" + } + } + }, + "GetFindingsRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "GetFindingsResponse":{ + "type":"structure", + "members":{ + "findings":{"shape":"Findings"}, + "nextToken":{"shape":"NextToken"} + } + }, + "GetMetricsSummaryRequest":{ + "type":"structure", + "required":["date"], + "members":{ + "date":{ + "shape":"Timestamp", + "location":"querystring", + "locationName":"date" + } + } + }, + "GetMetricsSummaryResponse":{ + "type":"structure", + "members":{ + "metricsSummary":{"shape":"MetricsSummary"} + } + }, + "GetScanRequest":{ + "type":"structure", + "required":["scanName"], + "members":{ + "runId":{ + "shape":"Uuid", + "location":"querystring", + "locationName":"runId" + }, + "scanName":{ + "shape":"ScanName", + "location":"uri", + "locationName":"scanName" + } + } + }, + "GetScanResponse":{ + "type":"structure", + "required":[ + "analysisType", + "createdAt", + "runId", + "scanName", + "scanState" + ], + "members":{ + "analysisType":{"shape":"AnalysisType"}, + "createdAt":{"shape":"Timestamp"}, + "numberOfRevisions":{"shape":"Long"}, + "runId":{"shape":"Uuid"}, + "scanName":{"shape":"ScanName"}, + "scanNameArn":{"shape":"ScanNameArn"}, + "scanState":{"shape":"ScanState"}, + "updatedAt":{"shape":"Timestamp"} + } + }, + "HeaderKey":{ + "type":"string", + "min":1 + }, + "HeaderValue":{ + "type":"string", + "min":1 + }, + "Integer":{ + "type":"integer", + "box":true + }, + "InternalServerException":{ + "type":"structure", + "members":{ + "error":{"shape":"String"}, + "message":{"shape":"String"} + }, + "error":{"httpStatusCode":500}, + "exception":true, + "fault":true, + "retryable":{"throttling":false} + }, + "KmsKeyArn":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"^arn:aws:kms:[\\S]+:[\\d]{12}:key\\/(([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})|(mrk-[0-9a-zA-Z]{32}))$" + }, + "ListFindingsMetricsRequest":{ + "type":"structure", + "required":[ + "endDate", + "startDate" + ], + "members":{ + "endDate":{ + "shape":"Timestamp", + "location":"querystring", + "locationName":"endDate" + }, + "maxResults":{ + "shape":"ListFindingsMetricsRequestMaxResultsInteger", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"nextToken" + }, + "startDate":{ + "shape":"Timestamp", + "location":"querystring", + "locationName":"startDate" + } + } + }, + "ListFindingsMetricsRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":1000, + "min":1 + }, + "ListFindingsMetricsResponse":{ + "type":"structure", + "members":{ + "findingsMetrics":{"shape":"FindingsMetricList"}, + "nextToken":{"shape":"NextToken"} + } + }, + "ListScansRequest":{ + "type":"structure", + "members":{ + "maxResults":{ + "shape":"ListScansRequestMaxResultsInteger", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"nextToken" + } + } + }, + "ListScansRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListScansResponse":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"NextToken"}, + "summaries":{"shape":"ScanSummaries"} + } + }, + "ListTagsForResourceRequest":{ + "type":"structure", + "required":["resourceArn"], + "members":{ + "resourceArn":{ + "shape":"ScanNameArn", + "location":"uri", + "locationName":"resourceArn" + } + } + }, + "ListTagsForResourceResponse":{ + "type":"structure", + "members":{ + "tags":{"shape":"TagMap"} + } + }, + "Long":{ + "type":"long", + "box":true + }, + "MetricsSummary":{ + "type":"structure", + "members":{ + "categoriesWithMostFindings":{"shape":"CategoriesWithMostFindings"}, + "date":{"shape":"Timestamp"}, + "openFindings":{"shape":"FindingMetricsValuePerSeverity"}, + "scansWithMostOpenCriticalFindings":{"shape":"ScansWithMostOpenCriticalFindings"}, + "scansWithMostOpenFindings":{"shape":"ScansWithMostOpenFindings"} + } + }, + "NextToken":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"^[\\S]+$" + }, + "Recommendation":{ + "type":"structure", + "members":{ + "text":{"shape":"String"}, + "url":{"shape":"String"} + } + }, + "ReferenceUrls":{ + "type":"list", + "member":{"shape":"String"} + }, + "RelatedVulnerabilities":{ + "type":"list", + "member":{"shape":"String"} + }, + "Remediation":{ + "type":"structure", + "members":{ + "recommendation":{"shape":"Recommendation"}, + "suggestedFixes":{"shape":"SuggestedFixes"} + } + }, + "RequestHeaderMap":{ + "type":"map", + "key":{"shape":"HeaderKey"}, + "value":{"shape":"HeaderValue"}, + "sensitive":true + }, + "Resource":{ + "type":"structure", + "members":{ + "id":{"shape":"String"}, + "subResourceId":{"shape":"String"} + } + }, + "ResourceId":{ + "type":"structure", + "members":{ + "codeArtifactId":{"shape":"Uuid"} + }, + "union":true + }, + "ResourceNotFoundException":{ + "type":"structure", + "required":[ + "errorCode", + "message", + "resourceId", + "resourceType" + ], + "members":{ + "errorCode":{"shape":"String"}, + "message":{"shape":"String"}, + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"String"} + }, + "error":{ + "httpStatusCode":404, + "senderFault":true + }, + "exception":true + }, + "S3Url":{ + "type":"string", + "min":1, + "sensitive":true + }, + "ScanName":{ + "type":"string", + "max":140, + "min":1, + "pattern":"^[a-zA-Z0-9-_$:.]*$" + }, + "ScanNameArn":{ + "type":"string", + "max":300, + "min":1, + "pattern":"^arn:aws:codeguru-security:[\\S]+:[\\d]{12}:scans\\/[a-zA-Z0-9-_$:.]*$" + }, + "ScanNameWithFindingNum":{ + "type":"structure", + "members":{ + "findingNumber":{"shape":"Integer"}, + "scanName":{"shape":"String"} + } + }, + "ScanState":{ + "type":"string", + "enum":[ + "InProgress", + "Successful", + "Failed" + ] + }, + "ScanSummaries":{ + "type":"list", + "member":{"shape":"ScanSummary"} + }, + "ScanSummary":{ + "type":"structure", + "required":[ + "createdAt", + "runId", + "scanName", + "scanState" + ], + "members":{ + "createdAt":{"shape":"Timestamp"}, + "runId":{"shape":"Uuid"}, + "scanName":{"shape":"ScanName"}, + "scanNameArn":{"shape":"ScanNameArn"}, + "scanState":{"shape":"ScanState"}, + "updatedAt":{"shape":"Timestamp"} + } + }, + "ScanType":{ + "type":"string", + "enum":[ + "Standard", + "Express" + ] + }, + "ScansWithMostOpenCriticalFindings":{ + "type":"list", + "member":{"shape":"ScanNameWithFindingNum"}, + "max":3, + "min":0 + }, + "ScansWithMostOpenFindings":{ + "type":"list", + "member":{"shape":"ScanNameWithFindingNum"}, + "max":3, + "min":0 + }, + "Severity":{ + "type":"string", + "enum":[ + "Critical", + "High", + "Medium", + "Low", + "Info" + ] + }, + "Status":{ + "type":"string", + "enum":[ + "Closed", + "Open", + "All" + ] + }, + "String":{"type":"string"}, + "SuggestedFix":{ + "type":"structure", + "members":{ + "code":{"shape":"String"}, + "description":{"shape":"String"} + } + }, + "SuggestedFixes":{ + "type":"list", + "member":{"shape":"SuggestedFix"} + }, + "TagKey":{ + "type":"string", + "max":128, + "min":1 + }, + "TagKeyList":{ + "type":"list", + "member":{"shape":"TagKey"}, + "max":200, + "min":0 + }, + "TagMap":{ + "type":"map", + "key":{"shape":"TagKey"}, + "value":{"shape":"TagValue"}, + "max":200, + "min":0 + }, + "TagResourceRequest":{ + "type":"structure", + "required":[ + "resourceArn", + "tags" + ], + "members":{ + "resourceArn":{ + "shape":"ScanNameArn", + "location":"uri", + "locationName":"resourceArn" + }, + "tags":{"shape":"TagMap"} + } + }, + "TagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "TagValue":{ + "type":"string", + "max":256, + "min":0 + }, + "ThrottlingException":{ + "type":"structure", + "required":[ + "errorCode", + "message" + ], + "members":{ + "errorCode":{"shape":"String"}, + "message":{"shape":"String"}, + "quotaCode":{"shape":"String"}, + "serviceCode":{"shape":"String"} + }, + "error":{ + "httpStatusCode":429, + "senderFault":true + }, + "exception":true, + "retryable":{"throttling":true} + }, + "Timestamp":{"type":"timestamp"}, + "UntagResourceRequest":{ + "type":"structure", + "required":[ + "resourceArn", + "tagKeys" + ], + "members":{ + "resourceArn":{ + "shape":"ScanNameArn", + "location":"uri", + "locationName":"resourceArn" + }, + "tagKeys":{ + "shape":"TagKeyList", + "location":"querystring", + "locationName":"tagKeys" + } + } + }, + "UntagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "UpdateAccountConfigurationRequest":{ + "type":"structure", + "required":["encryptionConfig"], + "members":{ + "encryptionConfig":{"shape":"EncryptionConfig"} + } + }, + "UpdateAccountConfigurationResponse":{ + "type":"structure", + "required":["encryptionConfig"], + "members":{ + "encryptionConfig":{"shape":"EncryptionConfig"} + } + }, + "Uuid":{ + "type":"string", + "pattern":"^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$" + }, + "ValidationException":{ + "type":"structure", + "required":[ + "errorCode", + "message", + "reason" + ], + "members":{ + "errorCode":{"shape":"String"}, + "fieldList":{"shape":"ValidationExceptionFieldList"}, + "message":{"shape":"String"}, + "reason":{"shape":"ValidationExceptionReason"} + }, + "error":{ + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + }, + "ValidationExceptionField":{ + "type":"structure", + "required":[ + "message", + "name" + ], + "members":{ + "message":{"shape":"String"}, + "name":{"shape":"String"} + } + }, + "ValidationExceptionFieldList":{ + "type":"list", + "member":{"shape":"ValidationExceptionField"} + }, + "ValidationExceptionReason":{ + "type":"string", + "enum":[ + "unknownOperation", + "cannotParse", + "fieldValidationFailed", + "other", + "lambdaCodeShaMisMatch" + ] + }, + "Vulnerability":{ + "type":"structure", + "members":{ + "filePath":{"shape":"FilePath"}, + "id":{"shape":"String"}, + "itemCount":{"shape":"Integer"}, + "referenceUrls":{"shape":"ReferenceUrls"}, + "relatedVulnerabilities":{"shape":"RelatedVulnerabilities"} + } + } + } +} diff --git a/models/apis/codeguru-security/2018-05-10/docs-2.json b/models/apis/codeguru-security/2018-05-10/docs-2.json new file mode 100644 index 00000000000..fe21a122395 --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/docs-2.json @@ -0,0 +1,658 @@ +{ + "version": "2.0", + "service": "

This section provides documentation for the Amazon CodeGuru Security API operations. CodeGuru Security is a service that uses program analysis and machine learning to detect security policy violations and vulnerabilities, and recommends ways to address these security risks.

By proactively detecting and providing recommendations for addressing security risks, CodeGuru Security improves the overall security of your application code. For more information about CodeGuru Security, see the Amazon CodeGuru Security User Guide.

", + "operations": { + "BatchGetFindings": "

Returns a list of all requested findings.

", + "CreateScan": "

Use to create a scan using code uploaded to an S3 bucket.

", + "CreateUploadUrl": "

Generates a pre-signed URL and request headers used to upload a code resource.

You can upload your code resource to the URL and add the request headers using any HTTP client.

", + "GetAccountConfiguration": "

Use to get account level configuration.

", + "GetFindings": "

Returns a list of all findings generated by a particular scan.

", + "GetMetricsSummary": "

Returns top level metrics about an account from a specified date, including number of open findings, the categories with most findings, the scans with most open findings, and scans with most open critical findings.

", + "GetScan": "

Returns details about a scan, including whether or not a scan has completed.

", + "ListFindingsMetrics": "

Returns metrics about all findings in an account within a specified time range.

", + "ListScans": "

Returns a list of all the scans in an account.

", + "ListTagsForResource": "

Returns a list of all tags associated with a scan.

", + "TagResource": "

Use to add one or more tags to an existing scan.

", + "UntagResource": "

Use to remove one or more tags from an existing scan.

", + "UpdateAccountConfiguration": "

Use to update account-level configuration with an encryption key.

" + }, + "shapes": { + "AccessDeniedException": { + "base": "

You do not have sufficient access to perform this action.

", + "refs": { + } + }, + "AccountFindingsMetric": { + "base": "

A summary of findings metrics in an account.

", + "refs": { + "FindingsMetricList$member": null + } + }, + "AnalysisType": { + "base": null, + "refs": { + "CreateScanRequest$analysisType": "

The type of analysis you want CodeGuru Security to perform in the scan, either Security or All. The Secuirty type only generates findings related to security. The All type generates both security findings and quality findings. Defaults to Security type if missing.

", + "GetScanResponse$analysisType": "

The type of analysis CodeGuru Security performed in the scan, either Security or All. The Security type only generates findings related to security. The All type generates both security findings and quality findings.

" + } + }, + "BatchGetFindingsError": { + "base": "

Contains information about the error that caused a finding to fail to be retrieved.

", + "refs": { + "BatchGetFindingsErrors$member": null + } + }, + "BatchGetFindingsErrors": { + "base": null, + "refs": { + "BatchGetFindingsResponse$failedFindings": "

A list of errors for individual findings which were not fetched. Each BatchGetFindingsError contains the scanName, findingId, errorCode and error message.

" + } + }, + "BatchGetFindingsRequest": { + "base": null, + "refs": { + } + }, + "BatchGetFindingsResponse": { + "base": null, + "refs": { + } + }, + "CategoriesWithMostFindings": { + "base": null, + "refs": { + "MetricsSummary$categoriesWithMostFindings": "

A list of CategoryWithFindingNum objects for the top 5 finding categories with the most open findings in an account.

" + } + }, + "CategoryWithFindingNum": { + "base": "

Information about a finding category with open findings.

", + "refs": { + "CategoriesWithMostFindings$member": null + } + }, + "ClientToken": { + "base": null, + "refs": { + "CreateScanRequest$clientToken": "

The idempotency token for the request. Amazon CodeGuru Security uses this value to prevent the accidental creation of duplicate scans if there are failures and retries.

" + } + }, + "CodeLine": { + "base": "

The line of code where a finding was detected.

", + "refs": { + "CodeSnippet$member": null + } + }, + "CodeSnippet": { + "base": null, + "refs": { + "FilePath$codeSnippet": "

A list of CodeLine objects that describe where the security vulnerability appears in your code.

" + } + }, + "ConflictException": { + "base": "

The requested operation would cause a conflict with the current state of a service resource associated with the request. Resolve the conflict before retrying this request.

", + "refs": { + } + }, + "CreateScanRequest": { + "base": null, + "refs": { + } + }, + "CreateScanResponse": { + "base": null, + "refs": { + } + }, + "CreateUploadUrlRequest": { + "base": null, + "refs": { + } + }, + "CreateUploadUrlResponse": { + "base": null, + "refs": { + } + }, + "DetectorTags": { + "base": null, + "refs": { + "Finding$detectorTags": "

One or more tags or categorizations that are associated with a detector. These tags are defined by type, programming language, or other classification such as maintainability or consistency.

" + } + }, + "Double": { + "base": null, + "refs": { + "FindingMetricsValuePerSeverity$critical": "

The severity of the finding is critical and should be addressed immediately.

", + "FindingMetricsValuePerSeverity$high": "

The severity of the finding is high and should be addressed as a near-term priority.

", + "FindingMetricsValuePerSeverity$info": "

The finding is related to quality or readability improvements and not considered actionable.

", + "FindingMetricsValuePerSeverity$low": "

The severity of the finding is low and does require action on its own.

", + "FindingMetricsValuePerSeverity$medium": "

The severity of the finding is medium and should be addressed as a mid-term priority.

" + } + }, + "EncryptionConfig": { + "base": "

Information about account-level configuration.

", + "refs": { + "GetAccountConfigurationResponse$encryptionConfig": "

An EncryptionConfig object that contains the KMS key ARN to use for encryption. By default, CodeGuru Security uses an AWS-managed key for encryption. To specify your own key, call UpdateAccountConfiguration.

", + "UpdateAccountConfigurationRequest$encryptionConfig": "

The KMS key ARN you want to use for encryption. Defaults to service-side encryption if missing.

", + "UpdateAccountConfigurationResponse$encryptionConfig": "

An EncryptionConfig object that contains the KMS key ARN to use for encryption.

" + } + }, + "ErrorCode": { + "base": null, + "refs": { + "BatchGetFindingsError$errorCode": "

A code associated with the type of error.

" + } + }, + "FilePath": { + "base": "

Information about the location of security vulnerabilities that Amazon CodeGuru Security detected in your code.

", + "refs": { + "Vulnerability$filePath": "

An object that describes the location of the detected security vulnerability in your code.

" + } + }, + "Finding": { + "base": "

Information about a finding that was detected in your code.

", + "refs": { + "Findings$member": null + } + }, + "FindingIdentifier": { + "base": "

An object that contains information about a finding and the scan that generated it.

", + "refs": { + "FindingIdentifiers$member": null + } + }, + "FindingIdentifiers": { + "base": null, + "refs": { + "BatchGetFindingsRequest$findingIdentifiers": "

A list of finding identifiers. Each identifier consists of a scanName and a findingId. You retrieve the findingId when you call GetFindings.

" + } + }, + "FindingMetricsValuePerSeverity": { + "base": "

The severity of the issue in the code that generated a finding.

", + "refs": { + "AccountFindingsMetric$closedFindings": "

The number of closed findings of each severity in an account on the specified date.

", + "AccountFindingsMetric$meanTimeToClose": "

The average time it takes to close findings of each severity in days.

", + "AccountFindingsMetric$newFindings": "

The number of new findings of each severity in account on the specified date.

", + "AccountFindingsMetric$openFindings": "

The number of open findings of each severity in an account as of the specified date.

", + "MetricsSummary$openFindings": "

The number of open findings of each severity in an account.

" + } + }, + "Findings": { + "base": null, + "refs": { + "BatchGetFindingsResponse$findings": "

A list of all requested findings.

", + "GetFindingsResponse$findings": "

A list of findings generated by the specified scan.

" + } + }, + "FindingsMetricList": { + "base": null, + "refs": { + "ListFindingsMetricsResponse$findingsMetrics": "

A list of AccountFindingsMetric objects retrieved from the specified time interval.

" + } + }, + "GetAccountConfigurationRequest": { + "base": null, + "refs": { + } + }, + "GetAccountConfigurationResponse": { + "base": null, + "refs": { + } + }, + "GetFindingsRequest": { + "base": null, + "refs": { + } + }, + "GetFindingsRequestMaxResultsInteger": { + "base": null, + "refs": { + "GetFindingsRequest$maxResults": "

The maximum number of results to return in the response. Use this parameter when paginating results. If additional results exist beyond the number you specify, the nextToken element is returned in the response. Use nextToken in a subsequent request to retrieve additional results.

" + } + }, + "GetFindingsResponse": { + "base": null, + "refs": { + } + }, + "GetMetricsSummaryRequest": { + "base": null, + "refs": { + } + }, + "GetMetricsSummaryResponse": { + "base": null, + "refs": { + } + }, + "GetScanRequest": { + "base": null, + "refs": { + } + }, + "GetScanResponse": { + "base": null, + "refs": { + } + }, + "HeaderKey": { + "base": null, + "refs": { + "RequestHeaderMap$key": null + } + }, + "HeaderValue": { + "base": null, + "refs": { + "RequestHeaderMap$value": null + } + }, + "Integer": { + "base": null, + "refs": { + "CategoryWithFindingNum$findingNumber": "

The number of open findings in the category.

", + "CodeLine$number": "

The code line number.

", + "FilePath$endLine": "

The last line number of the code snippet where the security vulnerability appears in your code.

", + "FilePath$startLine": "

The first line number of the code snippet where the security vulnerability appears in your code.

", + "ScanNameWithFindingNum$findingNumber": "

The number of open findings generated by a scan.

", + "Vulnerability$itemCount": "

The number of times the vulnerability appears in your code.

" + } + }, + "InternalServerException": { + "base": "

The server encountered an internal error and is unable to complete the request.

", + "refs": { + } + }, + "KmsKeyArn": { + "base": null, + "refs": { + "EncryptionConfig$kmsKeyArn": "

The KMS key ARN to use for encryption. This must be provided as a header when uploading your code resource.

" + } + }, + "ListFindingsMetricsRequest": { + "base": null, + "refs": { + } + }, + "ListFindingsMetricsRequestMaxResultsInteger": { + "base": null, + "refs": { + "ListFindingsMetricsRequest$maxResults": "

The maximum number of results to return in the response. Use this parameter when paginating results. If additional results exist beyond the number you specify, the nextToken element is returned in the response. Use nextToken in a subsequent request to retrieve additional results.

" + } + }, + "ListFindingsMetricsResponse": { + "base": null, + "refs": { + } + }, + "ListScansRequest": { + "base": null, + "refs": { + } + }, + "ListScansRequestMaxResultsInteger": { + "base": null, + "refs": { + "ListScansRequest$maxResults": "

The maximum number of results to return in the response. Use this parameter when paginating results. If additional results exist beyond the number you specify, the nextToken element is returned in the response. Use nextToken in a subsequent request to retrieve additional results.

" + } + }, + "ListScansResponse": { + "base": null, + "refs": { + } + }, + "ListTagsForResourceRequest": { + "base": null, + "refs": { + } + }, + "ListTagsForResourceResponse": { + "base": null, + "refs": { + } + }, + "Long": { + "base": null, + "refs": { + "GetScanResponse$numberOfRevisions": "

The number of times a scan has been re-run on a revised resource.

" + } + }, + "MetricsSummary": { + "base": "

Information about summary metrics in an account.

", + "refs": { + "GetMetricsSummaryResponse$metricsSummary": "

The summary metrics from the specified date.

" + } + }, + "NextToken": { + "base": null, + "refs": { + "GetFindingsRequest$nextToken": "

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request to continue listing results after the first page.

", + "GetFindingsResponse$nextToken": "

A pagination token. You can use this in future calls to GetFindings to continue listing results after the current page.

", + "ListFindingsMetricsRequest$nextToken": "

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request to continue listing results after the first page.

", + "ListFindingsMetricsResponse$nextToken": "

A pagination token. You can use this in future calls to ListFindingMetrics to continue listing results after the current page.

", + "ListScansRequest$nextToken": "

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request to continue listing results after the first page.

", + "ListScansResponse$nextToken": "

A pagination token. You can use this in future calls to ListScans to continue listing results after the current page.

" + } + }, + "Recommendation": { + "base": "

Information about the recommended course of action to remediate a finding.

", + "refs": { + "Remediation$recommendation": "

An object that contains information about the recommended course of action to remediate a finding.

" + } + }, + "ReferenceUrls": { + "base": null, + "refs": { + "Vulnerability$referenceUrls": "

One or more URL addresses that contain details about a vulnerability.

" + } + }, + "RelatedVulnerabilities": { + "base": null, + "refs": { + "Vulnerability$relatedVulnerabilities": "

One or more vulnerabilities that are related to the vulnerability being described.

" + } + }, + "Remediation": { + "base": "

Information about how to remediate a finding.

", + "refs": { + "Finding$remediation": "

An object that contains the details about how to remediate a finding.

" + } + }, + "RequestHeaderMap": { + "base": null, + "refs": { + "CreateUploadUrlResponse$requestHeaders": "

A set of key-value pairs that contain the required headers when uploading your resource.

" + } + }, + "Resource": { + "base": "

Information about a resource, such as an Amazon S3 bucket or AWS Lambda function, that contains a finding.

", + "refs": { + "Finding$resource": "

The resource where Amazon CodeGuru Security detected a finding.

" + } + }, + "ResourceId": { + "base": "

The identifier for a resource object that contains resources where a finding was detected.

", + "refs": { + "CreateScanRequest$resourceId": "

The identifier for an input resource used to create a scan.

", + "CreateScanResponse$resourceId": "

The identifier for the resource object that contains resources that were scanned.

" + } + }, + "ResourceNotFoundException": { + "base": "

The resource specified in the request was not found.

", + "refs": { + } + }, + "S3Url": { + "base": null, + "refs": { + "CreateUploadUrlResponse$s3Url": "

A pre-signed S3 URL. You can upload the code file you want to scan and add the required requestHeaders using any HTTP client.

" + } + }, + "ScanName": { + "base": null, + "refs": { + "BatchGetFindingsError$scanName": "

The name of the scan that generated the finding.

", + "CreateScanRequest$scanName": "

The unique name that CodeGuru Security uses to track revisions across multiple scans of the same resource. Only allowed for a STANDARD scan type. If not specified, it will be auto generated.

", + "CreateScanResponse$scanName": "

The name of the scan.

", + "CreateUploadUrlRequest$scanName": "

The name of the scan that will use the uploaded resource. CodeGuru Security uses the unique scan name to track revisions across multiple scans of the same resource. Use this scanName when you call CreateScan on the code resource you upload to this URL.

", + "GetFindingsRequest$scanName": "

The name of the scan you want to retrieve findings from.

", + "GetScanRequest$scanName": "

The name of the scan you want to view details about.

", + "GetScanResponse$scanName": "

The name of the scan.

", + "ScanSummary$scanName": "

The name of the scan.

" + } + }, + "ScanNameArn": { + "base": null, + "refs": { + "CreateScanResponse$scanNameArn": "

The ARN for the scan name.

", + "GetScanResponse$scanNameArn": "

The ARN for the scan name.

", + "ListTagsForResourceRequest$resourceArn": "

The ARN of the ScanName object. You can retrieve this ARN by calling ListScans or GetScan.

", + "ScanSummary$scanNameArn": "

The ARN for the scan name.

", + "TagResourceRequest$resourceArn": "

The ARN of the ScanName object. You can retrieve this ARN by calling ListScans or GetScan.

", + "UntagResourceRequest$resourceArn": "

The ARN of the ScanName object. You can retrieve this ARN by calling ListScans or GetScan.

" + } + }, + "ScanNameWithFindingNum": { + "base": "

Information about a scan with open findings.

", + "refs": { + "ScansWithMostOpenCriticalFindings$member": null, + "ScansWithMostOpenFindings$member": null + } + }, + "ScanState": { + "base": null, + "refs": { + "CreateScanResponse$scanState": "

The current state of the scan. Returns either InProgress, Successful, or Failed.

", + "GetScanResponse$scanState": "

The current state of the scan. Pass either InProgress, Successful, or Failed.

", + "ScanSummary$scanState": "

The state of the scan. A scan can be In Progress, Complete, or Failed.

" + } + }, + "ScanSummaries": { + "base": null, + "refs": { + "ListScansResponse$summaries": "

A list of ScanSummary objects with information about all scans in an account.

" + } + }, + "ScanSummary": { + "base": "

Information about a scan.

", + "refs": { + "ScanSummaries$member": null + } + }, + "ScanType": { + "base": null, + "refs": { + "CreateScanRequest$scanType": "

The type of scan, either Standard or Express. Defaults to Standard type if missing.

Express scans run on limited resources and use a limited set of detectors to analyze your code in near-real time. Standard scans have standard resource limits and use the full set of detectors to analyze your code.

" + } + }, + "ScansWithMostOpenCriticalFindings": { + "base": null, + "refs": { + "MetricsSummary$scansWithMostOpenCriticalFindings": "

A list of ScanNameWithFindingNum objects for the top 3 scans with the most number of open findings in an account.

" + } + }, + "ScansWithMostOpenFindings": { + "base": null, + "refs": { + "MetricsSummary$scansWithMostOpenFindings": "

A list of ScanNameWithFindingNum objects for the top 3 scans with the most number of open critical findings in an account.

" + } + }, + "Severity": { + "base": null, + "refs": { + "Finding$severity": "

The severity of the finding.

" + } + }, + "Status": { + "base": null, + "refs": { + "Finding$status": "

The status of the finding. A finding status can be open or closed.

", + "GetFindingsRequest$status": "

The status of the findings you want to get. Pass either Open, Closed, or All.

" + } + }, + "String": { + "base": null, + "refs": { + "AccessDeniedException$errorCode": "

The identifier for the error.

", + "AccessDeniedException$message": "

Description of the error.

", + "AccessDeniedException$resourceId": "

The identifier for the resource you don't have access to.

", + "AccessDeniedException$resourceType": "

The type of resource you don't have access to.

", + "BatchGetFindingsError$findingId": "

The finding ID of the finding that was not fetched.

", + "BatchGetFindingsError$message": "

Describes the error.

", + "CategoryWithFindingNum$categoryName": "

The name of the finding category. A finding category is determined by the detector that detected the finding.

", + "CodeLine$content": "

The code that contains a vulnerability.

", + "ConflictException$errorCode": "

The identifier for the error.

", + "ConflictException$message": "

Description of the error.

", + "ConflictException$resourceId": "

The identifier for the service resource associated with the request.

", + "ConflictException$resourceType": "

The type of resource associated with the request.

", + "DetectorTags$member": null, + "FilePath$name": "

The name of the file.

", + "FilePath$path": "

The path to the resource with the security vulnerability.

", + "Finding$description": "

A description of the finding.

", + "Finding$detectorId": "

The identifier for the detector that detected the finding in your code. A detector is a defined rule based on industry standards and AWS best practices.

", + "Finding$detectorName": "

The name of the detector that identified the security vulnerability in your code.

", + "Finding$generatorId": "

The identifier for the component that generated a finding such as AWSCodeGuruSecurity or AWSInspector.

", + "Finding$id": "

The identifier for a finding.

", + "Finding$ruleId": "

The identifier for the rule that generated the finding.

", + "Finding$title": "

The title of the finding.

", + "Finding$type": "

The type of finding.

", + "FindingIdentifier$findingId": "

The identifier for a finding.

", + "FindingIdentifier$scanName": "

The name of the scan that generated the finding.

", + "InternalServerException$error": "

The internal error encountered by the server.

", + "InternalServerException$message": "

Description of the error.

", + "Recommendation$text": "

The recommended course of action to remediate the finding.

", + "Recommendation$url": "

The URL address to the recommendation for remediating the finding.

", + "ReferenceUrls$member": null, + "RelatedVulnerabilities$member": null, + "Resource$id": "

The identifier for the resource.

", + "Resource$subResourceId": "

The identifier for a section of the resource, such as an AWS Lambda layer.

", + "ResourceNotFoundException$errorCode": "

The identifier for the error.

", + "ResourceNotFoundException$message": "

Description of the error.

", + "ResourceNotFoundException$resourceId": "

The identifier for the resource that was not found.

", + "ResourceNotFoundException$resourceType": "

The type of resource that was not found.

", + "ScanNameWithFindingNum$scanName": "

The name of the scan.

", + "SuggestedFix$code": "

The suggested code to add to your file.

", + "SuggestedFix$description": "

A description of the suggested code fix and why it is being suggested.

", + "ThrottlingException$errorCode": "

The identifier for the error.

", + "ThrottlingException$message": "

Description of the error.

", + "ThrottlingException$quotaCode": "

The identifier for the originating quota.

", + "ThrottlingException$serviceCode": "

The identifier for the originating service.

", + "ValidationException$errorCode": "

The identifier for the error.

", + "ValidationException$message": "

Description of the error.

", + "ValidationExceptionField$message": "

Describes the exception.

", + "ValidationExceptionField$name": "

The name of the exception.

", + "Vulnerability$id": "

The identifier for the vulnerability.

" + } + }, + "SuggestedFix": { + "base": "

Information about the suggested code fix to remediate a finding.

", + "refs": { + "SuggestedFixes$member": null + } + }, + "SuggestedFixes": { + "base": null, + "refs": { + "Remediation$suggestedFixes": "

A list of SuggestedFix objects. Each object contains information about a suggested code fix to remediate the finding.

" + } + }, + "TagKey": { + "base": null, + "refs": { + "TagKeyList$member": null, + "TagMap$key": null + } + }, + "TagKeyList": { + "base": null, + "refs": { + "UntagResourceRequest$tagKeys": "

A list of keys for each tag you want to remove from a scan.

" + } + }, + "TagMap": { + "base": null, + "refs": { + "CreateScanRequest$tags": "

An array of key-value pairs used to tag a scan. A tag is a custom attribute label with two parts:

", + "ListTagsForResourceResponse$tags": "

An array of key-value pairs used to tag an existing scan. A tag is a custom attribute label with two parts:

", + "TagResourceRequest$tags": "

An array of key-value pairs used to tag an existing scan. A tag is a custom attribute label with two parts:

" + } + }, + "TagResourceRequest": { + "base": null, + "refs": { + } + }, + "TagResourceResponse": { + "base": null, + "refs": { + } + }, + "TagValue": { + "base": null, + "refs": { + "TagMap$value": null + } + }, + "ThrottlingException": { + "base": "

The request was denied due to request throttling.

", + "refs": { + } + }, + "Timestamp": { + "base": null, + "refs": { + "AccountFindingsMetric$date": "

The date from which the finding metrics were retrieved.

", + "Finding$createdAt": "

The time when the finding was created.

", + "Finding$updatedAt": "

The time when the finding was last updated. Findings are updated when you remediate them or when the finding code location changes.

", + "GetMetricsSummaryRequest$date": "

The date you want to retrieve summary metrics from, rounded to the nearest day. The date must be within the past two years since metrics data is only stored for two years. If a date outside of this range is passed, the response will be empty.

", + "GetScanResponse$createdAt": "

The time the scan was created.

", + "GetScanResponse$updatedAt": "

The time when the scan was last updated. Only available for STANDARD scan types.

", + "ListFindingsMetricsRequest$endDate": "

The end date of the interval which you want to retrieve metrics from.

", + "ListFindingsMetricsRequest$startDate": "

The start date of the interval which you want to retrieve metrics from.

", + "MetricsSummary$date": "

The date from which the metrics summary information was retrieved.

", + "ScanSummary$createdAt": "

The time when the scan was created.

", + "ScanSummary$updatedAt": "

The time the scan was last updated. A scan is updated when it is re-run.

" + } + }, + "UntagResourceRequest": { + "base": null, + "refs": { + } + }, + "UntagResourceResponse": { + "base": null, + "refs": { + } + }, + "UpdateAccountConfigurationRequest": { + "base": null, + "refs": { + } + }, + "UpdateAccountConfigurationResponse": { + "base": null, + "refs": { + } + }, + "Uuid": { + "base": null, + "refs": { + "CreateScanResponse$runId": "

UUID that identifies the individual scan run.

", + "CreateUploadUrlResponse$codeArtifactId": "

The identifier for the uploaded code resource.

", + "GetScanRequest$runId": "

UUID that identifies the individual scan run you want to view details about. You retrieve this when you call the CreateScan operation. Defaults to the latest scan run if missing.

", + "GetScanResponse$runId": "

UUID that identifies the individual scan run.

", + "ResourceId$codeArtifactId": "

The identifier for the code file uploaded to the resource where a finding was detected.

", + "ScanSummary$runId": "

The identifier for the scan run.

" + } + }, + "ValidationException": { + "base": "

The input fails to satisfy the specified constraints.

", + "refs": { + } + }, + "ValidationExceptionField": { + "base": "

Information about a validation exception.

", + "refs": { + "ValidationExceptionFieldList$member": null + } + }, + "ValidationExceptionFieldList": { + "base": null, + "refs": { + "ValidationException$fieldList": "

The field that caused the error, if applicable.

" + } + }, + "ValidationExceptionReason": { + "base": null, + "refs": { + "ValidationException$reason": "

The reason the request failed validation.

" + } + }, + "Vulnerability": { + "base": "

Information about a security vulnerability that Amazon CodeGuru Security detected.

", + "refs": { + "Finding$vulnerability": "

An object that describes the detected security vulnerability.

" + } + } + } +} diff --git a/models/apis/codeguru-security/2018-05-10/endpoint-rule-set-1.json b/models/apis/codeguru-security/2018-05-10/endpoint-rule-set-1.json new file mode 100644 index 00000000000..9c6f96dac9a --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/endpoint-rule-set-1.json @@ -0,0 +1,350 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://codeguru-security.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + } + ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/codeguru-security/2018-05-10/endpoint-tests-1.json b/models/apis/codeguru-security/2018-05-10/endpoint-tests-1.json new file mode 100644 index 00000000000..df56b8cd383 --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/endpoint-tests-1.json @@ -0,0 +1,295 @@ +{ + "testCases": [ + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://codeguru-security.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/codeguru-security/2018-05-10/examples-1.json b/models/apis/codeguru-security/2018-05-10/examples-1.json new file mode 100644 index 00000000000..0ea7e3b0bbe --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/examples-1.json @@ -0,0 +1,5 @@ +{ + "version": "1.0", + "examples": { + } +} diff --git a/models/apis/codeguru-security/2018-05-10/paginators-1.json b/models/apis/codeguru-security/2018-05-10/paginators-1.json new file mode 100644 index 00000000000..03e1cbfce77 --- /dev/null +++ b/models/apis/codeguru-security/2018-05-10/paginators-1.json @@ -0,0 +1,22 @@ +{ + "pagination": { + "GetFindings": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "findings" + }, + "ListFindingsMetrics": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "findingsMetrics" + }, + "ListScans": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "summaries" + } + } +} diff --git a/models/apis/drs/2020-02-26/api-2.json b/models/apis/drs/2020-02-26/api-2.json index 8125061d595..08e2dff07f2 100644 --- a/models/apis/drs/2020-02-26/api-2.json +++ b/models/apis/drs/2020-02-26/api-2.json @@ -13,6 +13,25 @@ "uid":"drs-2020-02-26" }, "operations":{ + "AssociateSourceNetworkStack":{ + "name":"AssociateSourceNetworkStack", + "http":{ + "method":"POST", + "requestUri":"/AssociateSourceNetworkStack", + "responseCode":202 + }, + "input":{"shape":"AssociateSourceNetworkStackRequest"}, + "output":{"shape":"AssociateSourceNetworkStackResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, "CreateExtendedSourceServer":{ "name":"CreateExtendedSourceServer", "http":{ @@ -68,6 +87,25 @@ {"shape":"UninitializedAccountException"} ] }, + "CreateSourceNetwork":{ + "name":"CreateSourceNetwork", + "http":{ + "method":"POST", + "requestUri":"/CreateSourceNetwork", + "responseCode":201 + }, + "input":{"shape":"CreateSourceNetworkRequest"}, + "output":{"shape":"CreateSourceNetworkResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, "DeleteJob":{ "name":"DeleteJob", "http":{ @@ -138,6 +176,24 @@ ], "idempotent":true }, + "DeleteSourceNetwork":{ + "name":"DeleteSourceNetwork", + "http":{ + "method":"POST", + "requestUri":"/DeleteSourceNetwork", + "responseCode":204 + }, + "input":{"shape":"DeleteSourceNetworkRequest"}, + "output":{"shape":"DeleteSourceNetworkResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, + {"shape":"UninitializedAccountException"} + ], + "idempotent":true + }, "DeleteSourceServer":{ "name":"DeleteSourceServer", "http":{ @@ -255,6 +311,22 @@ {"shape":"UninitializedAccountException"} ] }, + "DescribeSourceNetworks":{ + "name":"DescribeSourceNetworks", + "http":{ + "method":"POST", + "requestUri":"/DescribeSourceNetworks", + "responseCode":200 + }, + "input":{"shape":"DescribeSourceNetworksRequest"}, + "output":{"shape":"DescribeSourceNetworksResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, "DescribeSourceServers":{ "name":"DescribeSourceServers", "http":{ @@ -305,6 +377,24 @@ {"shape":"UninitializedAccountException"} ] }, + "ExportSourceNetworkCfnTemplate":{ + "name":"ExportSourceNetworkCfnTemplate", + "http":{ + "method":"POST", + "requestUri":"/ExportSourceNetworkCfnTemplate", + "responseCode":200 + }, + "input":{"shape":"ExportSourceNetworkCfnTemplateRequest"}, + "output":{"shape":"ExportSourceNetworkCfnTemplateResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, "GetFailbackReplicationConfiguration":{ "name":"GetFailbackReplicationConfiguration", "http":{ @@ -511,6 +601,41 @@ {"shape":"UninitializedAccountException"} ] }, + "StartSourceNetworkRecovery":{ + "name":"StartSourceNetworkRecovery", + "http":{ + "method":"POST", + "requestUri":"/StartSourceNetworkRecovery", + "responseCode":202 + }, + "input":{"shape":"StartSourceNetworkRecoveryRequest"}, + "output":{"shape":"StartSourceNetworkRecoveryResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, + "StartSourceNetworkReplication":{ + "name":"StartSourceNetworkReplication", + "http":{ + "method":"POST", + "requestUri":"/StartSourceNetworkReplication", + "responseCode":200 + }, + "input":{"shape":"StartSourceNetworkReplicationRequest"}, + "output":{"shape":"StartSourceNetworkReplicationResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, + {"shape":"UninitializedAccountException"} + ] + }, "StopFailback":{ "name":"StopFailback", "http":{ @@ -543,6 +668,24 @@ {"shape":"UninitializedAccountException"} ] }, + "StopSourceNetworkReplication":{ + "name":"StopSourceNetworkReplication", + "http":{ + "method":"POST", + "requestUri":"/StopSourceNetworkReplication", + "responseCode":200 + }, + "input":{"shape":"StopSourceNetworkReplicationRequest"}, + "output":{"shape":"StopSourceNetworkReplicationResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"UninitializedAccountException"} + ] + }, "TagResource":{ "name":"TagResource", "http":{ @@ -729,6 +872,23 @@ "max":50, "min":0 }, + "AssociateSourceNetworkStackRequest":{ + "type":"structure", + "required":[ + "cfnStackName", + "sourceNetworkID" + ], + "members":{ + "cfnStackName":{"shape":"CfnStackName"}, + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "AssociateSourceNetworkStackResponse":{ + "type":"structure", + "members":{ + "job":{"shape":"Job"} + } + }, "AwsAvailabilityZone":{ "type":"string", "max":255, @@ -757,6 +917,13 @@ "modelName":{"shape":"BoundedString"} } }, + "CfnStackName":{ + "type":"string", + "max":128, + "min":1, + "pattern":"^[a-zA-Z][-a-zA-Z0-9]*$", + "sensitive":true + }, "ConflictException":{ "type":"structure", "members":{ @@ -811,6 +978,7 @@ "members":{ "copyPrivateIp":{"shape":"Boolean"}, "copyTags":{"shape":"Boolean"}, + "exportBucketArn":{"shape":"ARN"}, "launchDisposition":{"shape":"LaunchDisposition"}, "licensing":{"shape":"Licensing"}, "tags":{"shape":"TagsMap"}, @@ -857,6 +1025,26 @@ "useDedicatedReplicationServer":{"shape":"Boolean"} } }, + "CreateSourceNetworkRequest":{ + "type":"structure", + "required":[ + "originAccountID", + "originRegion", + "vpcID" + ], + "members":{ + "originAccountID":{"shape":"AccountID"}, + "originRegion":{"shape":"AwsRegion"}, + "tags":{"shape":"TagsMap"}, + "vpcID":{"shape":"VpcID"} + } + }, + "CreateSourceNetworkResponse":{ + "type":"structure", + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, "DataReplicationError":{ "type":"structure", "members":{ @@ -1014,6 +1202,18 @@ "members":{ } }, + "DeleteSourceNetworkRequest":{ + "type":"structure", + "required":["sourceNetworkID"], + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "DeleteSourceNetworkResponse":{ + "type":"structure", + "members":{ + } + }, "DeleteSourceServerRequest":{ "type":"structure", "required":["sourceServerID"], @@ -1152,6 +1352,35 @@ "nextToken":{"shape":"PaginationToken"} } }, + "DescribeSourceNetworksRequest":{ + "type":"structure", + "members":{ + "filters":{"shape":"DescribeSourceNetworksRequestFilters"}, + "maxResults":{"shape":"StrictlyPositiveInteger"}, + "nextToken":{"shape":"PaginationToken"} + } + }, + "DescribeSourceNetworksRequestFilters":{ + "type":"structure", + "members":{ + "originAccountID":{"shape":"AccountID"}, + "originRegion":{"shape":"AwsRegion"}, + "sourceNetworkIDs":{"shape":"DescribeSourceNetworksRequestFiltersIDs"} + } + }, + "DescribeSourceNetworksRequestFiltersIDs":{ + "type":"list", + "member":{"shape":"SourceNetworkID"}, + "max":100, + "min":0 + }, + "DescribeSourceNetworksResponse":{ + "type":"structure", + "members":{ + "items":{"shape":"SourceNetworksList"}, + "nextToken":{"shape":"PaginationToken"} + } + }, "DescribeSourceServersRequest":{ "type":"structure", "members":{ @@ -1245,6 +1474,26 @@ "min":10, "pattern":"^vol-([0-9a-fA-F]{8}|[0-9a-fA-F]{17})$" }, + "EventResourceData":{ + "type":"structure", + "members":{ + "sourceNetworkData":{"shape":"SourceNetworkData"} + }, + "union":true + }, + "ExportSourceNetworkCfnTemplateRequest":{ + "type":"structure", + "required":["sourceNetworkID"], + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "ExportSourceNetworkCfnTemplateResponse":{ + "type":"structure", + "members":{ + "s3DestinationUrl":{"shape":"LargeBoundedString"} + } + }, "ExtensionStatus":{ "type":"string", "enum":[ @@ -1371,7 +1620,10 @@ "FAILBACK", "DIAGNOSTIC", "TERMINATE_RECOVERY_INSTANCES", - "TARGET_ACCOUNT" + "TARGET_ACCOUNT", + "CREATE_NETWORK_RECOVERY", + "UPDATE_NETWORK_RECOVERY", + "ASSOCIATE_NETWORK_RECOVERY" ] }, "InternalServerException":{ @@ -1398,6 +1650,7 @@ "endDateTime":{"shape":"ISO8601DatetimeString"}, "initiatedBy":{"shape":"InitiatedBy"}, "jobID":{"shape":"JobID"}, + "participatingResources":{"shape":"ParticipatingResources"}, "participatingServers":{"shape":"ParticipatingServers"}, "status":{"shape":"JobStatus"}, "tags":{"shape":"TagsMap"}, @@ -1437,7 +1690,17 @@ "LAUNCH_START", "LAUNCH_FAILED", "JOB_CANCEL", - "JOB_END" + "JOB_END", + "DEPLOY_NETWORK_CONFIGURATION_START", + "DEPLOY_NETWORK_CONFIGURATION_END", + "DEPLOY_NETWORK_CONFIGURATION_FAILED", + "UPDATE_NETWORK_CONFIGURATION_START", + "UPDATE_NETWORK_CONFIGURATION_END", + "UPDATE_NETWORK_CONFIGURATION_FAILED", + "UPDATE_LAUNCH_TEMPLATE_START", + "UPDATE_LAUNCH_TEMPLATE_END", + "UPDATE_LAUNCH_TEMPLATE_FAILED", + "NETWORK_RECOVERY_FAIL" ] }, "JobLogEventData":{ @@ -1445,6 +1708,7 @@ "members":{ "conversionProperties":{"shape":"ConversionProperties"}, "conversionServerID":{"shape":"EC2InstanceID"}, + "eventResourceData":{"shape":"EventResourceData"}, "rawError":{"shape":"LargeBoundedString"}, "sourceServerID":{"shape":"SourceServerID"}, "targetInstanceID":{"shape":"EC2InstanceID"} @@ -1514,6 +1778,7 @@ "arn":{"shape":"ARN"}, "copyPrivateIp":{"shape":"Boolean"}, "copyTags":{"shape":"Boolean"}, + "exportBucketArn":{"shape":"ARN"}, "launchConfigurationTemplateID":{"shape":"LaunchConfigurationTemplateID"}, "launchDisposition":{"shape":"LaunchDisposition"}, "licensing":{"shape":"Licensing"}, @@ -1719,6 +1984,24 @@ "max":2048, "min":0 }, + "ParticipatingResource":{ + "type":"structure", + "members":{ + "launchStatus":{"shape":"LaunchStatus"}, + "participatingResourceID":{"shape":"ParticipatingResourceID"} + } + }, + "ParticipatingResourceID":{ + "type":"structure", + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + }, + "union":true + }, + "ParticipatingResources":{ + "type":"list", + "member":{"shape":"ParticipatingResource"} + }, "ParticipatingServer":{ "type":"structure", "members":{ @@ -1916,6 +2199,26 @@ "max":200, "min":1 }, + "RecoveryLifeCycle":{ + "type":"structure", + "members":{ + "apiCallDateTime":{"shape":"SyntheticTimestamp_date_time"}, + "jobID":{"shape":"JobID"}, + "lastRecoveryResult":{"shape":"RecoveryResult"} + } + }, + "RecoveryResult":{ + "type":"string", + "enum":[ + "NOT_STARTED", + "IN_PROGRESS", + "SUCCESS", + "FAIL", + "PARTIAL_SUCCESS", + "ASSOCIATE_SUCCESS", + "ASSOCIATE_FAIL" + ] + }, "RecoverySnapshot":{ "type":"structure", "required":[ @@ -1990,7 +2293,8 @@ "type":"string", "enum":[ "DEFAULT", - "CUSTOM" + "CUSTOM", + "NONE" ] }, "ReplicationConfigurationReplicatedDisk":{ @@ -2074,6 +2378,15 @@ "max":32, "min":0 }, + "ReplicationStatus":{ + "type":"string", + "enum":[ + "STOPPED", + "IN_PROGRESS", + "PROTECTED", + "ERROR" + ] + }, "ResourceNotFoundException":{ "type":"structure", "members":{ @@ -2116,6 +2429,12 @@ "min":0, "pattern":"^sg-[0-9a-fA-F]{8,}$" }, + "SensitiveBoundedString":{ + "type":"string", + "max":256, + "min":0, + "sensitive":true + }, "ServiceQuotaExceededException":{ "type":"structure", "members":{ @@ -2145,6 +2464,41 @@ "originRegion":{"shape":"AwsRegion"} } }, + "SourceNetwork":{ + "type":"structure", + "members":{ + "arn":{"shape":"ARN"}, + "cfnStackName":{"shape":"CfnStackName"}, + "lastRecovery":{"shape":"RecoveryLifeCycle"}, + "launchedVpcID":{"shape":"VpcID"}, + "replicationStatus":{"shape":"ReplicationStatus"}, + "replicationStatusDetails":{"shape":"SensitiveBoundedString"}, + "sourceAccountID":{"shape":"AccountID"}, + "sourceNetworkID":{"shape":"SourceNetworkID"}, + "sourceRegion":{"shape":"AwsRegion"}, + "sourceVpcID":{"shape":"VpcID"}, + "tags":{"shape":"TagsMap"} + } + }, + "SourceNetworkData":{ + "type":"structure", + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"}, + "sourceVpc":{"shape":"VpcID"}, + "stackName":{"shape":"LargeBoundedString"}, + "targetVpc":{"shape":"VpcID"} + } + }, + "SourceNetworkID":{ + "type":"string", + "max":20, + "min":20, + "pattern":"^sn-[0-9a-zA-Z]{17}$" + }, + "SourceNetworksList":{ + "type":"list", + "member":{"shape":"SourceNetwork"} + }, "SourceProperties":{ "type":"structure", "members":{ @@ -2170,6 +2524,7 @@ "replicationDirection":{"shape":"ReplicationDirection"}, "reversedDirectionSourceServerArn":{"shape":"SourceServerARN"}, "sourceCloudProperties":{"shape":"SourceCloudProperties"}, + "sourceNetworkID":{"shape":"SourceNetworkID"}, "sourceProperties":{"shape":"SourceProperties"}, "sourceServerID":{"shape":"SourceServerID"}, "stagingArea":{"shape":"StagingArea"}, @@ -2279,6 +2634,48 @@ "sourceServer":{"shape":"SourceServer"} } }, + "StartSourceNetworkRecoveryRequest":{ + "type":"structure", + "required":["sourceNetworks"], + "members":{ + "deployAsNew":{"shape":"Boolean"}, + "sourceNetworks":{"shape":"StartSourceNetworkRecoveryRequestNetworkEntries"}, + "tags":{"shape":"TagsMap"} + } + }, + "StartSourceNetworkRecoveryRequestNetworkEntries":{ + "type":"list", + "member":{"shape":"StartSourceNetworkRecoveryRequestNetworkEntry"}, + "max":100, + "min":1 + }, + "StartSourceNetworkRecoveryRequestNetworkEntry":{ + "type":"structure", + "required":["sourceNetworkID"], + "members":{ + "cfnStackName":{"shape":"CfnStackName"}, + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "StartSourceNetworkRecoveryResponse":{ + "type":"structure", + "members":{ + "job":{"shape":"Job"} + } + }, + "StartSourceNetworkReplicationRequest":{ + "type":"structure", + "required":["sourceNetworkID"], + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "StartSourceNetworkReplicationResponse":{ + "type":"structure", + "members":{ + "sourceNetwork":{"shape":"SourceNetwork"} + } + }, "StopFailbackRequest":{ "type":"structure", "required":["recoveryInstanceID"], @@ -2299,6 +2696,19 @@ "sourceServer":{"shape":"SourceServer"} } }, + "StopSourceNetworkReplicationRequest":{ + "type":"structure", + "required":["sourceNetworkID"], + "members":{ + "sourceNetworkID":{"shape":"SourceNetworkID"} + } + }, + "StopSourceNetworkReplicationResponse":{ + "type":"structure", + "members":{ + "sourceNetwork":{"shape":"SourceNetwork"} + } + }, "StrictlyPositiveInteger":{ "type":"integer", "min":1 @@ -2309,6 +2719,10 @@ "min":0, "pattern":"^subnet-[0-9a-fA-F]{8,}$" }, + "SyntheticTimestamp_date_time":{ + "type":"timestamp", + "timestampFormat":"iso8601" + }, "TagKey":{ "type":"string", "max":256, @@ -2444,6 +2858,7 @@ "members":{ "copyPrivateIp":{"shape":"Boolean"}, "copyTags":{"shape":"Boolean"}, + "exportBucketArn":{"shape":"ARN"}, "launchConfigurationTemplateID":{"shape":"LaunchConfigurationTemplateID"}, "launchDisposition":{"shape":"LaunchDisposition"}, "licensing":{"shape":"Licensing"}, @@ -2544,6 +2959,12 @@ "type":"map", "key":{"shape":"LargeBoundedString"}, "value":{"shape":"PositiveInteger"} + }, + "VpcID":{ + "type":"string", + "max":21, + "min":12, + "pattern":"^vpc-[0-9a-fA-F]{8,}$" } } } diff --git a/models/apis/drs/2020-02-26/docs-2.json b/models/apis/drs/2020-02-26/docs-2.json index ada83161b75..6a290da97bc 100644 --- a/models/apis/drs/2020-02-26/docs-2.json +++ b/models/apis/drs/2020-02-26/docs-2.json @@ -2,13 +2,16 @@ "version": "2.0", "service": "

AWS Elastic Disaster Recovery Service.

", "operations": { + "AssociateSourceNetworkStack": "

Associate a Source Network to an existing CloudFormation Stack and modify launch templates to use this network. Can be used for reverting to previously deployed CloudFormation stacks.

", "CreateExtendedSourceServer": "

Create an extended source server in the target Account based on the source server in staging account.

", "CreateLaunchConfigurationTemplate": "

Creates a new Launch Configuration Template.

", "CreateReplicationConfigurationTemplate": "

Creates a new ReplicationConfigurationTemplate.

", + "CreateSourceNetwork": "

Create a new Source Network resource for a provided VPC ID.

", "DeleteJob": "

Deletes a single Job by ID.

", "DeleteLaunchConfigurationTemplate": "

Deletes a single Launch Configuration Template by ID.

", "DeleteRecoveryInstance": "

Deletes a single Recovery Instance by ID. This deletes the Recovery Instance resource from Elastic Disaster Recovery. The Recovery Instance must be disconnected first in order to delete it.

", "DeleteReplicationConfigurationTemplate": "

Deletes a single Replication Configuration Template by ID

", + "DeleteSourceNetwork": "

Delete Source Network resource.

", "DeleteSourceServer": "

Deletes a single Source Server by ID. The Source Server must be disconnected first.

", "DescribeJobLogItems": "

Retrieves a detailed Job log with pagination.

", "DescribeJobs": "

Returns a list of Jobs. Use the JobsID and fromDate and toDate filters to limit which jobs are returned. The response is sorted by creationDataTime - latest date first. Jobs are created by the StartRecovery, TerminateRecoveryInstances and StartFailbackLaunch APIs. Jobs are also created by DiagnosticLaunch and TerminateDiagnosticInstances, which are APIs available only to *Support* and only used in response to relevant support tickets.

", @@ -16,9 +19,11 @@ "DescribeRecoveryInstances": "

Lists all Recovery Instances or multiple Recovery Instances by ID.

", "DescribeRecoverySnapshots": "

Lists all Recovery Snapshots for a single Source Server.

", "DescribeReplicationConfigurationTemplates": "

Lists all ReplicationConfigurationTemplates, filtered by Source Server IDs.

", + "DescribeSourceNetworks": "

Lists all Source Networks or multiple Source Networks filtered by ID.

", "DescribeSourceServers": "

Lists all Source Servers or multiple Source Servers filtered by ID.

", "DisconnectRecoveryInstance": "

Disconnect a Recovery Instance from Elastic Disaster Recovery. Data replication is stopped immediately. All AWS resources created by Elastic Disaster Recovery for enabling the replication of the Recovery Instance will be terminated / deleted within 90 minutes. If the agent on the Recovery Instance has not been prevented from communicating with the Elastic Disaster Recovery service, then it will receive a command to uninstall itself (within approximately 10 minutes). The following properties of the Recovery Instance will be changed immediately: dataReplicationInfo.dataReplicationState will be set to DISCONNECTED; The totalStorageBytes property for each of dataReplicationInfo.replicatedDisks will be set to zero; dataReplicationInfo.lagDuration and dataReplicationInfo.lagDuration will be nullified.

", "DisconnectSourceServer": "

Disconnects a specific Source Server from Elastic Disaster Recovery. Data replication is stopped immediately. All AWS resources created by Elastic Disaster Recovery for enabling the replication of the Source Server will be terminated / deleted within 90 minutes. You cannot disconnect a Source Server if it has a Recovery Instance. If the agent on the Source Server has not been prevented from communicating with the Elastic Disaster Recovery service, then it will receive a command to uninstall itself (within approximately 10 minutes). The following properties of the SourceServer will be changed immediately: dataReplicationInfo.dataReplicationState will be set to DISCONNECTED; The totalStorageBytes property for each of dataReplicationInfo.replicatedDisks will be set to zero; dataReplicationInfo.lagDuration and dataReplicationInfo.lagDuration will be nullified.

", + "ExportSourceNetworkCfnTemplate": "

Export the Source Network CloudFormation template to an S3 bucket.

", "GetFailbackReplicationConfiguration": "

Lists all Failback ReplicationConfigurations, filtered by Recovery Instance ID.

", "GetLaunchConfiguration": "

Gets a LaunchConfiguration, filtered by Source Server IDs.

", "GetReplicationConfiguration": "

Gets a ReplicationConfiguration, filtered by Source Server ID.

", @@ -31,8 +36,11 @@ "StartFailbackLaunch": "

Initiates a Job for launching the machine that is being failed back to from the specified Recovery Instance. This will run conversion on the failback client and will reboot your machine, thus completing the failback process.

", "StartRecovery": "

Launches Recovery Instances for the specified Source Servers. For each Source Server you may choose a point in time snapshot to launch from, or use an on demand snapshot.

", "StartReplication": "

Starts replication for a stopped Source Server. This action would make the Source Server protected again and restart billing for it.

", + "StartSourceNetworkRecovery": "

Deploy VPC for the specified Source Network and modify launch templates to use this network. The VPC will be deployed using a dedicated CloudFormation stack.

", + "StartSourceNetworkReplication": "

Starts replication for a Source Network. This action would make the Source Network protected.

", "StopFailback": "

Stops the failback process for a specified Recovery Instance. This changes the Failback State of the Recovery Instance back to FAILBACK_NOT_STARTED.

", "StopReplication": "

Stops replication for a Source Server. This action would make the Source Server unprotected, delete its existing snapshots and stop billing for it.

", + "StopSourceNetworkReplication": "

Stops replication for a Source Network. This action would make the Source Network unprotected.

", "TagResource": "

Adds or overwrites only the specified tags for the specified Elastic Disaster Recovery resource or resources. When you specify an existing tag key, the value is overwritten with the new value. Each resource can have a maximum of 50 tags. Each tag consists of a key and optional value.

", "TerminateRecoveryInstances": "

Initiates a Job for terminating the EC2 resources associated with the specified Recovery Instances, and then will delete the Recovery Instances from the Elastic Disaster Recovery service.

", "UntagResource": "

Deletes the specified set of tags from the specified set of Elastic Disaster Recovery resources.

", @@ -46,18 +54,22 @@ "ARN": { "base": null, "refs": { + "CreateLaunchConfigurationTemplateRequest$exportBucketArn": "

S3 bucket ARN to export Source Network templates.

", "CreateReplicationConfigurationTemplateRequest$ebsEncryptionKeyArn": "

The ARN of the EBS encryption key to be used during replication.

", "Job$arn": "

The ARN of a Job.

", "LaunchConfigurationTemplate$arn": "

ARN of the Launch Configuration Template.

", + "LaunchConfigurationTemplate$exportBucketArn": "

S3 bucket ARN to export Source Network templates.

", "ListTagsForResourceRequest$resourceArn": "

The ARN of the resource whose tags should be returned.

", "RecoveryInstance$arn": "

The ARN of the Recovery Instance.

", "ReplicationConfiguration$ebsEncryptionKeyArn": "

The ARN of the EBS encryption key to be used during replication.

", "ReplicationConfigurationTemplate$arn": "

The Replication Configuration Template ARN.

", "ReplicationConfigurationTemplate$ebsEncryptionKeyArn": "

The ARN of the EBS encryption key to be used during replication.

", + "SourceNetwork$arn": "

The ARN of the Source Network.

", "SourceServer$arn": "

The ARN of the Source Server.

", "StagingArea$stagingSourceServerArn": "

Arn of the staging source server if this source server is extended

", "TagResourceRequest$resourceArn": "

ARN of the resource for which tags are to be added or updated.

", "UntagResourceRequest$resourceArn": "

ARN of the resource for which tags are to be removed.

", + "UpdateLaunchConfigurationTemplateRequest$exportBucketArn": "

S3 bucket ARN to export Source Network templates.

", "UpdateReplicationConfigurationRequest$ebsEncryptionKeyArn": "

The ARN of the EBS encryption key to be used during replication.

", "UpdateReplicationConfigurationTemplateRequest$arn": "

The Replication Configuration Template ARN.

", "UpdateReplicationConfigurationTemplateRequest$ebsEncryptionKeyArn": "

The ARN of the EBS encryption key to be used during replication.

" @@ -79,8 +91,11 @@ "refs": { "Account$accountID": "

Account ID of AWS account.

", "AccountIDs$member": null, + "CreateSourceNetworkRequest$originAccountID": "

Account containing the VPC to protect.

", + "DescribeSourceNetworksRequestFilters$originAccountID": "

Filter Source Networks by account ID containing the protected VPCs.

", "ListExtensibleSourceServersRequest$stagingAccountID": "

The Id of the staging Account to retrieve extensible source servers from.

", "SourceCloudProperties$originAccountID": "

AWS Account ID for an EC2-originated Source Server.

", + "SourceNetwork$sourceAccountID": "

Account ID containing the VPC protected by the Source Network.

", "StagingArea$stagingAccountID": "

Account ID of the account to which source server belongs. If this source server is extended - shows Account ID of staging source server.

" } }, @@ -96,6 +111,16 @@ "ListStagingAccountsResponse$accounts": "

An array of staging AWS Accounts.

" } }, + "AssociateSourceNetworkStackRequest": { + "base": null, + "refs": { + } + }, + "AssociateSourceNetworkStackResponse": { + "base": null, + "refs": { + } + }, "AwsAvailabilityZone": { "base": null, "refs": { @@ -108,7 +133,10 @@ "AwsRegion": { "base": null, "refs": { - "SourceCloudProperties$originRegion": "

AWS Region for an EC2-originated Source Server.

" + "CreateSourceNetworkRequest$originRegion": "

Region containing the VPC to protect.

", + "DescribeSourceNetworksRequestFilters$originRegion": "

Filter Source Networks by the region containing the protected VPCs.

", + "SourceCloudProperties$originRegion": "

AWS Region for an EC2-originated Source Server.

", + "SourceNetwork$sourceRegion": "

Region containing the VPC protected by the Source Network.

" } }, "Boolean": { @@ -142,6 +170,7 @@ "ReplicationConfigurationTemplate$useDedicatedReplicationServer": "

Whether to use a dedicated Replication Server in the replication staging area.

", "SourceProperties$supportsNitroInstances": "

Are EC2 nitro instance types supported when recovering the Source Server.

", "StartRecoveryRequest$isDrill": "

Whether this Source Server Recovery operation is a drill or not.

", + "StartSourceNetworkRecoveryRequest$deployAsNew": "

Don't update existing CloudFormation Stack, recover the network using a new stack.

", "UpdateFailbackReplicationConfigurationRequest$usePrivateIP": "

Whether to use Private IP for the failback replication of the Recovery Instance.

", "UpdateLaunchConfigurationRequest$copyPrivateIp": "

Whether we should copy the Private IP of the Source Server to the Recovery Instance.

", "UpdateLaunchConfigurationRequest$copyTags": "

Whether we want to copy the tags of the Source Server to the EC2 machine of the Recovery Instance.

", @@ -186,6 +215,14 @@ "Cpus$member": null } }, + "CfnStackName": { + "base": null, + "refs": { + "AssociateSourceNetworkStackRequest$cfnStackName": "

CloudFormation template to associate with a Source Network.

", + "SourceNetwork$cfnStackName": "

CloudFormation stack name that was deployed for recovering the Source Network.

", + "StartSourceNetworkRecoveryRequestNetworkEntry$cfnStackName": "

CloudFormation stack name to be used for recovering the network.

" + } + }, "ConflictException": { "base": "

The request could not be completed due to a conflict with the current state of the target resource.

", "refs": { @@ -235,6 +272,16 @@ "refs": { } }, + "CreateSourceNetworkRequest": { + "base": null, + "refs": { + } + }, + "CreateSourceNetworkResponse": { + "base": null, + "refs": { + } + }, "DataReplicationError": { "base": "

Error in data replication.

", "refs": { @@ -336,6 +383,16 @@ "refs": { } }, + "DeleteSourceNetworkRequest": { + "base": null, + "refs": { + } + }, + "DeleteSourceNetworkResponse": { + "base": null, + "refs": { + } + }, "DeleteSourceServerRequest": { "base": null, "refs": { @@ -436,6 +493,28 @@ "refs": { } }, + "DescribeSourceNetworksRequest": { + "base": null, + "refs": { + } + }, + "DescribeSourceNetworksRequestFilters": { + "base": "

A set of filters by which to return Source Networks.

", + "refs": { + "DescribeSourceNetworksRequest$filters": "

A set of filters by which to return Source Networks.

" + } + }, + "DescribeSourceNetworksRequestFiltersIDs": { + "base": null, + "refs": { + "DescribeSourceNetworksRequestFilters$sourceNetworkIDs": "

An array of Source Network IDs that should be returned. An empty array means all Source Networks.

" + } + }, + "DescribeSourceNetworksResponse": { + "base": null, + "refs": { + } + }, "DescribeSourceServersRequest": { "base": null, "refs": { @@ -526,6 +605,22 @@ "RecoveryInstanceDisk$ebsVolumeID": "

The EBS Volume ID of this disk.

" } }, + "EventResourceData": { + "base": "

Properties of resource related to a job event.

", + "refs": { + "JobLogEventData$eventResourceData": "

Properties of resource related to a job event.

" + } + }, + "ExportSourceNetworkCfnTemplateRequest": { + "base": null, + "refs": { + } + }, + "ExportSourceNetworkCfnTemplateResponse": { + "base": null, + "refs": { + } + }, "ExtensionStatus": { "base": null, "refs": { @@ -646,9 +741,11 @@ "Job": { "base": "

A job is an asynchronous workflow.

", "refs": { + "AssociateSourceNetworkStackResponse$job": "

The Source Network association Job.

", "JobsList$member": null, "StartFailbackLaunchResponse$job": "

The failback launch Job.

", "StartRecoveryResponse$job": "

The Recovery Job.

", + "StartSourceNetworkRecoveryResponse$job": "

The Source Network recovery Job.

", "TerminateRecoveryInstancesResponse$job": "

The Job for terminating the Recovery Instances.

" } }, @@ -661,7 +758,8 @@ "Job$jobID": "

The ID of the Job.

", "LifeCycleLastLaunchInitiated$jobID": "

The ID of the Job that was used to last launch the Source Server.

", "RecoveryInstance$jobID": "

The ID of the Job that created the Recovery Instance.

", - "RecoveryInstanceFailback$failbackJobID": "

The Job ID of the last failback log for this Recovery Instance.

" + "RecoveryInstanceFailback$failbackJobID": "

The Job ID of the last failback log for this Recovery Instance.

", + "RecoveryLifeCycle$jobID": "

The ID of the Job that was used to last recover the Source Network.

" } }, "JobLog": { @@ -718,6 +816,7 @@ "ConversionProperties$dataTimestamp": "

The timestamp of when the snapshot being converted was taken

", "ConversionProperties$rootVolumeName": "

The root volume name of a conversion job

", "DataReplicationError$rawError": "

Error in data replication.

", + "ExportSourceNetworkCfnTemplateResponse$s3DestinationUrl": "

S3 bucket URL where the Source Network CloudFormation template was exported to.

", "InternalServerException$message": null, "JobLogEventData$rawError": "

A string representing a job error.

", "RecoveryInstanceDataReplicationError$rawError": "

Error in data replication.

", @@ -731,6 +830,7 @@ "ServiceQuotaExceededException$resourceId": "

The ID of the resource.

", "ServiceQuotaExceededException$resourceType": "

The type of the resource.

", "ServiceQuotaExceededException$serviceCode": "

Service code.

", + "SourceNetworkData$stackName": "

CloudFormation stack name that was deployed for recovering the Source Network.

", "StagingArea$errorMessage": "

Shows an error message that occurred when DRS tried to access the staging source server. In this case StagingArea$status will have value EXTENSION_ERROR

", "ThrottlingException$message": null, "ThrottlingException$quotaCode": "

Quota code.

", @@ -806,6 +906,7 @@ "base": null, "refs": { "LifeCycleLastLaunch$status": "

Status of Source Server's last launch.

", + "ParticipatingResource$launchStatus": "

The launch status of a participating resource.

", "ParticipatingServer$launchStatus": "

The launch status of a participating server.

" } }, @@ -948,6 +1049,8 @@ "DescribeRecoverySnapshotsResponse$nextToken": "

The token of the next Recovery Snapshot to retrieve.

", "DescribeReplicationConfigurationTemplatesRequest$nextToken": "

The token of the next Replication Configuration Template to retrieve.

", "DescribeReplicationConfigurationTemplatesResponse$nextToken": "

The token of the next Replication Configuration Template to retrieve.

", + "DescribeSourceNetworksRequest$nextToken": "

The token of the next Source Networks to retrieve.

", + "DescribeSourceNetworksResponse$nextToken": "

The token of the next Source Networks to retrieve.

", "DescribeSourceServersRequest$nextToken": "

The token of the next Source Server to retrieve.

", "DescribeSourceServersResponse$nextToken": "

The token of the next Source Server to retrieve.

", "ListExtensibleSourceServersRequest$nextToken": "

The token of the next extensible source server to retrieve.

", @@ -956,6 +1059,24 @@ "ListStagingAccountsResponse$nextToken": "

The token of the next staging Account to retrieve.

" } }, + "ParticipatingResource": { + "base": "

Represents a resource participating in an asynchronous Job.

", + "refs": { + "ParticipatingResources$member": null + } + }, + "ParticipatingResourceID": { + "base": "

ID of a resource participating in an asynchronous Job.

", + "refs": { + "ParticipatingResource$participatingResourceID": "

The ID of a participating resource.

" + } + }, + "ParticipatingResources": { + "base": null, + "refs": { + "Job$participatingResources": "

A list of resources that the Job is acting upon.

" + } + }, "ParticipatingServer": { "base": "

Represents a server participating in an asynchronous Job.

", "refs": { @@ -1118,6 +1239,18 @@ "TerminateRecoveryInstancesRequest$recoveryInstanceIDs": "

The IDs of the Recovery Instances that should be terminated.

" } }, + "RecoveryLifeCycle": { + "base": "

An object representing the Source Network recovery Lifecycle.

", + "refs": { + "SourceNetwork$lastRecovery": "

An object containing information regarding the last recovery of the Source Network.

" + } + }, + "RecoveryResult": { + "base": null, + "refs": { + "RecoveryLifeCycle$lastRecoveryResult": "

The status of the last recovery status of this Source Network.

" + } + }, "RecoverySnapshot": { "base": "

A snapshot of a Source Server used during recovery.

", "refs": { @@ -1241,6 +1374,12 @@ "UpdateReplicationConfigurationTemplateRequest$replicationServersSecurityGroupsIDs": "

The security group IDs that will be used by the replication server.

" } }, + "ReplicationStatus": { + "base": null, + "refs": { + "SourceNetwork$replicationStatus": "

Status of Source Network Replication. Possible values: (a) STOPPED - Source Network is not replicating. (b) IN_PROGRESS - Source Network is being replicated. (c) PROTECTED - Source Network was replicated successfully and is being synchronized for changes. (d) ERROR - Source Network replication has failed

" + } + }, "ResourceNotFoundException": { "base": "

The resource for this operation was not found.

", "refs": { @@ -1267,6 +1406,12 @@ "ReplicationServersSecurityGroupsIDs$member": null } }, + "SensitiveBoundedString": { + "base": null, + "refs": { + "SourceNetwork$replicationStatusDetails": "

Error details in case Source Network replication status is ERROR.

" + } + }, "ServiceQuotaExceededException": { "base": "

The request could not be completed because its exceeded the service quota.

", "refs": { @@ -1287,6 +1432,43 @@ "SourceServer$sourceCloudProperties": "

Source cloud properties of the Source Server.

" } }, + "SourceNetwork": { + "base": "

The ARN of the Source Network.

", + "refs": { + "SourceNetworksList$member": null, + "StartSourceNetworkReplicationResponse$sourceNetwork": "

Source Network which was requested for replication.

", + "StopSourceNetworkReplicationResponse$sourceNetwork": "

Source Network which was requested to stop replication.

" + } + }, + "SourceNetworkData": { + "base": "

Properties of Source Network related to a job event.

", + "refs": { + "EventResourceData$sourceNetworkData": "

Source Network properties.

" + } + }, + "SourceNetworkID": { + "base": null, + "refs": { + "AssociateSourceNetworkStackRequest$sourceNetworkID": "

The Source Network ID to associate with CloudFormation template.

", + "CreateSourceNetworkResponse$sourceNetworkID": "

ID of the created Source Network.

", + "DeleteSourceNetworkRequest$sourceNetworkID": "

ID of the Source Network to delete.

", + "DescribeSourceNetworksRequestFiltersIDs$member": null, + "ExportSourceNetworkCfnTemplateRequest$sourceNetworkID": "

The Source Network ID to export its CloudFormation template to an S3 bucket.

", + "ParticipatingResourceID$sourceNetworkID": "

Source Network ID.

", + "SourceNetwork$sourceNetworkID": "

Source Network ID.

", + "SourceNetworkData$sourceNetworkID": "

Source Network ID.

", + "SourceServer$sourceNetworkID": "

ID of the Source Network which is protecting this Source Server's network.

", + "StartSourceNetworkRecoveryRequestNetworkEntry$sourceNetworkID": "

The ID of the Source Network you want to recover.

", + "StartSourceNetworkReplicationRequest$sourceNetworkID": "

ID of the Source Network to replicate.

", + "StopSourceNetworkReplicationRequest$sourceNetworkID": "

ID of the Source Network to stop replication.

" + } + }, + "SourceNetworksList": { + "base": null, + "refs": { + "DescribeSourceNetworksResponse$items": "

An array of Source Networks.

" + } + }, "SourceProperties": { "base": "

Properties of the Source Server machine.

", "refs": { @@ -1414,6 +1596,38 @@ "refs": { } }, + "StartSourceNetworkRecoveryRequest": { + "base": null, + "refs": { + } + }, + "StartSourceNetworkRecoveryRequestNetworkEntries": { + "base": null, + "refs": { + "StartSourceNetworkRecoveryRequest$sourceNetworks": "

The Source Networks that we want to start a Recovery Job for.

" + } + }, + "StartSourceNetworkRecoveryRequestNetworkEntry": { + "base": "

An object representing the Source Network to recover.

", + "refs": { + "StartSourceNetworkRecoveryRequestNetworkEntries$member": null + } + }, + "StartSourceNetworkRecoveryResponse": { + "base": null, + "refs": { + } + }, + "StartSourceNetworkReplicationRequest": { + "base": null, + "refs": { + } + }, + "StartSourceNetworkReplicationResponse": { + "base": null, + "refs": { + } + }, "StopFailbackRequest": { "base": null, "refs": { @@ -1429,6 +1643,16 @@ "refs": { } }, + "StopSourceNetworkReplicationRequest": { + "base": null, + "refs": { + } + }, + "StopSourceNetworkReplicationResponse": { + "base": null, + "refs": { + } + }, "StrictlyPositiveInteger": { "base": null, "refs": { @@ -1437,6 +1661,7 @@ "DescribeRecoveryInstancesRequest$maxResults": "

Maximum number of Recovery Instances to retrieve.

", "DescribeRecoverySnapshotsRequest$maxResults": "

Maximum number of Recovery Snapshots to retrieve.

", "DescribeReplicationConfigurationTemplatesRequest$maxResults": "

Maximum number of Replication Configuration Templates to retrieve.

", + "DescribeSourceNetworksRequest$maxResults": "

Maximum number of Source Networks to retrieve.

", "DescribeSourceServersRequest$maxResults": "

Maximum number of Source Servers to retrieve.

", "PITPolicyRule$interval": "

How often, in the chosen units, a snapshot should be taken.

", "PITPolicyRule$retentionDuration": "

The duration to retain a snapshot for, in the chosen units.

" @@ -1452,6 +1677,12 @@ "UpdateReplicationConfigurationTemplateRequest$stagingAreaSubnetId": "

The subnet to be used by the replication staging area.

" } }, + "SyntheticTimestamp_date_time": { + "base": null, + "refs": { + "RecoveryLifeCycle$apiCallDateTime": "

The date and time the last Source Network recovery was initiated.

" + } + }, "TagKey": { "base": null, "refs": { @@ -1483,6 +1714,7 @@ "CreateLaunchConfigurationTemplateRequest$tags": "

Request to associate tags during creation of a Launch Configuration Template.

", "CreateReplicationConfigurationTemplateRequest$stagingAreaTags": "

A set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.

", "CreateReplicationConfigurationTemplateRequest$tags": "

A set of tags to be associated with the Replication Configuration Template resource.

", + "CreateSourceNetworkRequest$tags": "

A set of tags to be associated with the Source Network resource.

", "Job$tags": "

A list of tags associated with the Job.

", "LaunchConfigurationTemplate$tags": "

Tags of the Launch Configuration Template.

", "ListTagsForResourceResponse$tags": "

The tags of the requested resource.

", @@ -1490,10 +1722,12 @@ "ReplicationConfiguration$stagingAreaTags": "

A set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.

", "ReplicationConfigurationTemplate$stagingAreaTags": "

A set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.

", "ReplicationConfigurationTemplate$tags": "

A set of tags to be associated with the Replication Configuration Template resource.

", + "SourceNetwork$tags": "

A list of tags associated with the Source Network.

", "SourceServer$tags": "

The tags associated with the Source Server.

", "StagingSourceServer$tags": "

A list of tags associated with the staging source server.

", "StartFailbackLaunchRequest$tags": "

The tags to be associated with the failback launch Job.

", "StartRecoveryRequest$tags": "

The tags to be associated with the Recovery Job.

", + "StartSourceNetworkRecoveryRequest$tags": "

The tags to be associated with the Source Network recovery Job.

", "TagResourceRequest$tags": "

Array of tags to be added or updated.

", "UpdateReplicationConfigurationRequest$stagingAreaTags": "

A set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.

", "UpdateReplicationConfigurationTemplateRequest$stagingAreaTags": "

A set of tags to be associated with all resources created in the replication staging area: EC2 replication server, EBS volumes, EBS snapshots, etc.

" @@ -1598,6 +1832,16 @@ "refs": { "ConversionProperties$volumeToVolumeSize": "

A mapping between the volumes and their sizes

" } + }, + "VpcID": { + "base": null, + "refs": { + "CreateSourceNetworkRequest$vpcID": "

Which VPC ID to protect.

", + "SourceNetwork$launchedVpcID": "

ID of the recovered VPC following Source Network recovery.

", + "SourceNetwork$sourceVpcID": "

VPC ID protected by the Source Network.

", + "SourceNetworkData$sourceVpc": "

VPC ID protected by the Source Network.

", + "SourceNetworkData$targetVpc": "

ID of the recovered VPC following Source Network recovery.

" + } } } } diff --git a/models/apis/drs/2020-02-26/paginators-1.json b/models/apis/drs/2020-02-26/paginators-1.json index 3158e95a566..bf7f0e978df 100644 --- a/models/apis/drs/2020-02-26/paginators-1.json +++ b/models/apis/drs/2020-02-26/paginators-1.json @@ -36,6 +36,12 @@ "limit_key": "maxResults", "result_key": "items" }, + "DescribeSourceNetworks": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, "DescribeSourceServers": { "input_token": "nextToken", "output_token": "nextToken", diff --git a/models/apis/ec2/2016-11-15/api-2.json b/models/apis/ec2/2016-11-15/api-2.json index 84c90867fb5..85aa50d62b4 100755 --- a/models/apis/ec2/2016-11-15/api-2.json +++ b/models/apis/ec2/2016-11-15/api-2.json @@ -638,6 +638,15 @@ "input":{"shape":"CreateImageRequest"}, "output":{"shape":"CreateImageResult"} }, + "CreateInstanceConnectEndpoint":{ + "name":"CreateInstanceConnectEndpoint", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateInstanceConnectEndpointRequest"}, + "output":{"shape":"CreateInstanceConnectEndpointResult"} + }, "CreateInstanceEventWindow":{ "name":"CreateInstanceEventWindow", "http":{ @@ -1317,6 +1326,15 @@ "input":{"shape":"DeleteFpgaImageRequest"}, "output":{"shape":"DeleteFpgaImageResult"} }, + "DeleteInstanceConnectEndpoint":{ + "name":"DeleteInstanceConnectEndpoint", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteInstanceConnectEndpointRequest"}, + "output":{"shape":"DeleteInstanceConnectEndpointResult"} + }, "DeleteInstanceEventWindow":{ "name":"DeleteInstanceEventWindow", "http":{ @@ -2324,6 +2342,15 @@ "input":{"shape":"DescribeInstanceAttributeRequest"}, "output":{"shape":"InstanceAttribute"} }, + "DescribeInstanceConnectEndpoints":{ + "name":"DescribeInstanceConnectEndpoints", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeInstanceConnectEndpointsRequest"}, + "output":{"shape":"DescribeInstanceConnectEndpointsResult"} + }, "DescribeInstanceCreditSpecifications":{ "name":"DescribeInstanceCreditSpecifications", "http":{ @@ -10275,6 +10302,40 @@ } } }, + "CreateInstanceConnectEndpointRequest":{ + "type":"structure", + "required":["SubnetId"], + "members":{ + "DryRun":{"shape":"Boolean"}, + "SubnetId":{"shape":"SubnetId"}, + "SecurityGroupIds":{ + "shape":"SecurityGroupIdStringListRequest", + "locationName":"SecurityGroupId" + }, + "PreserveClientIp":{"shape":"Boolean"}, + "ClientToken":{ + "shape":"String", + "idempotencyToken":true + }, + "TagSpecifications":{ + "shape":"TagSpecificationList", + "locationName":"TagSpecification" + } + } + }, + "CreateInstanceConnectEndpointResult":{ + "type":"structure", + "members":{ + "InstanceConnectEndpoint":{ + "shape":"Ec2InstanceConnectEndpoint", + "locationName":"instanceConnectEndpoint" + }, + "ClientToken":{ + "shape":"String", + "locationName":"clientToken" + } + } + }, "CreateInstanceEventWindowRequest":{ "type":"structure", "members":{ @@ -12776,6 +12837,23 @@ } } }, + "DeleteInstanceConnectEndpointRequest":{ + "type":"structure", + "required":["InstanceConnectEndpointId"], + "members":{ + "DryRun":{"shape":"Boolean"}, + "InstanceConnectEndpointId":{"shape":"InstanceConnectEndpointId"} + } + }, + "DeleteInstanceConnectEndpointResult":{ + "type":"structure", + "members":{ + "InstanceConnectEndpoint":{ + "shape":"Ec2InstanceConnectEndpoint", + "locationName":"instanceConnectEndpoint" + } + } + }, "DeleteInstanceEventWindowRequest":{ "type":"structure", "required":["InstanceEventWindowId"], @@ -15538,6 +15616,35 @@ } } }, + "DescribeInstanceConnectEndpointsRequest":{ + "type":"structure", + "members":{ + "DryRun":{"shape":"Boolean"}, + "MaxResults":{"shape":"InstanceConnectEndpointMaxResults"}, + "NextToken":{"shape":"NextToken"}, + "Filters":{ + "shape":"FilterList", + "locationName":"Filter" + }, + "InstanceConnectEndpointIds":{ + "shape":"ValueStringList", + "locationName":"InstanceConnectEndpointId" + } + } + }, + "DescribeInstanceConnectEndpointsResult":{ + "type":"structure", + "members":{ + "InstanceConnectEndpoints":{ + "shape":"InstanceConnectEndpointSet", + "locationName":"instanceConnectEndpointSet" + }, + "NextToken":{ + "shape":"NextToken", + "locationName":"nextToken" + } + } + }, "DescribeInstanceCreditSpecificationsMaxResults":{ "type":"integer", "max":1000, @@ -19950,6 +20057,82 @@ "default" ] }, + "Ec2InstanceConnectEndpoint":{ + "type":"structure", + "members":{ + "OwnerId":{ + "shape":"String", + "locationName":"ownerId" + }, + "InstanceConnectEndpointId":{ + "shape":"InstanceConnectEndpointId", + "locationName":"instanceConnectEndpointId" + }, + "InstanceConnectEndpointArn":{ + "shape":"ResourceArn", + "locationName":"instanceConnectEndpointArn" + }, + "State":{ + "shape":"Ec2InstanceConnectEndpointState", + "locationName":"state" + }, + "StateMessage":{ + "shape":"String", + "locationName":"stateMessage" + }, + "DnsName":{ + "shape":"String", + "locationName":"dnsName" + }, + "FipsDnsName":{ + "shape":"String", + "locationName":"fipsDnsName" + }, + "NetworkInterfaceIds":{ + "shape":"NetworkInterfaceIdSet", + "locationName":"networkInterfaceIdSet" + }, + "VpcId":{ + "shape":"VpcId", + "locationName":"vpcId" + }, + "AvailabilityZone":{ + "shape":"String", + "locationName":"availabilityZone" + }, + "CreatedAt":{ + "shape":"MillisecondDateTime", + "locationName":"createdAt" + }, + "SubnetId":{ + "shape":"SubnetId", + "locationName":"subnetId" + }, + "PreserveClientIp":{ + "shape":"Boolean", + "locationName":"preserveClientIp" + }, + "SecurityGroupIds":{ + "shape":"SecurityGroupIdSet", + "locationName":"securityGroupIdSet" + }, + "Tags":{ + "shape":"TagList", + "locationName":"tagSet" + } + } + }, + "Ec2InstanceConnectEndpointState":{ + "type":"string", + "enum":[ + "create-in-progress", + "create-complete", + "create-failed", + "delete-in-progress", + "delete-complete", + "delete-failed" + ] + }, "EfaInfo":{ "type":"structure", "members":{ @@ -25285,6 +25468,19 @@ } } }, + "InstanceConnectEndpointId":{"type":"string"}, + "InstanceConnectEndpointMaxResults":{ + "type":"integer", + "max":50, + "min":1 + }, + "InstanceConnectEndpointSet":{ + "type":"list", + "member":{ + "shape":"Ec2InstanceConnectEndpoint", + "locationName":"item" + } + }, "InstanceCount":{ "type":"structure", "members":{ @@ -33133,6 +33329,13 @@ "locationName":"item" } }, + "NetworkInterfaceIdSet":{ + "type":"list", + "member":{ + "shape":"String", + "locationName":"item" + } + }, "NetworkInterfaceIpv6Address":{ "type":"structure", "members":{ @@ -36754,7 +36957,8 @@ "vpn-connection-device-type", "vpc-block-public-access-exclusion", "ipam-resource-discovery", - "ipam-resource-discovery-association" + "ipam-resource-discovery-association", + "instance-connect-endpoint" ] }, "ResponseError":{ @@ -38094,6 +38298,13 @@ "locationName":"item" } }, + "SecurityGroupIdSet":{ + "type":"list", + "member":{ + "shape":"SecurityGroupId", + "locationName":"item" + } + }, "SecurityGroupIdStringList":{ "type":"list", "member":{ @@ -38101,6 +38312,15 @@ "locationName":"SecurityGroupId" } }, + "SecurityGroupIdStringListRequest":{ + "type":"list", + "member":{ + "shape":"SecurityGroupId", + "locationName":"SecurityGroupId" + }, + "max":16, + "min":0 + }, "SecurityGroupIdentifier":{ "type":"structure", "members":{ diff --git a/models/apis/ec2/2016-11-15/docs-2.json b/models/apis/ec2/2016-11-15/docs-2.json index 5296f765d97..cfaa5fae72d 100755 --- a/models/apis/ec2/2016-11-15/docs-2.json +++ b/models/apis/ec2/2016-11-15/docs-2.json @@ -10,14 +10,14 @@ "AcceptVpcEndpointConnections": "

Accepts connection requests to your VPC endpoint service.

", "AcceptVpcPeeringConnection": "

Accept a VPC peering connection request. To accept a request, the VPC peering connection must be in the pending-acceptance state, and you must be the owner of the peer VPC. Use DescribeVpcPeeringConnections to view your outstanding VPC peering connection requests.

For an inter-Region VPC peering connection request, you must accept the VPC peering connection in the Region of the accepter VPC.

", "AdvertiseByoipCidr": "

Advertises an IPv4 or IPv6 address range that is provisioned for use with your Amazon Web Services resources through bring your own IP addresses (BYOIP).

You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.

We recommend that you stop advertising the BYOIP CIDR from other locations when you advertise it from Amazon Web Services. To minimize down time, you can configure your Amazon Web Services resources to use an address from a BYOIP CIDR before it is advertised, and then simultaneously stop advertising it from the current location and start advertising it through Amazon Web Services.

It can take a few minutes before traffic to the specified addresses starts routing to Amazon Web Services because of BGP propagation delays.

To stop advertising the BYOIP CIDR, use WithdrawByoipCidr.

", - "AllocateAddress": "

Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address pool and can be allocated to a different Amazon Web Services account.

You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.

[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an Elastic IP address that you released after it is allocated to another Amazon Web Services account. You cannot recover an Elastic IP address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.

An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "AllocateAddress": "

Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address pool and can be allocated to a different Amazon Web Services account.

You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.

If you release an Elastic IP address, you might be able to recover it. You cannot recover an Elastic IP address that you released after it is allocated to another Amazon Web Services account. To attempt to recover an Elastic IP address that you released, specify it in this operation.

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).

", "AllocateHosts": "

Allocates a Dedicated Host to your account. At a minimum, specify the supported instance type or instance family, the Availability Zone in which to allocate the host, and the number of hosts to allocate.

", - "AllocateIpamPoolCidr": "

Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.

This action creates an allocation with strong consistency. The returned CIDR will not overlap with any other allocations from the same pool.

", + "AllocateIpamPoolCidr": "

Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations.

In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide.

This action creates an allocation with strong consistency. The returned CIDR will not overlap with any other allocations from the same pool.

", "ApplySecurityGroupsToClientVpnTargetNetwork": "

Applies a security group to the association between the target network and the Client VPN endpoint. This action replaces the existing security groups with the specified security groups.

", "AssignIpv6Addresses": "

Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see IP Addresses Per Network Interface Per Instance Type in the Amazon Elastic Compute Cloud User Guide.

You must specify either the IPv6 addresses or the IPv6 address count in the request.

You can optionally use Prefix Delegation on the network interface. You must specify either the IPV6 Prefix Delegation prefixes, or the IPv6 Prefix Delegation count. For information, see Assigning prefixes to Amazon EC2 network interfaces in the Amazon Elastic Compute Cloud User Guide.

", "AssignPrivateIpAddresses": "

Assigns one or more secondary private IP addresses to the specified network interface.

You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see Instance Types in the Amazon Elastic Compute Cloud User Guide. For more information about Elastic IP addresses, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.

Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check network/interfaces/macs/mac/local-ipv4s in the instance metadata to confirm that the remapping is complete.

You must specify either the IP addresses or the IP address count in the request.

You can optionally use Prefix Delegation on the network interface. You must specify either the IPv4 Prefix Delegation prefixes, or the IPv4 Prefix Delegation count. For information, see Assigning prefixes to Amazon EC2 network interfaces in the Amazon Elastic Compute Cloud User Guide.

", "AssignPrivateNatGatewayAddress": "

Assigns one or more private IPv4 addresses to a private NAT gateway. For more information, see Work with NAT gateways in the Amazon Virtual Private Cloud User Guide.

", - "AssociateAddress": "

Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones) with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.

[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.

[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication carrier to the instance or network interface.

You cannot associate an Elastic IP address with an interface in a different network border group.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the Elastic IP Addresses section of Amazon EC2 Pricing.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "AssociateAddress": "

Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones) with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.

If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.

[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication carrier to the instance or network interface.

You cannot associate an Elastic IP address with an interface in a different network border group.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the Elastic IP Addresses section of Amazon EC2 Pricing.

", "AssociateClientVpnTargetNetwork": "

Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.

If you specified a VPC when you created the Client VPN endpoint or if you have previous subnet associations, the specified subnet must be in the same VPC. To specify a subnet that's in a different VPC, you must first modify the Client VPN endpoint (ModifyClientVpnEndpoint) and change the VPC that's associated with it.

", "AssociateDhcpOptions": "

Associates a set of DHCP options (that you've previously created) with the specified VPC, or associates no DHCP options with the VPC.

After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don't need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.

For more information, see DHCP options sets in the Amazon Virtual Private Cloud User Guide.

", "AssociateEnclaveCertificateIamRole": "

Associates an Identity and Access Management (IAM) role with an Certificate Manager (ACM) certificate. This enables the certificate to be used by the ACM for Nitro Enclaves application inside an enclave. For more information, see Certificate Manager for Nitro Enclaves in the Amazon Web Services Nitro Enclaves User Guide.

When the IAM role is associated with the ACM certificate, the certificate, certificate chain, and encrypted private key are placed in an Amazon S3 location that only the associated IAM role can access. The private key of the certificate is encrypted with an Amazon Web Services managed key that has an attached attestation-based key policy.

To enable the IAM role to access the Amazon S3 object, you must grant it permission to call s3:GetObject on the Amazon S3 bucket returned by the command. To enable the IAM role to access the KMS key, you must grant it permission to call kms:Decrypt on the KMS key returned by the command. For more information, see Grant the role permission to access the certificate and encryption key in the Amazon Web Services Nitro Enclaves User Guide.

", @@ -72,6 +72,7 @@ "CreateFlowLogs": "

Creates one or more flow logs to capture information about IP traffic for a specific network interface, subnet, or VPC.

Flow log data for a monitored network interface is recorded as flow log records, which are log events consisting of fields that describe the traffic flow. For more information, see Flow log records in the Amazon Virtual Private Cloud User Guide.

When publishing to CloudWatch Logs, flow log records are published to a log group, and each network interface has a unique log stream in the log group. When publishing to Amazon S3, flow log records for all of the monitored network interfaces are published to a single log file object that is stored in the specified bucket.

For more information, see VPC Flow Logs in the Amazon Virtual Private Cloud User Guide.

", "CreateFpgaImage": "

Creates an Amazon FPGA Image (AFI) from the specified design checkpoint (DCP).

The create operation is asynchronous. To verify that the AFI is ready for use, check the output logs.

An AFI contains the FPGA bitstream that is ready to download to an FPGA. You can securely deploy an AFI on multiple FPGA-accelerated instances. For more information, see the Amazon Web Services FPGA Hardware Development Kit.

", "CreateImage": "

Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or stopped.

By default, when Amazon EC2 creates the new AMI, it reboots the instance so that it can take snapshots of the attached volumes while data is at rest, in order to ensure a consistent state. You can set the NoReboot parameter to true in the API request, or use the --no-reboot option in the CLI to prevent Amazon EC2 from shutting down and rebooting the instance.

If you choose to bypass the shutdown and reboot process by setting the NoReboot parameter to true in the API request, or by using the --no-reboot option in the CLI, we can't guarantee the file system integrity of the created image.

If you customized your instance with instance store volumes or Amazon EBS volumes in addition to the root device volume, the new AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI, the instance automatically launches with those additional volumes.

For more information, see Create an Amazon EBS-backed Linux AMI in the Amazon Elastic Compute Cloud User Guide.

", + "CreateInstanceConnectEndpoint": "

Creates an EC2 Instance Connect Endpoint.

An EC2 Instance Connect Endpoint allows you to connect to a resource, without requiring the resource to have a public IPv4 address. For more information, see Connect to your resources without requiring a public IPv4 address using EC2 Instance Connect Endpoint in the Amazon EC2 User Guide.

", "CreateInstanceEventWindow": "

Creates an event window in which scheduled events for the associated Amazon EC2 instances can run.

You can define either a set of time ranges or a cron expression when creating the event window, but not both. All event window times are in UTC.

You can create up to 200 event windows per Amazon Web Services Region.

When you create the event window, targets (instance IDs, Dedicated Host IDs, or tags) are not yet associated with it. To ensure that the event window can be used, you must associate one or more targets with it by using the AssociateInstanceEventWindow API.

Event windows are applicable only for scheduled events that stop, reboot, or terminate instances.

Event windows are not applicable for:

For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.

", "CreateInstanceExportTask": "

Exports a running or stopped instance to an Amazon S3 bucket.

For information about the supported operating systems, image formats, and known limitations for the types of instances you can export, see Exporting an instance as a VM Using VM Import/Export in the VM Import/Export User Guide.

", "CreateInternetGateway": "

Creates an internet gateway for use with a VPC. After creating the internet gateway, you attach it to a VPC using AttachInternetGateway.

For more information about your VPC and internet gateway, see the Amazon Virtual Private Cloud User Guide.

", @@ -148,6 +149,7 @@ "DeleteFleets": "

Deletes the specified EC2 Fleets.

After you delete an EC2 Fleet, it launches no new instances.

You must also specify whether a deleted EC2 Fleet should terminate its instances. If you choose to terminate the instances, the EC2 Fleet enters the deleted_terminating state. Otherwise, the EC2 Fleet enters the deleted_running state, and the instances continue to run until they are interrupted or you terminate them manually.

For instant fleets, EC2 Fleet must terminate the instances when the fleet is deleted. A deleted instant fleet with running instances is not supported.

Restrictions

For more information, see Delete an EC2 Fleet in the Amazon EC2 User Guide.

", "DeleteFlowLogs": "

Deletes one or more flow logs.

", "DeleteFpgaImage": "

Deletes the specified Amazon FPGA Image (AFI).

", + "DeleteInstanceConnectEndpoint": "

Deletes the specified EC2 Instance Connect Endpoint.

", "DeleteInstanceEventWindow": "

Deletes the specified event window.

For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.

", "DeleteInternetGateway": "

Deletes the specified internet gateway. You must detach the internet gateway from the VPC before you can delete it.

", "DeleteIpam": "

Delete an IPAM. Deleting an IPAM removes all monitored data associated with the IPAM including the historical data for CIDRs.

For more information, see Delete an IPAM in the Amazon VPC IPAM User Guide.

", @@ -218,8 +220,8 @@ "DeregisterTransitGatewayMulticastGroupMembers": "

Deregisters the specified members (network interfaces) from the transit gateway multicast group.

", "DeregisterTransitGatewayMulticastGroupSources": "

Deregisters the specified sources (network interfaces) from the transit gateway multicast group.

", "DescribeAccountAttributes": "

Describes attributes of your Amazon Web Services account. The following are the supported account attributes:

We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide.

", - "DescribeAddressTransfers": "

Describes an Elastic IP address transfer. For more information, see Transfer Elastic IP addresses in the Amazon Virtual Private Cloud User Guide.

", - "DescribeAddresses": "

Describes the specified Elastic IP addresses or all of your Elastic IP addresses.

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "DescribeAddressTransfers": "

Describes an Elastic IP address transfer. For more information, see Transfer Elastic IP addresses in the Amazon Virtual Private Cloud User Guide.

When you transfer an Elastic IP address, there is a two-step handshake between the source and transfer Amazon Web Services accounts. When the source account starts the transfer, the transfer account has seven days to accept the Elastic IP address transfer. During those seven days, the source account can view the pending transfer by using this action. After seven days, the transfer expires and ownership of the Elastic IP address returns to the source account. Accepted transfers are visible to the source account for three days after the transfers have been accepted.

", + "DescribeAddresses": "

Describes the specified Elastic IP addresses or all of your Elastic IP addresses.

", "DescribeAddressesAttribute": "

Describes the attributes of the specified Elastic IP addresses. For requirements, see Using reverse DNS for email applications.

", "DescribeAggregateIdFormat": "

Describes the longer ID format settings for all resource types in a specific Region. This request is useful for performing a quick audit to determine whether a specific Region is fully opted in for longer IDs (17-character IDs).

This request only returns information about resource types that support longer IDs.

The following resource types support longer IDs: bundle | conversion-task | customer-gateway | dhcp-options | elastic-ip-allocation | elastic-ip-association | export-task | flow-log | image | import-task | instance | internet-gateway | network-acl | network-acl-association | network-interface | network-interface-attachment | prefix-list | reservation | route-table | route-table-association | security-group | snapshot | subnet | subnet-cidr-block-association | volume | vpc | vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.

", "DescribeAvailabilityZones": "

Describes the Availability Zones, Local Zones, and Wavelength Zones that are available to you. If there is an event impacting a zone, you can use this request to view the state and any provided messages for that zone.

For more information about Availability Zones, Local Zones, and Wavelength Zones, see Regions and zones in the Amazon Elastic Compute Cloud User Guide.

", @@ -262,6 +264,7 @@ "DescribeImportImageTasks": "

Displays details about an import virtual machine or import snapshot tasks that are already created.

", "DescribeImportSnapshotTasks": "

Describes your import snapshot tasks.

", "DescribeInstanceAttribute": "

Describes the specified attribute of the specified instance. You can specify only one attribute at a time. Valid attribute values are: instanceType | kernel | ramdisk | userData | disableApiTermination | instanceInitiatedShutdownBehavior | rootDeviceName | blockDeviceMapping | productCodes | sourceDestCheck | groupSet | ebsOptimized | sriovNetSupport

", + "DescribeInstanceConnectEndpoints": "

Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance Connect Endpoints.

", "DescribeInstanceCreditSpecifications": "

Describes the credit option for CPU usage of the specified burstable performance instances. The credit options are standard and unlimited.

If you do not specify an instance ID, Amazon EC2 returns burstable performance instances with the unlimited credit option, as well as instances that were previously configured as T2, T3, and T3a with the unlimited credit option. For example, if you resize a T2 instance, while it is configured as unlimited, to an M4 instance, Amazon EC2 returns the M4 instance.

If you specify one or more instance IDs, Amazon EC2 returns the credit option (standard or unlimited) of those instances. If you specify an instance ID that is not valid, such as an instance that is not a burstable performance instance, an error is returned.

Recently terminated instances might appear in the returned results. This interval is usually less than one hour.

If an Availability Zone is experiencing a service disruption and you specify instance IDs in the affected zone, or do not specify any instance IDs at all, the call fails. If you specify only instance IDs in an unaffected zone, the call works normally.

For more information, see Burstable performance instances in the Amazon EC2 User Guide.

", "DescribeInstanceEventNotificationAttributes": "

Describes the tag keys that are registered to appear in scheduled event notifications for resources in the current Region.

", "DescribeInstanceEventWindows": "

Describes the specified event windows or all event windows.

If you specify event window IDs, the output includes information for only the specified event windows. If you specify filters, the output includes information for only those event windows that meet the filter criteria. If you do not specify event windows IDs or filters, the output includes information for all event windows, which can affect performance. We recommend that you use pagination to ensure that the operation returns quickly and successfully.

For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.

", @@ -286,7 +289,7 @@ "DescribeLocalGatewayVirtualInterfaces": "

Describes the specified local gateway virtual interfaces.

", "DescribeLocalGateways": "

Describes one or more local gateways. By default, all local gateways are described. Alternatively, you can filter the results.

", "DescribeManagedPrefixLists": "

Describes your managed prefix lists and any Amazon Web Services-managed prefix lists.

To view the entries for your prefix list, use GetManagedPrefixListEntries.

", - "DescribeMovingAddresses": "

Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, or that are being restored to the EC2-Classic platform. This request does not return information about any other Elastic IP addresses in your account.

", + "DescribeMovingAddresses": "

This action is deprecated.

Describes your Elastic IP addresses that are being moved from or being restored to the EC2-Classic platform. This request does not return information about any other Elastic IP addresses in your account.

", "DescribeNatGateways": "

Describes one or more of your NAT gateways.

", "DescribeNetworkAcls": "

Describes one or more of your network ACLs.

For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.

", "DescribeNetworkInsightsAccessScopeAnalyses": "

Describes the specified Network Access Scope analyses.

", @@ -379,7 +382,7 @@ "DisableVgwRoutePropagation": "

Disables a virtual private gateway (VGW) from propagating routes to a specified route table of a VPC.

", "DisableVpcClassicLink": "

Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC that has EC2-Classic instances linked to it.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", "DisableVpcClassicLinkDnsSupport": "

Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see ClassicLink in the Amazon Elastic Compute Cloud User Guide.

You must specify a VPC ID in the request.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", - "DisassociateAddress": "

Disassociates an Elastic IP address from the instance or network interface it's associated with.

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

", + "DisassociateAddress": "

Disassociates an Elastic IP address from the instance or network interface it's associated with.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

", "DisassociateClientVpnTargetNetwork": "

Disassociates a target network from the specified Client VPN endpoint. When you disassociate the last target network from a Client VPN, the following happens:

", "DisassociateEnclaveCertificateIamRole": "

Disassociates an IAM role from an Certificate Manager (ACM) certificate. Disassociating an IAM role from an ACM certificate removes the Amazon S3 object that contains the certificate, certificate chain, and encrypted private key from the Amazon S3 bucket. It also revokes the IAM role's permission to use the KMS key used to encrypt the private key. This effectively revokes the role's permission to use the certificate.

", "DisassociateIamInstanceProfile": "

Disassociates an IAM instance profile from a running or stopped instance.

Use DescribeIamInstanceProfileAssociations to get the association ID.

", @@ -429,7 +432,7 @@ "GetIpamAddressHistory": "

Retrieve historical information about a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.

", "GetIpamDiscoveredAccounts": "

Gets IPAM discovered accounts. A discovered account is an Amazon Web Services account that is monitored under a resource discovery. If you have integrated IPAM with Amazon Web Services Organizations, all accounts in the organization are discovered accounts. Only the IPAM account can get all discovered accounts in the organization.

", "GetIpamDiscoveredResourceCidrs": "

Returns the resource CIDRs that are monitored as part of a resource discovery. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses.

", - "GetIpamPoolAllocations": "

Get a list of all the CIDR allocations in an IPAM pool.

If you use this action after AllocateIpamPoolCidr or ReleaseIpamPoolAllocation, note that all EC2 API actions follow an eventual consistency model.

", + "GetIpamPoolAllocations": "

Get a list of all the CIDR allocations in an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations.

If you use this action after AllocateIpamPoolCidr or ReleaseIpamPoolAllocation, note that all EC2 API actions follow an eventual consistency model.

", "GetIpamPoolCidrs": "

Get the CIDRs provisioned to an IPAM pool.

", "GetIpamResourceCidrs": "

Returns resource CIDRs managed by IPAM in a given scope. If an IPAM is associated with more than one resource discovery, the resource CIDRs across all of the resource discoveries is returned. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.

", "GetLaunchTemplateData": "

Retrieves the configuration data of the specified instance. You can use this data to create a launch template.

This action calls on other describe actions to get instance information. Depending on your instance configuration, you may need to allow the following actions in your IAM policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications, DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, you can allow describe* depending on your instance requirements.

", @@ -527,7 +530,7 @@ "ModifyVpnTunnelCertificate": "

Modifies the VPN tunnel endpoint certificate.

", "ModifyVpnTunnelOptions": "

Modifies the options for a VPN tunnel in an Amazon Web Services Site-to-Site VPN connection. You can modify multiple options for a tunnel in a single request, but you can only modify one tunnel at a time. For more information, see Site-to-Site VPN tunnel options for your Site-to-Site VPN connection in the Amazon Web Services Site-to-Site VPN User Guide.

", "MonitorInstances": "

Enables detailed monitoring for a running instance. Otherwise, basic monitoring is enabled. For more information, see Monitor your instances using CloudWatch in the Amazon EC2 User Guide.

To disable detailed monitoring, see UnmonitorInstances.

", - "MoveAddressToVpc": "

Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The Elastic IP address must be allocated to your account for more than 24 hours, and it must not be associated with an instance. After the Elastic IP address is moved, it is no longer available for use in the EC2-Classic platform, unless you move it back using the RestoreAddressToClassic request. You cannot move an Elastic IP address that was originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "MoveAddressToVpc": "

This action is deprecated.

Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The Elastic IP address must be allocated to your account for more than 24 hours, and it must not be associated with an instance. After the Elastic IP address is moved, it is no longer available for use in the EC2-Classic platform, unless you move it back using the RestoreAddressToClassic request. You cannot move an Elastic IP address that was originally allocated for use in the EC2-VPC platform to the EC2-Classic platform.

", "MoveByoipCidrToIpam": "

Move a BYOIPv4 CIDR to IPAM from a public IPv4 pool.

If you already have a BYOIPv4 CIDR with Amazon Web Services, you can move the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR to IPAM. If you are bringing a new IP address to Amazon Web Services for the first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM.

", "ProvisionByoipCidr": "

Provisions an IPv4 or IPv6 address range for use with your Amazon Web Services resources through bring your own IP addresses (BYOIP) and creates a corresponding address pool. After the address range is provisioned, it is ready to be advertised using AdvertiseByoipCidr.

Amazon Web Services verifies that you own the address range and are authorized to advertise it. You must ensure that the address range is registered to you and that you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise the address range. For more information, see Bring your own IP addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.

Provisioning an address range is an asynchronous operation, so the call returns immediately, but the address range is not ready to use until its status changes from pending-provision to provisioned. To monitor the status of an address range, use DescribeByoipCidrs. To allocate an Elastic IP address from your IPv4 address pool, use AllocateAddress with either the specific address from the address pool or the ID of the address pool.

", "ProvisionIpamPoolCidr": "

Provision a CIDR to an IPAM pool. You can use this action to provision new CIDRs to a top-level pool or to transfer a CIDR from a top-level pool to a pool within it.

For more information, see Provision CIDRs to pools in the Amazon VPC IPAM User Guide.

", @@ -545,9 +548,9 @@ "RejectTransitGatewayVpcAttachment": "

Rejects a request to attach a VPC to a transit gateway.

The VPC attachment must be in the pendingAcceptance state. Use DescribeTransitGatewayVpcAttachments to view your pending VPC attachment requests. Use AcceptTransitGatewayVpcAttachment to accept a VPC attachment request.

", "RejectVpcEndpointConnections": "

Rejects VPC endpoint connection requests to your VPC endpoint service.

", "RejectVpcPeeringConnection": "

Rejects a VPC peering connection request. The VPC peering connection must be in the pending-acceptance state. Use the DescribeVpcPeeringConnections request to view your outstanding VPC peering connection requests. To delete an active VPC peering connection, or to delete a VPC peering connection request that you initiated, use DeleteVpcPeeringConnection.

", - "ReleaseAddress": "

Releases the specified Elastic IP address.

[EC2-Classic, default VPC] Releasing an Elastic IP address automatically disassociates it from any instance that it's associated with. To disassociate an Elastic IP address without releasing it, use DisassociateAddress.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).

After releasing an Elastic IP address, it is released to the IP address pool. Be sure to update your DNS records and any servers or devices that communicate with the address. If you attempt to release an Elastic IP address that you already released, you'll get an AuthFailure error if the address is already allocated to another Amazon Web Services account.

[EC2-VPC] After you release an Elastic IP address for use in a VPC, you might be able to recover it. For more information, see AllocateAddress.

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.

", + "ReleaseAddress": "

Releases the specified Elastic IP address.

[Default VPC] Releasing an Elastic IP address automatically disassociates it from any instance that it's associated with. To disassociate an Elastic IP address without releasing it, use DisassociateAddress.

[Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP address before you can release it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse).

After releasing an Elastic IP address, it is released to the IP address pool. Be sure to update your DNS records and any servers or devices that communicate with the address. If you attempt to release an Elastic IP address that you already released, you'll get an AuthFailure error if the address is already allocated to another Amazon Web Services account.

After you release an Elastic IP address, you might be able to recover it. For more information, see AllocateAddress.

", "ReleaseHosts": "

When you no longer want to use an On-Demand Dedicated Host it can be released. On-Demand billing is stopped and the host goes into released state. The host ID of Dedicated Hosts that have been released can no longer be specified in another request, for example, to modify the host. You must stop or terminate all instances on a host before it can be released.

When Dedicated Hosts are released, it may take some time for them to stop counting toward your limit and you may receive capacity errors when trying to allocate new Dedicated Hosts. Wait a few minutes and then try again.

Released hosts still appear in a DescribeHosts response.

", - "ReleaseIpamPoolAllocation": "

Release an allocation within an IPAM pool. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.

All EC2 API actions follow an eventual consistency model.

", + "ReleaseIpamPoolAllocation": "

Release an allocation within an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations. You can only use this action to release manual allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon VPC IPAM User Guide.

All EC2 API actions follow an eventual consistency model.

", "ReplaceIamInstanceProfileAssociation": "

Replaces an IAM instance profile for the specified running instance. You can use this action to change the IAM instance profile that's associated with an instance without having to disassociate the existing IAM instance profile first.

Use DescribeIamInstanceProfileAssociations to get the association ID.

", "ReplaceNetworkAclAssociation": "

Changes which network ACL a subnet is associated with. By default when you create a subnet, it's automatically associated with the default network ACL. For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.

This is an idempotent operation.

", "ReplaceNetworkAclEntry": "

Replaces an entry (rule) in a network ACL. For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.

", @@ -565,7 +568,7 @@ "ResetInstanceAttribute": "

Resets an attribute of an instance to its default value. To reset the kernel or ramdisk, the instance must be in a stopped state. To reset the sourceDestCheck, the instance can be either running or stopped.

The sourceDestCheck attribute controls whether source/destination checking is enabled. The default value is true, which means checking is enabled. This value must be false for a NAT instance to perform NAT. For more information, see NAT Instances in the Amazon VPC User Guide.

", "ResetNetworkInterfaceAttribute": "

Resets a network interface attribute. You can specify only one attribute at a time.

", "ResetSnapshotAttribute": "

Resets permission settings for the specified snapshot.

For more information about modifying snapshot permissions, see Share a snapshot in the Amazon Elastic Compute Cloud User Guide.

", - "RestoreAddressToClassic": "

Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "RestoreAddressToClassic": "

This action is deprecated.

Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.

", "RestoreImageFromRecycleBin": "

Restores an AMI from the Recycle Bin. For more information, see Recycle Bin in the Amazon EC2 User Guide.

", "RestoreManagedPrefixListVersion": "

Restores the entries from a previous version of a managed prefix list to a new version of the prefix list.

", "RestoreSnapshotFromRecycleBin": "

Restores a snapshot from the Recycle Bin. For more information, see Restore snapshots from the Recycle Bin in the Amazon Elastic Compute Cloud User Guide.

", @@ -992,12 +995,12 @@ "AddressAttribute$AllocationId": "

[EC2-VPC] The allocation ID.

", "AllocationIdList$member": null, "AllocationIds$member": null, - "AssociateAddressRequest$AllocationId": "

[EC2-VPC] The allocation ID. This is required for EC2-VPC.

", + "AssociateAddressRequest$AllocationId": "

The allocation ID. This is required.

", "CreateNatGatewayRequest$AllocationId": "

[Public NAT gateways only] The allocation ID of an Elastic IP address to associate with the NAT gateway. You cannot specify an Elastic IP address with a private NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.

", "DisableAddressTransferRequest$AllocationId": "

The allocation ID of an Elastic IP address.

", "EnableAddressTransferRequest$AllocationId": "

The allocation ID of an Elastic IP address.

", "ModifyAddressAttributeRequest$AllocationId": "

[EC2-VPC] The allocation ID.

", - "ReleaseAddressRequest$AllocationId": "

[EC2-VPC] The allocation ID. Required for EC2-VPC.

", + "ReleaseAddressRequest$AllocationId": "

The allocation ID. This parameter is required.

", "ResetAddressAttributeRequest$AllocationId": "

[EC2-VPC] The allocation ID.

" } }, @@ -1007,7 +1010,7 @@ "AssociateNatGatewayAddressRequest$AllocationIds": "

The allocation IDs of EIPs that you want to associate with your NAT gateway.

", "CreateNatGatewayRequest$SecondaryAllocationIds": "

Secondary EIP allocation IDs. For more information about secondary addresses, see Create a NAT gateway in the Amazon Virtual Private Cloud User Guide.

", "DescribeAddressTransfersRequest$AllocationIds": "

The allocation IDs of Elastic IP addresses.

", - "DescribeAddressesRequest$AllocationIds": "

[EC2-VPC] Information about the allocation IDs.

" + "DescribeAddressesRequest$AllocationIds": "

Information about the allocation IDs.

" } }, "AllocationIds": { @@ -1875,7 +1878,7 @@ "ApplySecurityGroupsToClientVpnTargetNetworkRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "AssignPrivateIpAddressesRequest$AllowReassignment": "

Indicates whether to allow an IP address that is already assigned to another network interface or instance to be reassigned to the specified network interface.

", "AssignPrivateNatGatewayAddressRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", - "AssociateAddressRequest$AllowReassociation": "

[EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic IP address that is already associated with an instance or network interface to be reassociated with the specified instance or network interface. Otherwise, the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, therefore you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.

", + "AssociateAddressRequest$AllowReassociation": "

Reassociation is automatic, but you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.

", "AssociateAddressRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "AssociateClientVpnTargetNetworkRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "AssociateDhcpOptionsRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", @@ -1961,6 +1964,8 @@ "CreateFpgaImageRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "CreateImageRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "CreateImageRequest$NoReboot": "

By default, when Amazon EC2 creates the new AMI, it reboots the instance so that it can take snapshots of the attached volumes while data is at rest, in order to ensure a consistent state. You can set the NoReboot parameter to true in the API request, or use the --no-reboot option in the CLI to prevent Amazon EC2 from shutting down and rebooting the instance.

If you choose to bypass the shutdown and reboot process by setting the NoReboot parameter to true in the API request, or by using the --no-reboot option in the CLI, we can't guarantee the file system integrity of the created image.

Default: false (follow standard reboot process)

", + "CreateInstanceConnectEndpointRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", + "CreateInstanceConnectEndpointRequest$PreserveClientIp": "

Indicates whether your client's IP address is preserved as the source. The value is true or false.

Default: true

", "CreateInstanceEventWindowRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "CreateInternetGatewayRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "CreateIpamPoolRequest$DryRun": "

A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", @@ -2051,6 +2056,7 @@ "DeleteFlowLogsRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DeleteFpgaImageRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DeleteFpgaImageResult$Return": "

Is true if the request succeeds, and an error otherwise.

", + "DeleteInstanceConnectEndpointRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DeleteInstanceEventWindowRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DeleteInstanceEventWindowRequest$ForceDelete": "

Specify true to force delete the event window. Use the force delete parameter if the event window is currently associated with targets.

", "DeleteInternetGatewayRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", @@ -2168,6 +2174,7 @@ "DescribeImportImageTasksRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DescribeImportSnapshotTasksRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DescribeInstanceAttributeRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", + "DescribeInstanceConnectEndpointsRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DescribeInstanceCreditSpecificationsRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DescribeInstanceEventNotificationAttributesRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", "DescribeInstanceEventWindowsRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", @@ -2319,6 +2326,7 @@ "EbsBlockDevice$Encrypted": "

Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to true depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide.

In no case can you remove encryption from an encrypted volume.

Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see Supported instance types.

This parameter is not returned by DescribeImageAttribute.

For CreateImage and RegisterImage, whether you can include this parameter, and the allowed values differ depending on the type of block device mapping you are creating.

", "EbsInstanceBlockDevice$DeleteOnTermination": "

Indicates whether the volume is deleted on instance termination.

", "EbsInstanceBlockDeviceSpecification$DeleteOnTermination": "

Indicates whether the volume is deleted on instance termination.

", + "Ec2InstanceConnectEndpoint$PreserveClientIp": "

Indicates whether your client's IP address is preserved as the source. The value is true or false.

Default: true

", "EnaSrdSpecification$EnaSrdEnabled": "

Indicates whether ENA Express is enabled for the network interface.

", "EnaSrdUdpSpecification$EnaSrdUdpEnabled": "

Indicates whether UDP traffic uses ENA Express. To specify this setting, you must first enable ENA Express.

", "EnableAddressTransferRequest$DryRun": "

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

", @@ -4020,6 +4028,16 @@ "refs": { } }, + "CreateInstanceConnectEndpointRequest": { + "base": null, + "refs": { + } + }, + "CreateInstanceConnectEndpointResult": { + "base": null, + "refs": { + } + }, "CreateInstanceEventWindowRequest": { "base": null, "refs": { @@ -5119,6 +5137,16 @@ "refs": { } }, + "DeleteInstanceConnectEndpointRequest": { + "base": null, + "refs": { + } + }, + "DeleteInstanceConnectEndpointResult": { + "base": null, + "refs": { + } + }, "DeleteInstanceEventWindowRequest": { "base": null, "refs": { @@ -6376,6 +6404,16 @@ "refs": { } }, + "DescribeInstanceConnectEndpointsRequest": { + "base": null, + "refs": { + } + }, + "DescribeInstanceConnectEndpointsResult": { + "base": null, + "refs": { + } + }, "DescribeInstanceCreditSpecificationsMaxResults": { "base": null, "refs": { @@ -8111,9 +8149,9 @@ "DomainType": { "base": null, "refs": { - "Address$Domain": "

Indicates whether this Elastic IP address is for use with instances in EC2-Classic (standard) or instances in a VPC (vpc).

", - "AllocateAddressRequest$Domain": "

Indicates whether the Elastic IP address is for use with instances in a VPC or instances in EC2-Classic.

Default: If the Region supports EC2-Classic, the default is standard. Otherwise, the default is vpc.

", - "AllocateAddressResult$Domain": "

Indicates whether the Elastic IP address is for use with instances in a VPC (vpc) or instances in EC2-Classic (standard).

" + "Address$Domain": "

The network (vpc).

", + "AllocateAddressRequest$Domain": "

The network (vpc).

", + "AllocateAddressResult$Domain": "

The network (vpc).

" } }, "Double": { @@ -8224,6 +8262,20 @@ "EbsInfo$EbsOptimizedSupport": "

Indicates whether the instance type is Amazon EBS-optimized. For more information, see Amazon EBS-optimized instances in Amazon EC2 User Guide.

" } }, + "Ec2InstanceConnectEndpoint": { + "base": "

The EC2 Instance Connect Endpoint.

", + "refs": { + "CreateInstanceConnectEndpointResult$InstanceConnectEndpoint": "

Information about the EC2 Instance Connect Endpoint.

", + "DeleteInstanceConnectEndpointResult$InstanceConnectEndpoint": "

Information about the EC2 Instance Connect Endpoint.

", + "InstanceConnectEndpointSet$member": null + } + }, + "Ec2InstanceConnectEndpointState": { + "base": null, + "refs": { + "Ec2InstanceConnectEndpoint$State": "

The current state of the EC2 Instance Connect Endpoint.

" + } + }, "EfaInfo": { "base": "

Describes the Elastic Fabric Adapters for the instance type.

", "refs": { @@ -8268,8 +8320,8 @@ "EipAllocationPublicIp": { "base": null, "refs": { - "AssociateAddressRequest$PublicIp": "

[EC2-Classic] The Elastic IP address to associate with the instance. This is required for EC2-Classic.

", - "DisassociateAddressRequest$PublicIp": "

[EC2-Classic] The Elastic IP address. Required for EC2-Classic.

" + "AssociateAddressRequest$PublicIp": "

Deprecated.

", + "DisassociateAddressRequest$PublicIp": "

Deprecated.

" } }, "EipAssociationIdList": { @@ -8397,7 +8449,7 @@ "ElasticIpAssociationId": { "base": null, "refs": { - "DisassociateAddressRequest$AssociationId": "

[EC2-VPC] The association ID. Required for EC2-VPC.

", + "DisassociateAddressRequest$AssociationId": "

The association ID. This parameter is required.

", "EipAssociationIdList$member": null } }, @@ -8938,7 +8990,7 @@ "FilterList": { "base": null, "refs": { - "DescribeAddressesRequest$Filters": "

One or more filters. Filter names and values are case-sensitive.

", + "DescribeAddressesRequest$Filters": "

One or more filters. Filter names and values are case-sensitive.

", "DescribeAvailabilityZonesRequest$Filters": "

The filters.

", "DescribeAwsNetworkPerformanceMetricSubscriptionsRequest$Filters": "

One or more filters.

", "DescribeBundleTasksRequest$Filters": "

The filters.

", @@ -8971,6 +9023,7 @@ "DescribeImagesRequest$Filters": "

The filters.

", "DescribeImportImageTasksRequest$Filters": "

Filter tasks using the task-state filter and one of the following values: active, completed, deleting, or deleted.

", "DescribeImportSnapshotTasksRequest$Filters": "

The filters.

", + "DescribeInstanceConnectEndpointsRequest$Filters": "

One or more filters.

", "DescribeInstanceCreditSpecificationsRequest$Filters": "

The filters.

", "DescribeInstanceEventWindowsRequest$Filters": "

One or more filters.

", "DescribeInstanceStatusRequest$Filters": "

The filters.

", @@ -10711,6 +10764,25 @@ "AvailableInstanceCapacityList$member": null } }, + "InstanceConnectEndpointId": { + "base": null, + "refs": { + "DeleteInstanceConnectEndpointRequest$InstanceConnectEndpointId": "

The ID of the EC2 Instance Connect Endpoint to delete.

", + "Ec2InstanceConnectEndpoint$InstanceConnectEndpointId": "

The ID of the EC2 Instance Connect Endpoint.

" + } + }, + "InstanceConnectEndpointMaxResults": { + "base": null, + "refs": { + "DescribeInstanceConnectEndpointsRequest$MaxResults": "

The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.

" + } + }, + "InstanceConnectEndpointSet": { + "base": null, + "refs": { + "DescribeInstanceConnectEndpointsResult$InstanceConnectEndpoints": "

Information about the EC2 Instance Connect Endpoints.

" + } + }, "InstanceCount": { "base": "

Describes a Reserved Instance listing state.

", "refs": { @@ -10886,7 +10958,7 @@ "InstanceId": { "base": null, "refs": { - "AssociateAddressRequest$InstanceId": "

The ID of the instance. The instance must have exactly one attached network interface. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. For EC2-Classic, you must specify an instance ID and the instance must be in the running state.

", + "AssociateAddressRequest$InstanceId": "

The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.

", "AssociateIamInstanceProfileRequest$InstanceId": "

The ID of the instance.

", "AttachClassicLinkVpcRequest$InstanceId": "

The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC.

", "AttachNetworkInterfaceRequest$InstanceId": "

The ID of the instance.

", @@ -13729,6 +13801,7 @@ "DisableFastSnapshotRestoreSuccessItem$EnabledTime": "

The time at which fast snapshot restores entered the enabled state.

", "DisableFastSnapshotRestoreSuccessItem$DisablingTime": "

The time at which fast snapshot restores entered the disabling state.

", "DisableFastSnapshotRestoreSuccessItem$DisabledTime": "

The time at which fast snapshot restores entered the disabled state.

", + "Ec2InstanceConnectEndpoint$CreatedAt": "

The date and time that the EC2 Instance Connect Endpoint was created.

", "EnableFastLaunchResult$StateTransitionTime": "

The time that the state changed for faster launching for the Windows AMI.

", "EnableFastSnapshotRestoreSuccessItem$EnablingTime": "

The time at which fast snapshot restores entered the enabling state.

", "EnableFastSnapshotRestoreSuccessItem$OptimizingTime": "

The time at which fast snapshot restores entered the optimizing state.

", @@ -14469,11 +14542,11 @@ "MoveStatus": { "base": null, "refs": { - "MovingAddressStatus$MoveStatus": "

The status of the Elastic IP address that's being moved to the EC2-VPC platform, or restored to the EC2-Classic platform.

" + "MovingAddressStatus$MoveStatus": "

The status of the Elastic IP address that's being moved or restored.

" } }, "MovingAddressStatus": { - "base": "

Describes the status of a moving Elastic IP address.

We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.

", + "base": "

This action is deprecated.

Describes the status of a moving Elastic IP address.

", "refs": { "MovingAddressStatusSet$member": null } @@ -14863,7 +14936,7 @@ "NetworkInterfaceCreationType": { "base": null, "refs": { - "CreateNetworkInterfaceRequest$InterfaceType": "

The type of network interface. The default is interface.

The only supported values are efa and trunk.

" + "CreateNetworkInterfaceRequest$InterfaceType": "

The type of network interface. The default is interface.

The only supported values are interface, efa, and trunk.

" } }, "NetworkInterfaceId": { @@ -14871,7 +14944,7 @@ "refs": { "AssignIpv6AddressesRequest$NetworkInterfaceId": "

The ID of the network interface.

", "AssignPrivateIpAddressesRequest$NetworkInterfaceId": "

The ID of the network interface.

", - "AssociateAddressRequest$NetworkInterfaceId": "

[EC2-VPC] The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.

For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both.

", + "AssociateAddressRequest$NetworkInterfaceId": "

The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.

You can specify either the instance ID or the network interface ID, but not both.

", "AssociateTrunkInterfaceRequest$BranchInterfaceId": "

The ID of the branch network interface.

", "AssociateTrunkInterfaceRequest$TrunkInterfaceId": "

The ID of the trunk network interface.

", "AttachNetworkInterfaceRequest$NetworkInterfaceId": "

The ID of the network interface.

", @@ -14905,6 +14978,12 @@ "DescribeNetworkInterfacesRequest$NetworkInterfaceIds": "

The network interface IDs.

Default: Describes all your network interfaces.

" } }, + "NetworkInterfaceIdSet": { + "base": null, + "refs": { + "Ec2InstanceConnectEndpoint$NetworkInterfaceIds": "

The ID of the elastic network interface that Amazon EC2 automatically created when creating the EC2 Instance Connect Endpoint.

" + } + }, "NetworkInterfaceIpv6Address": { "base": "

Describes an IPv6 address associated with a network interface.

", "refs": { @@ -15031,6 +15110,8 @@ "DescribeFpgaImagesResult$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", "DescribeIamInstanceProfileAssociationsRequest$NextToken": "

The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.

", "DescribeIamInstanceProfileAssociationsResult$NextToken": "

The token to include in another request to get the next page of items. This value is null when there are no more items to return.

", + "DescribeInstanceConnectEndpointsRequest$NextToken": "

The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.

", + "DescribeInstanceConnectEndpointsResult$NextToken": "

The token to include in another request to get the next page of items. This value is null when there are no more items to return.

", "DescribeInstanceTypeOfferingsRequest$NextToken": "

The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.

", "DescribeInstanceTypeOfferingsResult$NextToken": "

The token to include in another request to get the next page of items. This value is null when there are no more items to return.

", "DescribeInstanceTypesRequest$NextToken": "

The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.

", @@ -16007,7 +16088,7 @@ "base": null, "refs": { "AddressAttribute$PublicIp": "

The public IP address.

", - "AllocateAddressRequest$Address": "

[EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address pool.

" + "AllocateAddressRequest$Address": "

The Elastic IP address to recover or an IPv4 address from an address pool.

" } }, "PublicIpStringList": { @@ -16813,6 +16894,7 @@ "ArnList$member": null, "AssociatedRole$AssociatedRoleArn": "

The ARN of the associated IAM role.

", "CoipPool$PoolArn": "

The ARN of the address pool.

", + "Ec2InstanceConnectEndpoint$InstanceConnectEndpointArn": "

The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint.

", "Explanation$LoadBalancerArn": "

The Amazon Resource Name (ARN) of the load balancer.

", "FirewallStatefulRule$RuleGroupArn": "

The ARN of the stateful rule group.

", "FirewallStatelessRule$RuleGroupArn": "

The ARN of the stateless rule group.

", @@ -17392,7 +17474,9 @@ "RevokeSecurityGroupIngressRequest$GroupId": "

The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.

", "ScheduledInstancesSecurityGroupIdSet$member": null, "SecurityGroupIdList$member": null, + "SecurityGroupIdSet$member": null, "SecurityGroupIdStringList$member": null, + "SecurityGroupIdStringListRequest$member": null, "SecurityGroupRule$GroupId": "

The ID of the security group.

", "SecurityGroupRuleRequest$ReferencedGroupId": "

The ID of the security group that is referenced in the security group rule.

", "UpdateSecurityGroupRuleDescriptionsEgressRequest$GroupId": "

The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.

", @@ -17407,6 +17491,12 @@ "VerifiedAccessEndpoint$SecurityGroupIds": "

The IDs of the security groups for the endpoint.

" } }, + "SecurityGroupIdSet": { + "base": null, + "refs": { + "Ec2InstanceConnectEndpoint$SecurityGroupIds": "

The security groups associated with the endpoint. If you didn't specify a security group, the default security group for your VPC is associated with the endpoint.

" + } + }, "SecurityGroupIdStringList": { "base": null, "refs": { @@ -17419,6 +17509,12 @@ "RunInstancesRequest$SecurityGroupIds": "

The IDs of the security groups. You can create a security group using CreateSecurityGroup.

If you specify a network interface, you must specify any security groups as part of the network interface.

" } }, + "SecurityGroupIdStringListRequest": { + "base": null, + "refs": { + "CreateInstanceConnectEndpointRequest$SecurityGroupIds": "

One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.

" + } + }, "SecurityGroupIdentifier": { "base": "

Describes a security group.

", "refs": { @@ -18144,8 +18240,8 @@ "AdditionalDetail$ServiceName": "

The name of the VPC endpoint service.

", "Address$InstanceId": "

The ID of the instance that the address is associated with (if any).

", "Address$PublicIp": "

The Elastic IP address.

", - "Address$AllocationId": "

The ID representing the allocation of the address for use with EC2-VPC.

", - "Address$AssociationId": "

The ID representing the association of the address with an instance in a VPC.

", + "Address$AllocationId": "

The ID representing the allocation of the address.

", + "Address$AssociationId": "

The ID representing the association of the address with an instance.

", "Address$NetworkInterfaceId": "

The ID of the network interface.

", "Address$NetworkInterfaceOwnerId": "

The ID of the Amazon Web Services account that owns the network interface.

", "Address$PrivateIpAddress": "

The private IP address associated with the Elastic IP address.

", @@ -18162,12 +18258,12 @@ "AllocateAddressRequest$NetworkBorderGroup": "

A unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.

Use DescribeAvailabilityZones to view the network border groups.

You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 Classic, you receive an InvalidParameterCombination error.

", "AllocateAddressRequest$CustomerOwnedIpv4Pool": "

The ID of a customer-owned address pool. Use this parameter to let Amazon EC2 select an address from the address pool. Alternatively, specify a specific address from the address pool.

", "AllocateAddressResult$PublicIp": "

The Elastic IP address.

", - "AllocateAddressResult$AllocationId": "

[EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.

", + "AllocateAddressResult$AllocationId": "

The ID that represents the allocation of the Elastic IP address.

", "AllocateAddressResult$PublicIpv4Pool": "

The ID of an address pool.

", "AllocateAddressResult$NetworkBorderGroup": "

The set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses.

", "AllocateAddressResult$CustomerOwnedIp": "

The customer-owned IP address.

", "AllocateAddressResult$CustomerOwnedIpv4Pool": "

The ID of the customer-owned address pool.

", - "AllocateAddressResult$CarrierIp": "

The carrier IP address. This option is only available for network interfaces which reside in a subnet in a Wavelength Zone (for example an EC2 instance).

", + "AllocateAddressResult$CarrierIp": "

The carrier IP address. This option is only available for network interfaces that reside in a subnet in a Wavelength Zone.

", "AllocateHostsRequest$AvailabilityZone": "

The Availability Zone in which to allocate the Dedicated Host.

", "AllocateHostsRequest$ClientToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.

", "AllocateHostsRequest$InstanceType": "

Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.

If you want the Dedicated Hosts to support multiple instance types in a specific instance family, omit this parameter and specify InstanceFamily instead. You cannot specify InstanceType and InstanceFamily in the same request.

", @@ -18210,8 +18306,8 @@ "AssignIpv6AddressesResult$NetworkInterfaceId": "

The ID of the network interface.

", "AssignPrivateIpAddressesResult$NetworkInterfaceId": "

The ID of the network interface.

", "AssignedPrivateIpAddress$PrivateIpAddress": "

The private IP address assigned to the network interface.

", - "AssociateAddressRequest$PrivateIpAddress": "

[EC2-VPC] The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.

", - "AssociateAddressResult$AssociationId": "

[EC2-VPC] The ID that represents the association of the Elastic IP address with an instance.

", + "AssociateAddressRequest$PrivateIpAddress": "

The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.

", + "AssociateAddressResult$AssociationId": "

The ID that represents the association of the Elastic IP address with an instance.

", "AssociateClientVpnTargetNetworkRequest$ClientToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

", "AssociateClientVpnTargetNetworkResult$AssociationId": "

The unique ID of the target network association.

", "AssociateEnclaveCertificateIamRoleResult$CertificateS3BucketName": "

The name of the Amazon S3 bucket to which the certificate was uploaded.

", @@ -18430,6 +18526,8 @@ "CreateImageRequest$Description": "

A description for the new image.

", "CreateImageRequest$Name": "

A name for the new image.

Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)

", "CreateImageResult$ImageId": "

The ID of the new AMI.

", + "CreateInstanceConnectEndpointRequest$ClientToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", + "CreateInstanceConnectEndpointResult$ClientToken": "

Unique, case-sensitive idempotency token provided by the client in the the request.

", "CreateInstanceEventWindowRequest$Name": "

The name of the event window.

", "CreateInstanceExportTaskRequest$Description": "

A description for the conversion task or the resource being exported. The maximum length is 255 characters.

", "CreateIpamPoolRequest$Locale": "

In IPAM, the locale is the Amazon Web Services Region where you want to make an IPAM pool available for allocations. Only resources in the same Region as the locale of the pool can get IP address allocations from the pool. You can only allocate a CIDR for a VPC, for example, from an IPAM pool that shares a locale with the VPC’s Region. Note that once you choose a Locale for a pool, you cannot modify it. If you do not choose a locale, resources in Regions others than the IPAM's home region cannot use CIDRs from this pool.

Possible values: Any Amazon Web Services Region, such as us-east-1.

", @@ -18822,6 +18920,11 @@ "EbsBlockDevice$KmsKeyId": "

Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted.

This parameter is only supported on BlockDeviceMapping objects called by RunInstances, RequestSpotFleet, and RequestSpotInstances.

", "EbsBlockDevice$OutpostArn": "

The ARN of the Outpost on which the snapshot is stored.

This parameter is only supported on BlockDeviceMapping objects called by CreateImage.

", "EbsInstanceBlockDevice$VolumeId": "

The ID of the EBS volume.

", + "Ec2InstanceConnectEndpoint$OwnerId": "

The ID of the Amazon Web Services account that created the EC2 Instance Connect Endpoint.

", + "Ec2InstanceConnectEndpoint$StateMessage": "

The message for the current state of the EC2 Instance Connect Endpoint. Can include a failure message.

", + "Ec2InstanceConnectEndpoint$DnsName": "

The DNS name of the EC2 Instance Connect Endpoint.

", + "Ec2InstanceConnectEndpoint$FipsDnsName": "

", + "Ec2InstanceConnectEndpoint$AvailabilityZone": "

The Availability Zone of the EC2 Instance Connect Endpoint.

", "ElasticGpuAssociation$ElasticGpuAssociationId": "

The ID of the association.

", "ElasticGpuAssociation$ElasticGpuAssociationState": "

The state of the association between the instance and the Elastic Graphics accelerator.

", "ElasticGpuAssociation$ElasticGpuAssociationTime": "

The time the Elastic Graphics accelerator was associated with the instance.

", @@ -19476,6 +19579,7 @@ "NetworkInterfaceAttachment$AttachmentId": "

The ID of the network interface attachment.

", "NetworkInterfaceAttachment$InstanceId": "

The ID of the instance.

", "NetworkInterfaceAttachment$InstanceOwnerId": "

The Amazon Web Services account ID of the owner of the instance.

", + "NetworkInterfaceIdSet$member": null, "NetworkInterfaceIpv6Address$Ipv6Address": "

The IPv6 address.

", "NetworkInterfacePermission$NetworkInterfacePermissionId": "

The ID of the network interface permission.

", "NetworkInterfacePermission$NetworkInterfaceId": "

The ID of the network interface.

", @@ -19590,7 +19694,7 @@ "RegisterImageResult$ImageId": "

The ID of the newly registered AMI.

", "RegisterTransitGatewayMulticastGroupMembersRequest$GroupIpAddress": "

The IP address assigned to the transit gateway multicast group.

", "RegisterTransitGatewayMulticastGroupSourcesRequest$GroupIpAddress": "

The IP address assigned to the transit gateway multicast group.

", - "ReleaseAddressRequest$PublicIp": "

[EC2-Classic] The Elastic IP address. Required for EC2-Classic.

", + "ReleaseAddressRequest$PublicIp": "

Deprecated.

", "ReleaseAddressRequest$NetworkBorderGroup": "

The set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses.

If you provide an incorrect network border group, you receive an InvalidAddress.NotFound error.

You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 classic, you receive an InvalidParameterCombination error.

", "ReleaseIpamPoolAllocationRequest$Cidr": "

The CIDR of the allocation you want to release.

", "RemoveIpamOperatingRegion$RegionName": "

The name of the operating Region you want to remove.

", @@ -20241,12 +20345,14 @@ "AssociateRouteTableRequest$SubnetId": "

The ID of the subnet.

", "AssociateSubnetCidrBlockRequest$SubnetId": "

The ID of your subnet.

", "CreateClientVpnRouteRequest$TargetVpcSubnetId": "

The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.

Alternatively, if you're adding a route for the local network, specify local.

", + "CreateInstanceConnectEndpointRequest$SubnetId": "

The ID of the subnet in which to create the EC2 Instance Connect Endpoint.

", "CreateNatGatewayRequest$SubnetId": "

The ID of the subnet in which to create the NAT gateway.

", "CreateNetworkInterfaceRequest$SubnetId": "

The ID of the subnet to associate with the network interface.

", "CreateSubnetCidrReservationRequest$SubnetId": "

The ID of the subnet.

", "CreateVerifiedAccessEndpointSubnetIdList$member": null, "DeleteClientVpnRouteRequest$TargetVpcSubnetId": "

The ID of the target subnet used by the route.

", "DeleteSubnetRequest$SubnetId": "

The ID of the subnet.

", + "Ec2InstanceConnectEndpoint$SubnetId": "

The ID of the subnet in which the EC2 Instance Connect Endpoint was created.

", "FleetLaunchTemplateOverridesRequest$SubnetId": "

The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, subnet-1234abcdeexample1, subnet-0987cdef6example2). A request of type instant can have only one subnet ID.

", "GetSubnetCidrReservationsRequest$SubnetId": "

The ID of the subnet.

", "ImportInstanceLaunchSpecification$SubnetId": "

[EC2-VPC] The ID of the subnet in which to launch the instance.

", @@ -20398,6 +20504,7 @@ "CustomerGateway$Tags": "

Any tags assigned to the customer gateway.

", "DeleteTagsRequest$Tags": "

The tags to delete. Specify a tag key and an optional tag value to delete specific tags. If you specify a tag key without a tag value, we delete any tag with this key regardless of its value. If you specify a tag key with an empty string as the tag value, we delete the tag only if its value is an empty string.

If you omit this parameter, we delete all user-defined tags for the specified resources. We do not delete Amazon Web Services-generated tags (tags that have the aws: prefix).

Constraints: Up to 1000 tags.

", "DhcpOptions$Tags": "

Any tags assigned to the DHCP options set.

", + "Ec2InstanceConnectEndpoint$Tags": "

The tags assigned to the EC2 Instance Connect Endpoint.

", "EgressOnlyInternetGateway$Tags": "

The tags assigned to the egress-only internet gateway.

", "ElasticGpus$Tags": "

The tags assigned to the Elastic Graphics accelerator.

", "ExportImageResult$Tags": "

Any tags assigned to the export image task.

", @@ -20520,6 +20627,7 @@ "CreateFlowLogsRequest$TagSpecifications": "

The tags to apply to the flow logs.

", "CreateFpgaImageRequest$TagSpecifications": "

The tags to apply to the FPGA image during creation.

", "CreateImageRequest$TagSpecifications": "

The tags to apply to the AMI and snapshots on creation. You can tag the AMI, the snapshots, or both.

If you specify other values for ResourceType, the request fails.

To tag an AMI or snapshot after it has been created, see CreateTags.

", + "CreateInstanceConnectEndpointRequest$TagSpecifications": "

The tags to apply to the EC2 Instance Connect Endpoint during creation.

", "CreateInstanceEventWindowRequest$TagSpecifications": "

The tags to apply to the event window.

", "CreateInstanceExportTaskRequest$TagSpecifications": "

The tags to apply to the export instance task during creation.

", "CreateInternetGatewayRequest$TagSpecifications": "

The tags to assign to the internet gateway.

", @@ -22062,6 +22170,7 @@ "CreateVpcEndpointServiceConfigurationRequest$GatewayLoadBalancerArns": "

The Amazon Resource Names (ARNs) of the Gateway Load Balancers.

", "CreateVpcEndpointServiceConfigurationRequest$SupportedIpAddressTypes": "

The supported IP address types. The possible values are ipv4 and ipv6.

", "DescribeClientVpnTargetNetworksRequest$AssociationIds": "

The IDs of the target network associations.

", + "DescribeInstanceConnectEndpointsRequest$InstanceConnectEndpointIds": "

One or more EC2 Instance Connect Endpoint IDs.

", "DescribeIpamPoolsRequest$IpamPoolIds": "

The IDs of the IPAM pools you would like information on.

", "DescribeIpamResourceDiscoveriesRequest$IpamResourceDiscoveryIds": "

The IPAM resource discovery IDs.

", "DescribeIpamResourceDiscoveryAssociationsRequest$IpamResourceDiscoveryAssociationIds": "

The resource discovery association IDs.

", @@ -22873,6 +22982,7 @@ "DetachVpnGatewayRequest$VpcId": "

The ID of the VPC.

", "DisableVpcClassicLinkDnsSupportRequest$VpcId": "

The ID of the VPC.

", "DisableVpcClassicLinkRequest$VpcId": "

The ID of the VPC.

", + "Ec2InstanceConnectEndpoint$VpcId": "

The ID of the VPC in which the EC2 Instance Connect Endpoint was created.

", "EnableVpcClassicLinkDnsSupportRequest$VpcId": "

The ID of the VPC.

", "EnableVpcClassicLinkRequest$VpcId": "

The ID of the VPC.

", "ModifyClientVpnEndpointRequest$VpcId": "

The ID of the VPC to associate with the Client VPN endpoint.

", diff --git a/models/apis/ec2/2016-11-15/paginators-1.json b/models/apis/ec2/2016-11-15/paginators-1.json index c2d22676e34..7d3eebedeb8 100755 --- a/models/apis/ec2/2016-11-15/paginators-1.json +++ b/models/apis/ec2/2016-11-15/paginators-1.json @@ -195,6 +195,12 @@ "output_token": "NextToken", "result_key": "ImportSnapshotTasks" }, + "DescribeInstanceConnectEndpoints": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken", + "result_key": "InstanceConnectEndpoints" + }, "DescribeInstanceCreditSpecifications": { "input_token": "NextToken", "limit_key": "MaxResults", diff --git a/models/apis/imagebuilder/2019-12-02/docs-2.json b/models/apis/imagebuilder/2019-12-02/docs-2.json index 5a2545cf862..717d4276cb8 100644 --- a/models/apis/imagebuilder/2019-12-02/docs-2.json +++ b/models/apis/imagebuilder/2019-12-02/docs-2.json @@ -541,7 +541,7 @@ "ImagePipeline$dateCreated": "

The date on which this image pipeline was created.

", "ImagePipeline$dateUpdated": "

The date on which this image pipeline was last updated.

", "ImagePipeline$dateLastRun": "

This is no longer supported, and does not return a value.

", - "ImagePipeline$dateNextRun": "

This is no longer supported, and does not return a value.

", + "ImagePipeline$dateNextRun": "

The next date when the pipeline is scheduled to run.

", "ImageRecipe$dateCreated": "

The date on which this image recipe was created.

", "ImageRecipeSummary$dateCreated": "

The date on which this image recipe was created.

", "ImageSummary$dateCreated": "

The date on which Image Builder created this image.

", diff --git a/models/apis/imagebuilder/2019-12-02/endpoint-tests-1.json b/models/apis/imagebuilder/2019-12-02/endpoint-tests-1.json index ed29f944ecf..bcfa0a4ab2f 100644 --- a/models/apis/imagebuilder/2019-12-02/endpoint-tests-1.json +++ b/models/apis/imagebuilder/2019-12-02/endpoint-tests-1.json @@ -8,9 +8,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": true } }, { @@ -21,9 +21,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -34,9 +34,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": true } }, { @@ -47,9 +47,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -60,9 +60,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -73,9 +73,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -86,9 +86,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -99,9 +99,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -112,9 +112,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { @@ -125,9 +125,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { @@ -138,9 +138,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-west-1", "UseFIPS": false, - "Region": "us-gov-west-1" + "UseDualStack": false } }, { @@ -151,9 +151,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-west-1", "UseFIPS": true, - "Region": "us-gov-west-1" + "UseDualStack": false } }, { @@ -164,9 +164,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { @@ -177,9 +177,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { @@ -188,9 +188,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseDualStack": true, + "Region": "us-iso-east-1", "UseFIPS": true, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { @@ -201,9 +201,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": true, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { @@ -212,9 +212,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseDualStack": true, + "Region": "us-iso-east-1", "UseFIPS": false, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { @@ -225,9 +225,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": false, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { @@ -236,9 +236,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseDualStack": true, + "Region": "us-isob-east-1", "UseFIPS": true, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -249,9 +249,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": true, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { @@ -260,9 +260,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseDualStack": true, + "Region": "us-isob-east-1", "UseFIPS": false, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -273,9 +273,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": false, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { @@ -286,9 +286,9 @@ } }, "params": { - "UseDualStack": false, - "UseFIPS": false, "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -300,8 +300,8 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -311,9 +311,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseDualStack": false, - "UseFIPS": true, "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -323,9 +323,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseDualStack": true, - "UseFIPS": false, "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } }, diff --git a/models/apis/lightsail/2016-11-28/api-2.json b/models/apis/lightsail/2016-11-28/api-2.json index e4f70689f2a..8030a3ca133 100644 --- a/models/apis/lightsail/2016-11-28/api-2.json +++ b/models/apis/lightsail/2016-11-28/api-2.json @@ -5086,13 +5086,15 @@ "members":{ "certificateStatuses":{"shape":"CertificateStatusList"}, "includeCertificateDetails":{"shape":"IncludeCertificateDetails"}, - "certificateName":{"shape":"CertificateName"} + "certificateName":{"shape":"CertificateName"}, + "pageToken":{"shape":"string"} } }, "GetCertificatesResult":{ "type":"structure", "members":{ - "certificates":{"shape":"CertificateSummaryList"} + "certificates":{"shape":"CertificateSummaryList"}, + "nextPageToken":{"shape":"string"} } }, "GetCloudFormationStackRecordsRequest":{ diff --git a/models/apis/lightsail/2016-11-28/docs-2.json b/models/apis/lightsail/2016-11-28/docs-2.json index d3b591ba77c..51d59a00819 100644 --- a/models/apis/lightsail/2016-11-28/docs-2.json +++ b/models/apis/lightsail/2016-11-28/docs-2.json @@ -72,7 +72,7 @@ "GetBucketMetricData": "

Returns the data points of a specific metric for an Amazon Lightsail bucket.

Metrics report the utilization of a bucket. View and collect metric data regularly to monitor the number of objects stored in a bucket (including object versions) and the storage space used by those objects.

", "GetBuckets": "

Returns information about one or more Amazon Lightsail buckets. The information returned includes the synchronization status of the Amazon Simple Storage Service (Amazon S3) account-level block public access feature for your Lightsail buckets.

For more information about buckets, see Buckets in Amazon Lightsail in the Amazon Lightsail Developer Guide.

", "GetBundles": "

Returns the bundles that you can apply to an Amazon Lightsail instance when you create it.

A bundle describes the specifications of an instance, such as the monthly cost, amount of memory, the number of vCPUs, amount of storage space, and monthly network data transfer quota.

Bundles are referred to as instance plans in the Lightsail console.

", - "GetCertificates": "

Returns information about one or more Amazon Lightsail SSL/TLS certificates.

To get a summary of a certificate, ommit includeCertificateDetails from your request. The response will include only the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.

", + "GetCertificates": "

Returns information about one or more Amazon Lightsail SSL/TLS certificates.

To get a summary of a certificate, omit includeCertificateDetails from your request. The response will include only the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.

", "GetCloudFormationStackRecords": "

Returns the CloudFormation stack record created as a result of the create cloud formation stack operation.

An AWS CloudFormation stack is used to create a new Amazon EC2 instance from an exported Lightsail snapshot.

", "GetContactMethods": "

Returns information about the configured contact methods. Specify a protocol in your request to return information about a specific contact method.

A contact method is used to send you notifications about your Amazon Lightsail resources. You can add one email address and one mobile phone number contact method in each Amazon Web Services Region. However, SMS text messaging is not supported in some Amazon Web Services Regions, and SMS text messages cannot be sent to some countries/regions. For more information, see Notifications in Amazon Lightsail.

", "GetContainerAPIMetadata": "

Returns information about Amazon Lightsail containers, such as the current version of the Lightsail Control (lightsailctl) plugin.

", @@ -581,7 +581,7 @@ } }, "Certificate": { - "base": "

Describes the full details of an Amazon Lightsail SSL/TLS certificate.

To get a summary of a certificate, use the GetCertificates action and ommit includeCertificateDetails from your request. The response will include only the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.

", + "base": "

Describes the full details of an Amazon Lightsail SSL/TLS certificate.

To get a summary of a certificate, use the GetCertificates action and omit includeCertificateDetails from your request. The response will include only the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags.

", "refs": { "CertificateSummary$certificateDetail": "

An object that describes a certificate in detail.

" } @@ -2741,8 +2741,8 @@ "GetContainerLogRequest$endTime": "

The end of the time interval for which to get log data.

Constraints:

You can convert a human-friendly time to Unix time format using a converter like Epoch converter.

", "GetContainerServiceMetricDataRequest$startTime": "

The start time of the time period.

", "GetContainerServiceMetricDataRequest$endTime": "

The end time of the time period.

", - "GetCostEstimateRequest$startTime": "

The cost estimate start time.

Constraints:

You can convert a human-friendly time to Unix time format using a converter like Epoch converter.

", - "GetCostEstimateRequest$endTime": "

The cost estimate end time.

Constraints:

You can convert a human-friendly time to Unix time format using a converter like Epoch converter.

", + "GetCostEstimateRequest$startTime": "

The cost estimate start time.

Constraints:

You can convert a human-friendly time to Unix time format using a converter like Epoch converter.

", + "GetCostEstimateRequest$endTime": "

The cost estimate end time.

Constraints:

You can convert a human-friendly time to Unix time format using a converter like Epoch converter.

", "GetDistributionLatestCacheResetResult$createTime": "

The timestamp of the last cache reset (e.g., 1479734909.17) in Unix time format.

", "GetRelationalDatabaseLogEventsRequest$startTime": "

The start of the time interval from which to get log events.

Constraints:

", "GetRelationalDatabaseLogEventsRequest$endTime": "

The end of the time interval from which to get log events.

Constraints:

", @@ -4663,6 +4663,8 @@ "GetBucketsResult$nextPageToken": "

The token to advance to the next page of results from your request.

A next page token is not returned if there are no more results to display.

To get the next page of results, perform another GetBuckets request and specify the next page token using the pageToken parameter.

", "GetBundlesRequest$pageToken": "

The token to advance to the next page of results from your request.

To get a page token, perform an initial GetBundles request. If your results are paginated, the response will return a next page token that you can specify as the page token in a subsequent request.

", "GetBundlesResult$nextPageToken": "

The token to advance to the next page of results from your request.

A next page token is not returned if there are no more results to display.

To get the next page of results, perform another GetBundles request and specify the next page token using the pageToken parameter.

", + "GetCertificatesRequest$pageToken": "

The token to advance to the next page of results from your request.

To get a page token, perform an initial GetCertificates request. If your results are paginated, the response will return a next page token that you can specify as the page token in a subsequent request.

", + "GetCertificatesResult$nextPageToken": "

If NextPageToken is returned there are more results available. The value of NextPageToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged.

", "GetCloudFormationStackRecordsRequest$pageToken": "

The token to advance to the next page of results from your request.

To get a page token, perform an initial GetClouFormationStackRecords request. If your results are paginated, the response will return a next page token that you can specify as the page token in a subsequent request.

", "GetCloudFormationStackRecordsResult$nextPageToken": "

The token to advance to the next page of results from your request.

A next page token is not returned if there are no more results to display.

To get the next page of results, perform another GetCloudFormationStackRecords request and specify the next page token using the pageToken parameter.

", "GetContainerLogRequest$containerName": "

The name of the container that is either running or previously ran on the container service for which to return a log.

", diff --git a/models/apis/lightsail/2016-11-28/endpoint-tests-1.json b/models/apis/lightsail/2016-11-28/endpoint-tests-1.json index ef083046452..0b3e73dea42 100644 --- a/models/apis/lightsail/2016-11-28/endpoint-tests-1.json +++ b/models/apis/lightsail/2016-11-28/endpoint-tests-1.json @@ -325,6 +325,17 @@ "UseDualStack": false } }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, { "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { @@ -338,6 +349,17 @@ "UseDualStack": false } }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, { "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { @@ -351,6 +373,17 @@ "UseDualStack": false } }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, { "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", "expect": { @@ -364,6 +397,17 @@ "UseDualStack": false } }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, { "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { @@ -427,6 +471,12 @@ "UseDualStack": true, "Endpoint": "https://example.com" } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } } ], "version": "1.0" diff --git a/models/apis/s3/2006-03-01/api-2.json b/models/apis/s3/2006-03-01/api-2.json index 581b4ad69af..555c378f2c4 100644 --- a/models/apis/s3/2006-03-01/api-2.json +++ b/models/apis/s3/2006-03-01/api-2.json @@ -7730,7 +7730,8 @@ "type":"string", "enum":[ "AES256", - "aws:kms" + "aws:kms", + "aws:kms:dsse" ] }, "ServerSideEncryptionByDefault":{ diff --git a/models/apis/s3/2006-03-01/examples-1.json b/models/apis/s3/2006-03-01/examples-1.json index a04388ec5d8..51762e4436b 100644 --- a/models/apis/s3/2006-03-01/examples-1.json +++ b/models/apis/s3/2006-03-01/examples-1.json @@ -84,10 +84,13 @@ "CreateBucket": [ { "input": { - "Bucket": "examplebucket" + "Bucket": "examplebucket", + "CreateBucketConfiguration": { + "LocationConstraint": "eu-west-1" + } }, "output": { - "Location": "/examplebucket" + "Location": "http://examplebucket..s3.amazonaws.com/" }, "comments": { "input": { @@ -95,19 +98,16 @@ "output": { } }, - "description": "The following example creates a bucket.", - "id": "to-create-a-bucket--1472851826060", - "title": "To create a bucket " + "description": "The following example creates a bucket. The request specifies an AWS region where to create the bucket.", + "id": "to-create-a-bucket-in-a-specific-region-1483399072992", + "title": "To create a bucket in a specific region" }, { "input": { - "Bucket": "examplebucket", - "CreateBucketConfiguration": { - "LocationConstraint": "eu-west-1" - } + "Bucket": "examplebucket" }, "output": { - "Location": "http://examplebucket..s3.amazonaws.com/" + "Location": "/examplebucket" }, "comments": { "input": { @@ -115,9 +115,9 @@ "output": { } }, - "description": "The following example creates a bucket. The request specifies an AWS region where to create the bucket.", - "id": "to-create-a-bucket-in-a-specific-region-1483399072992", - "title": "To create a bucket in a specific region" + "description": "The following example creates a bucket.", + "id": "to-create-a-bucket--1472851826060", + "title": "To create a bucket " } ], "CreateMultipartUpload": [ @@ -292,11 +292,10 @@ { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "Key": "HappyFace.jpg" }, "output": { - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "VersionId": "null" }, "comments": { "input": { @@ -304,17 +303,18 @@ "output": { } }, - "description": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", - "id": "to-remove-tag-set-from-an-object-version-1483145285913", - "title": "To remove tag set from an object version" + "description": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", + "id": "to-remove-tag-set-from-an-object-1483145342862", + "title": "To remove tag set from an object" }, { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "HappyFace.jpg", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "output": { - "VersionId": "null" + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "comments": { "input": { @@ -322,9 +322,9 @@ "output": { } }, - "description": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", - "id": "to-remove-tag-set-from-an-object-1483145342862", - "title": "To remove tag set from an object" + "description": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", + "id": "to-remove-tag-set-from-an-object-version-1483145285913", + "title": "To remove tag set from an object version" } ], "DeleteObjects": [ @@ -334,12 +334,10 @@ "Delete": { "Objects": [ { - "Key": "HappyFace.jpg", - "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" + "Key": "objectkey1" }, { - "Key": "HappyFace.jpg", - "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" + "Key": "objectkey2" } ], "Quiet": false @@ -348,12 +346,14 @@ "output": { "Deleted": [ { - "Key": "HappyFace.jpg", - "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" + "DeleteMarker": "true", + "DeleteMarkerVersionId": "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", + "Key": "objectkey1" }, { - "Key": "HappyFace.jpg", - "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" + "DeleteMarker": "true", + "DeleteMarkerVersionId": "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", + "Key": "objectkey2" } ] }, @@ -363,9 +363,9 @@ "output": { } }, - "description": "The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object versions and returns the key and versions of deleted objects in the response.", - "id": "to-delete-multiple-object-versions-from-a-versioned-bucket-1483147087737", - "title": "To delete multiple object versions from a versioned bucket" + "description": "The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.", + "id": "to-delete-multiple-objects-from-a-versioned-bucket-1483146248805", + "title": "To delete multiple objects from a versioned bucket" }, { "input": { @@ -373,10 +373,12 @@ "Delete": { "Objects": [ { - "Key": "objectkey1" + "Key": "HappyFace.jpg", + "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" }, { - "Key": "objectkey2" + "Key": "HappyFace.jpg", + "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" } ], "Quiet": false @@ -385,14 +387,12 @@ "output": { "Deleted": [ { - "DeleteMarker": "true", - "DeleteMarkerVersionId": "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", - "Key": "objectkey1" + "Key": "HappyFace.jpg", + "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" }, { - "DeleteMarker": "true", - "DeleteMarkerVersionId": "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", - "Key": "objectkey2" + "Key": "HappyFace.jpg", + "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" } ] }, @@ -402,9 +402,9 @@ "output": { } }, - "description": "The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.", - "id": "to-delete-multiple-objects-from-a-versioned-bucket-1483146248805", - "title": "To delete multiple objects from a versioned bucket" + "description": "The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object versions and returns the key and versions of deleted objects in the response.", + "id": "to-delete-multiple-object-versions-from-a-versioned-bucket-1483147087737", + "title": "To delete multiple object versions from a versioned bucket" } ], "GetBucketCors": [ @@ -728,17 +728,18 @@ { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "SampleFile.txt", + "Range": "bytes=0-9" }, "output": { "AcceptRanges": "bytes", - "ContentLength": "3191", - "ContentType": "image/jpeg", - "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "LastModified": "Thu, 15 Dec 2016 01:19:41 GMT", + "ContentLength": "10", + "ContentRange": "bytes 0-9/43", + "ContentType": "text/plain", + "ETag": "\"0d94420ffd0bc68cd3d152506b97a9cc\"", + "LastModified": "Thu, 09 Oct 2014 22:57:28 GMT", "Metadata": { }, - "TagCount": 2, "VersionId": "null" }, "comments": { @@ -747,25 +748,24 @@ "output": { } }, - "description": "The following example retrieves an object for an S3 bucket.", - "id": "to-retrieve-an-object-1481827837012", - "title": "To retrieve an object" + "description": "The following example retrieves an object for an S3 bucket. The request specifies the range header to retrieve a specific byte range.", + "id": "to-retrieve-a-byte-range-of-an-object--1481832674603", + "title": "To retrieve a byte range of an object " }, { "input": { "Bucket": "examplebucket", - "Key": "SampleFile.txt", - "Range": "bytes=0-9" + "Key": "HappyFace.jpg" }, "output": { "AcceptRanges": "bytes", - "ContentLength": "10", - "ContentRange": "bytes 0-9/43", - "ContentType": "text/plain", - "ETag": "\"0d94420ffd0bc68cd3d152506b97a9cc\"", - "LastModified": "Thu, 09 Oct 2014 22:57:28 GMT", + "ContentLength": "3191", + "ContentType": "image/jpeg", + "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", + "LastModified": "Thu, 15 Dec 2016 01:19:41 GMT", "Metadata": { }, + "TagCount": 2, "VersionId": "null" }, "comments": { @@ -774,9 +774,9 @@ "output": { } }, - "description": "The following example retrieves an object for an S3 bucket. The request specifies the range header to retrieve a specific byte range.", - "id": "to-retrieve-a-byte-range-of-an-object--1481832674603", - "title": "To retrieve a byte range of an object " + "description": "The following example retrieves an object for an S3 bucket.", + "id": "to-retrieve-an-object-1481827837012", + "title": "To retrieve an object" } ], "GetObjectAcl": [ @@ -1567,14 +1567,13 @@ "PutObject": [ { "input": { - "Body": "c:\\HappyFace.jpg", + "Body": "HappyFace.jpg", "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "Tagging": "key1=value1&key2=value2" + "Key": "HappyFace.jpg" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a" + "VersionId": "tpf3zF08nBplQK1XLOefGskR7mGDwcDk" }, "comments": { "input": { @@ -1582,20 +1581,23 @@ "output": { } }, - "description": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", - "id": "to-upload-an-object-and-specify-optional-tags-1481762310955", - "title": "To upload an object and specify optional tags" + "description": "The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file syntax. S3 returns VersionId of the newly created object.", + "id": "to-upload-an-object-1481760101010", + "title": "To upload an object" }, { "input": { - "ACL": "authenticated-read", "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "exampleobject" + "Key": "exampleobject", + "Metadata": { + "metadata1": "value1", + "metadata2": "value2" + } }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr" + "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0" }, "comments": { "input": { @@ -1603,22 +1605,22 @@ "output": { } }, - "description": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-an-object-and-specify-canned-acl-1483397779571", - "title": "To upload an object and specify canned ACL." + "description": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-object-and-specify-user-defined-metadata-1483396974757", + "title": "To upload object and specify user-defined metadata" }, { "input": { - "Body": "filetoupload", + "Body": "HappyFace.jpg", "Bucket": "examplebucket", - "Key": "exampleobject", + "Key": "HappyFace.jpg", "ServerSideEncryption": "AES256", - "Tagging": "key1=value1&key2=value2" + "StorageClass": "STANDARD_IA" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", "ServerSideEncryption": "AES256", - "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt" + "VersionId": "CG612hodqujkf8FaaNfp8U..FIhLROcp" }, "comments": { "input": { @@ -1626,9 +1628,9 @@ "output": { } }, - "description": "The following example uploads an object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-an-object-and-specify-server-side-encryption-and-object-tags-1483398331831", - "title": "To upload an object and specify server-side encryption and object tags" + "description": "The following example uploads an object. The request specifies optional request headers to directs S3 to use specific storage class and use server-side encryption.", + "id": "to-upload-an-object-(specify-optional-headers)", + "title": "To upload an object (specify optional headers)" }, { "input": { @@ -1652,13 +1654,16 @@ }, { "input": { - "Body": "HappyFace.jpg", + "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "exampleobject", + "ServerSideEncryption": "AES256", + "Tagging": "key1=value1&key2=value2" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "tpf3zF08nBplQK1XLOefGskR7mGDwcDk" + "ServerSideEncryption": "AES256", + "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt" }, "comments": { "input": { @@ -1666,22 +1671,20 @@ "output": { } }, - "description": "The following example uploads an object to a versioning-enabled bucket. The source file is specified using Windows file syntax. S3 returns VersionId of the newly created object.", - "id": "to-upload-an-object-1481760101010", - "title": "To upload an object" + "description": "The following example uploads an object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-an-object-and-specify-server-side-encryption-and-object-tags-1483398331831", + "title": "To upload an object and specify server-side encryption and object tags" }, { "input": { - "Body": "HappyFace.jpg", + "Body": "c:\\HappyFace.jpg", "Bucket": "examplebucket", "Key": "HappyFace.jpg", - "ServerSideEncryption": "AES256", - "StorageClass": "STANDARD_IA" + "Tagging": "key1=value1&key2=value2" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "ServerSideEncryption": "AES256", - "VersionId": "CG612hodqujkf8FaaNfp8U..FIhLROcp" + "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a" }, "comments": { "input": { @@ -1689,23 +1692,20 @@ "output": { } }, - "description": "The following example uploads an object. The request specifies optional request headers to directs S3 to use specific storage class and use server-side encryption.", - "id": "to-upload-an-object-(specify-optional-headers)", - "title": "To upload an object (specify optional headers)" + "description": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", + "id": "to-upload-an-object-and-specify-optional-tags-1481762310955", + "title": "To upload an object and specify optional tags" }, { "input": { + "ACL": "authenticated-read", "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "exampleobject", - "Metadata": { - "metadata1": "value1", - "metadata2": "value2" - } + "Key": "exampleobject" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0" + "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr" }, "comments": { "input": { @@ -1713,9 +1713,9 @@ "output": { } }, - "description": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-object-and-specify-user-defined-metadata-1483396974757", - "title": "To upload object and specify user-defined metadata" + "description": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-an-object-and-specify-canned-acl-1483397779571", + "title": "To upload an object and specify canned ACL." } ], "PutObjectAcl": [ @@ -1826,14 +1826,15 @@ "input": { "Bucket": "examplebucket", "CopySource": "/bucketname/sourceobjectkey", + "CopySourceRange": "bytes=1-100000", "Key": "examplelargeobject", - "PartNumber": "1", + "PartNumber": "2", "UploadId": "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--" }, "output": { "CopyPartResult": { - "ETag": "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", - "LastModified": "2016-12-29T21:24:43.000Z" + "ETag": "\"65d16d19e65a7508a51f043180edcc36\"", + "LastModified": "2016-12-29T21:44:28.000Z" } }, "comments": { @@ -1842,23 +1843,22 @@ "output": { } }, - "description": "The following example uploads a part of a multipart upload by copying data from an existing object as data source.", - "id": "to-upload-a-part-by-copying-data-from-an-existing-object-as-data-source-1483046746348", - "title": "To upload a part by copying data from an existing object as data source" + "description": "The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as data source.", + "id": "to-upload-a-part-by-copying-byte-range-from-an-existing-object-as-data-source-1483048068594", + "title": "To upload a part by copying byte range from an existing object as data source" }, { "input": { "Bucket": "examplebucket", "CopySource": "/bucketname/sourceobjectkey", - "CopySourceRange": "bytes=1-100000", "Key": "examplelargeobject", - "PartNumber": "2", + "PartNumber": "1", "UploadId": "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--" }, "output": { "CopyPartResult": { - "ETag": "\"65d16d19e65a7508a51f043180edcc36\"", - "LastModified": "2016-12-29T21:44:28.000Z" + "ETag": "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", + "LastModified": "2016-12-29T21:24:43.000Z" } }, "comments": { @@ -1867,9 +1867,9 @@ "output": { } }, - "description": "The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as data source.", - "id": "to-upload-a-part-by-copying-byte-range-from-an-existing-object-as-data-source-1483048068594", - "title": "To upload a part by copying byte range from an existing object as data source" + "description": "The following example uploads a part of a multipart upload by copying data from an existing object as data source.", + "id": "to-upload-a-part-by-copying-data-from-an-existing-object-as-data-source-1483046746348", + "title": "To upload a part by copying data from an existing object as data source" } ] } diff --git a/models/apis/securityhub/2018-10-26/api-2.json b/models/apis/securityhub/2018-10-26/api-2.json index 6572287d334..92f9a1351b7 100644 --- a/models/apis/securityhub/2018-10-26/api-2.json +++ b/models/apis/securityhub/2018-10-26/api-2.json @@ -46,6 +46,22 @@ "deprecated":true, "deprecatedMessage":"This API has been deprecated, use AcceptAdministratorInvitation API instead." }, + "BatchDeleteAutomationRules":{ + "name":"BatchDeleteAutomationRules", + "http":{ + "method":"POST", + "requestUri":"/automationrules/delete" + }, + "input":{"shape":"BatchDeleteAutomationRulesRequest"}, + "output":{"shape":"BatchDeleteAutomationRulesResponse"}, + "errors":[ + {"shape":"InternalException"}, + {"shape":"InvalidAccessException"}, + {"shape":"InvalidInputException"}, + {"shape":"LimitExceededException"}, + {"shape":"ResourceNotFoundException"} + ] + }, "BatchDisableStandards":{ "name":"BatchDisableStandards", "http":{ @@ -76,6 +92,23 @@ {"shape":"LimitExceededException"} ] }, + "BatchGetAutomationRules":{ + "name":"BatchGetAutomationRules", + "http":{ + "method":"POST", + "requestUri":"/automationrules/get" + }, + "input":{"shape":"BatchGetAutomationRulesRequest"}, + "output":{"shape":"BatchGetAutomationRulesResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InternalException"}, + {"shape":"InvalidAccessException"}, + {"shape":"InvalidInputException"}, + {"shape":"LimitExceededException"}, + {"shape":"ResourceNotFoundException"} + ] + }, "BatchGetSecurityControls":{ "name":"BatchGetSecurityControls", "http":{ @@ -121,6 +154,22 @@ {"shape":"InvalidAccessException"} ] }, + "BatchUpdateAutomationRules":{ + "name":"BatchUpdateAutomationRules", + "http":{ + "method":"PATCH", + "requestUri":"/automationrules/update" + }, + "input":{"shape":"BatchUpdateAutomationRulesRequest"}, + "output":{"shape":"BatchUpdateAutomationRulesResponse"}, + "errors":[ + {"shape":"InternalException"}, + {"shape":"InvalidAccessException"}, + {"shape":"InvalidInputException"}, + {"shape":"LimitExceededException"}, + {"shape":"ResourceNotFoundException"} + ] + }, "BatchUpdateFindings":{ "name":"BatchUpdateFindings", "http":{ @@ -167,6 +216,22 @@ {"shape":"ResourceConflictException"} ] }, + "CreateAutomationRule":{ + "name":"CreateAutomationRule", + "http":{ + "method":"POST", + "requestUri":"/automationrules/create" + }, + "input":{"shape":"CreateAutomationRuleRequest"}, + "output":{"shape":"CreateAutomationRuleResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InternalException"}, + {"shape":"InvalidAccessException"}, + {"shape":"InvalidInputException"}, + {"shape":"LimitExceededException"} + ] + }, "CreateFindingAggregator":{ "name":"CreateFindingAggregator", "http":{ @@ -718,6 +783,22 @@ {"shape":"ResourceNotFoundException"} ] }, + "ListAutomationRules":{ + "name":"ListAutomationRules", + "http":{ + "method":"GET", + "requestUri":"/automationrules/list" + }, + "input":{"shape":"ListAutomationRulesRequest"}, + "output":{"shape":"ListAutomationRulesResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InternalException"}, + {"shape":"InvalidAccessException"}, + {"shape":"InvalidInputException"}, + {"shape":"LimitExceededException"} + ] + }, "ListEnabledProductsForImport":{ "name":"ListEnabledProductsForImport", "http":{ @@ -1046,6 +1127,12 @@ "PortProbeAction":{"shape":"PortProbeAction"} } }, + "ActionList":{ + "type":"list", + "member":{"shape":"AutomationRulesAction"}, + "max":1, + "min":1 + }, "ActionLocalIpDetails":{ "type":"structure", "members":{ @@ -1177,6 +1264,115 @@ "DEFAULT" ] }, + "AutomationRulesAction":{ + "type":"structure", + "members":{ + "Type":{"shape":"AutomationRulesActionType"}, + "FindingFieldsUpdate":{"shape":"AutomationRulesFindingFieldsUpdate"} + } + }, + "AutomationRulesActionType":{ + "type":"string", + "enum":["FINDING_FIELDS_UPDATE"] + }, + "AutomationRulesArnsList":{ + "type":"list", + "member":{"shape":"NonEmptyString"}, + "max":100, + "min":1 + }, + "AutomationRulesConfig":{ + "type":"structure", + "members":{ + "RuleArn":{"shape":"NonEmptyString"}, + "RuleStatus":{"shape":"RuleStatus"}, + "RuleOrder":{"shape":"RuleOrderValue"}, + "RuleName":{"shape":"NonEmptyString"}, + "Description":{"shape":"NonEmptyString"}, + "IsTerminal":{"shape":"Boolean"}, + "Criteria":{"shape":"AutomationRulesFindingFilters"}, + "Actions":{"shape":"ActionList"}, + "CreatedAt":{"shape":"Timestamp"}, + "UpdatedAt":{"shape":"Timestamp"}, + "CreatedBy":{"shape":"NonEmptyString"} + } + }, + "AutomationRulesConfigList":{ + "type":"list", + "member":{"shape":"AutomationRulesConfig"} + }, + "AutomationRulesFindingFieldsUpdate":{ + "type":"structure", + "members":{ + "Note":{"shape":"NoteUpdate"}, + "Severity":{"shape":"SeverityUpdate"}, + "VerificationState":{"shape":"VerificationState"}, + "Confidence":{"shape":"RatioScale"}, + "Criticality":{"shape":"RatioScale"}, + "Types":{"shape":"TypeList"}, + "UserDefinedFields":{"shape":"FieldMap"}, + "Workflow":{"shape":"WorkflowUpdate"}, + "RelatedFindings":{"shape":"RelatedFindingList"} + } + }, + "AutomationRulesFindingFilters":{ + "type":"structure", + "members":{ + "ProductArn":{"shape":"StringFilterList"}, + "AwsAccountId":{"shape":"StringFilterList"}, + "Id":{"shape":"StringFilterList"}, + "GeneratorId":{"shape":"StringFilterList"}, + "Type":{"shape":"StringFilterList"}, + "FirstObservedAt":{"shape":"DateFilterList"}, + "LastObservedAt":{"shape":"DateFilterList"}, + "CreatedAt":{"shape":"DateFilterList"}, + "UpdatedAt":{"shape":"DateFilterList"}, + "Confidence":{"shape":"NumberFilterList"}, + "Criticality":{"shape":"NumberFilterList"}, + "Title":{"shape":"StringFilterList"}, + "Description":{"shape":"StringFilterList"}, + "SourceUrl":{"shape":"StringFilterList"}, + "ProductName":{"shape":"StringFilterList"}, + "CompanyName":{"shape":"StringFilterList"}, + "SeverityLabel":{"shape":"StringFilterList"}, + "ResourceType":{"shape":"StringFilterList"}, + "ResourceId":{"shape":"StringFilterList"}, + "ResourcePartition":{"shape":"StringFilterList"}, + "ResourceRegion":{"shape":"StringFilterList"}, + "ResourceTags":{"shape":"MapFilterList"}, + "ResourceDetailsOther":{"shape":"MapFilterList"}, + "ComplianceStatus":{"shape":"StringFilterList"}, + "ComplianceSecurityControlId":{"shape":"StringFilterList"}, + "ComplianceAssociatedStandardsId":{"shape":"StringFilterList"}, + "VerificationState":{"shape":"StringFilterList"}, + "WorkflowStatus":{"shape":"StringFilterList"}, + "RecordState":{"shape":"StringFilterList"}, + "RelatedFindingsProductArn":{"shape":"StringFilterList"}, + "RelatedFindingsId":{"shape":"StringFilterList"}, + "NoteText":{"shape":"StringFilterList"}, + "NoteUpdatedAt":{"shape":"DateFilterList"}, + "NoteUpdatedBy":{"shape":"StringFilterList"}, + "UserDefinedFields":{"shape":"MapFilterList"} + } + }, + "AutomationRulesMetadata":{ + "type":"structure", + "members":{ + "RuleArn":{"shape":"NonEmptyString"}, + "RuleStatus":{"shape":"RuleStatus"}, + "RuleOrder":{"shape":"RuleOrderValue"}, + "RuleName":{"shape":"NonEmptyString"}, + "Description":{"shape":"NonEmptyString"}, + "IsTerminal":{"shape":"Boolean"}, + "CreatedAt":{"shape":"Timestamp"}, + "UpdatedAt":{"shape":"Timestamp"}, + "CreatedBy":{"shape":"NonEmptyString"} + } + }, + "AutomationRulesMetadataList":{ + "type":"list", + "member":{"shape":"AutomationRulesMetadata"} + }, "AvailabilityZone":{ "type":"structure", "members":{ @@ -6332,6 +6528,20 @@ "Type":{"shape":"NonEmptyString"} } }, + "BatchDeleteAutomationRulesRequest":{ + "type":"structure", + "required":["AutomationRulesArns"], + "members":{ + "AutomationRulesArns":{"shape":"AutomationRulesArnsList"} + } + }, + "BatchDeleteAutomationRulesResponse":{ + "type":"structure", + "members":{ + "ProcessedAutomationRules":{"shape":"AutomationRulesArnsList"}, + "UnprocessedAutomationRules":{"shape":"UnprocessedAutomationRulesList"} + } + }, "BatchDisableStandardsRequest":{ "type":"structure", "required":["StandardsSubscriptionArns"], @@ -6358,6 +6568,20 @@ "StandardsSubscriptions":{"shape":"StandardsSubscriptions"} } }, + "BatchGetAutomationRulesRequest":{ + "type":"structure", + "required":["AutomationRulesArns"], + "members":{ + "AutomationRulesArns":{"shape":"AutomationRulesArnsList"} + } + }, + "BatchGetAutomationRulesResponse":{ + "type":"structure", + "members":{ + "Rules":{"shape":"AutomationRulesConfigList"}, + "UnprocessedAutomationRules":{"shape":"UnprocessedAutomationRulesList"} + } + }, "BatchGetSecurityControlsRequest":{ "type":"structure", "required":["SecurityControlIds"], @@ -6413,6 +6637,20 @@ "FailedFindings":{"shape":"ImportFindingsErrorList"} } }, + "BatchUpdateAutomationRulesRequest":{ + "type":"structure", + "required":["UpdateAutomationRulesRequestItems"], + "members":{ + "UpdateAutomationRulesRequestItems":{"shape":"UpdateAutomationRulesRequestItemsList"} + } + }, + "BatchUpdateAutomationRulesResponse":{ + "type":"structure", + "members":{ + "ProcessedAutomationRules":{"shape":"AutomationRulesArnsList"}, + "UnprocessedAutomationRules":{"shape":"UnprocessedAutomationRulesList"} + } + }, "BatchUpdateFindingsRequest":{ "type":"structure", "required":["FindingIdentifiers"], @@ -6606,6 +6844,32 @@ "ActionTargetArn":{"shape":"NonEmptyString"} } }, + "CreateAutomationRuleRequest":{ + "type":"structure", + "required":[ + "RuleOrder", + "RuleName", + "Description", + "Criteria", + "Actions" + ], + "members":{ + "Tags":{"shape":"TagMap"}, + "RuleStatus":{"shape":"RuleStatus"}, + "RuleOrder":{"shape":"RuleOrderValue"}, + "RuleName":{"shape":"NonEmptyString"}, + "Description":{"shape":"NonEmptyString"}, + "IsTerminal":{"shape":"Boolean"}, + "Criteria":{"shape":"AutomationRulesFindingFilters"}, + "Actions":{"shape":"ActionList"} + } + }, + "CreateAutomationRuleResponse":{ + "type":"structure", + "members":{ + "RuleArn":{"shape":"NonEmptyString"} + } + }, "CreateFindingAggregatorRequest":{ "type":"structure", "required":["RegionLinkingMode"], @@ -7536,6 +7800,28 @@ "error":{"httpStatusCode":429}, "exception":true }, + "ListAutomationRulesRequest":{ + "type":"structure", + "members":{ + "NextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"NextToken" + }, + "MaxResults":{ + "shape":"MaxResults", + "location":"querystring", + "locationName":"MaxResults" + } + } + }, + "ListAutomationRulesResponse":{ + "type":"structure", + "members":{ + "AutomationRulesMetadata":{"shape":"AutomationRulesMetadataList"}, + "NextToken":{"shape":"NextToken"} + } + }, "ListEnabledProductsForImportRequest":{ "type":"structure", "members":{ @@ -8487,6 +8773,18 @@ "Definition":{"shape":"NonEmptyStringList"} } }, + "RuleOrderValue":{ + "type":"integer", + "max":1000, + "min":1 + }, + "RuleStatus":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "SecurityControl":{ "type":"structure", "required":[ @@ -8997,6 +9295,18 @@ "type":"list", "member":{"shape":"NonEmptyString"} }, + "UnprocessedAutomationRule":{ + "type":"structure", + "members":{ + "RuleArn":{"shape":"NonEmptyString"}, + "ErrorCode":{"shape":"Integer"}, + "ErrorMessage":{"shape":"NonEmptyString"} + } + }, + "UnprocessedAutomationRulesList":{ + "type":"list", + "member":{"shape":"UnprocessedAutomationRule"} + }, "UnprocessedErrorCode":{ "type":"string", "enum":[ @@ -9096,6 +9406,26 @@ "members":{ } }, + "UpdateAutomationRulesRequestItem":{ + "type":"structure", + "required":["RuleArn"], + "members":{ + "RuleArn":{"shape":"NonEmptyString"}, + "RuleStatus":{"shape":"RuleStatus"}, + "RuleOrder":{"shape":"RuleOrderValue"}, + "Description":{"shape":"NonEmptyString"}, + "RuleName":{"shape":"NonEmptyString"}, + "IsTerminal":{"shape":"Boolean"}, + "Criteria":{"shape":"AutomationRulesFindingFilters"}, + "Actions":{"shape":"ActionList"} + } + }, + "UpdateAutomationRulesRequestItemsList":{ + "type":"list", + "member":{"shape":"UpdateAutomationRulesRequestItem"}, + "max":100, + "min":1 + }, "UpdateFindingAggregatorRequest":{ "type":"structure", "required":[ diff --git a/models/apis/securityhub/2018-10-26/docs-2.json b/models/apis/securityhub/2018-10-26/docs-2.json index 4719cd29de7..929d2c93dd3 100644 --- a/models/apis/securityhub/2018-10-26/docs-2.json +++ b/models/apis/securityhub/2018-10-26/docs-2.json @@ -4,14 +4,18 @@ "operations": { "AcceptAdministratorInvitation": "

Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from.

This operation is only used by member accounts that are not added through Organizations.

When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.

", "AcceptInvitation": "

This method is deprecated. Instead, use AcceptAdministratorInvitation.

The Security Hub console continues to use AcceptInvitation. It will eventually change to use AcceptAdministratorInvitation. Any IAM policies that specifically control access to this function must continue to use AcceptInvitation. You should also add AcceptAdministratorInvitation to your policies to ensure that the correct permissions are in place after the console begins to use AcceptAdministratorInvitation.

Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from.

This operation is only used by member accounts that are not added through Organizations.

When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.

", + "BatchDeleteAutomationRules": "

Deletes one or more automation rules.

", "BatchDisableStandards": "

Disables the standards specified by the provided StandardsSubscriptionArns.

For more information, see Security Standards section of the Security Hub User Guide.

", "BatchEnableStandards": "

Enables the standards specified by the provided StandardsArn. To obtain the ARN for a standard, use the DescribeStandards operation.

For more information, see the Security Standards section of the Security Hub User Guide.

", + "BatchGetAutomationRules": "

Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs).

", "BatchGetSecurityControls": "

Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region.

", "BatchGetStandardsControlAssociations": "

For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.

", "BatchImportFindings": "

Imports security findings generated by a finding provider into Security Hub. This action is requested by the finding provider to import its findings into Security Hub.

BatchImportFindings must be called by one of the following:

The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.

After a finding is created, BatchImportFindings cannot be used to update the following finding fields and objects, which Security Hub customers use to manage their investigation workflow.

Finding providers also should not use BatchImportFindings to update the following attributes.

Instead, finding providers use FindingProviderFields to provide values for these attributes.

", + "BatchUpdateAutomationRules": "

Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters.

", "BatchUpdateFindings": "

Used by Security Hub customers to update information about their investigation into a finding. Requested by administrator accounts or member accounts. Administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their account.

Updates from BatchUpdateFindings do not affect the value of UpdatedAt for a finding.

Administrator and member accounts can use BatchUpdateFindings to update the following finding fields and objects.

You can configure IAM policies to restrict access to fields and field values. For example, you might not want member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide.

", "BatchUpdateStandardsControlAssociations": "

For a batch of security controls and standards, this operation updates the enablement status of a control in a standard.

", "CreateActionTarget": "

Creates a custom action target in Security Hub.

You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon CloudWatch Events.

", + "CreateAutomationRule": "

Creates an automation rule based on input parameters.

", "CreateFindingAggregator": "

Used to enable finding aggregation. Must be called from the aggregation Region.

For more details about cross-Region replication, see Configuring finding aggregation in the Security Hub User Guide.

", "CreateInsight": "

Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.

To group the related findings in the insight, use the GroupByAttribute.

", "CreateMembers": "

Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account. If you are integrated with Organizations, then the administrator account is designated by the organization management account.

CreateMembers is always used to add accounts that are not organization members.

For accounts that are managed using Organizations, CreateMembers is only used in the following cases:

This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the EnableSecurityHub operation.

For accounts that are not organization members, you create the account association and then send an invitation to the member account. To send the invitation, you use the InviteMembers operation. If the account owner accepts the invitation, the account becomes a member account in Security Hub.

Accounts that are managed using Organizations do not receive an invitation. They automatically become a member account in Security Hub.

A permissions policy is added that permits the administrator account to view the findings generated in the member account.

To remove the association between the administrator and member accounts, use the DisassociateFromMasterAccount or DisassociateMembers operation.

", @@ -47,6 +51,7 @@ "GetMasterAccount": "

This method is deprecated. Instead, use GetAdministratorAccount.

The Security Hub console continues to use GetMasterAccount. It will eventually change to use GetAdministratorAccount. Any IAM policies that specifically control access to this function must continue to use GetMasterAccount. You should also add GetAdministratorAccount to your policies to ensure that the correct permissions are in place after the console begins to use GetAdministratorAccount.

Provides the details for the Security Hub administrator account for the current member account.

Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.

", "GetMembers": "

Returns the details for the Security Hub member accounts for the specified account IDs.

An administrator account can be either the delegated Security Hub administrator account for an organization or an administrator account that enabled Security Hub manually.

The results include both member accounts that are managed using Organizations and accounts that were invited manually.

", "InviteMembers": "

Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from.

This operation is only used to invite accounts that do not belong to an organization. Organization accounts do not receive invitations.

Before you can use this action to invite a member, you must first use the CreateMembers action to create the member account in Security Hub.

When the account owner enables Security Hub and accepts the invitation to become a member account, the administrator account can view the findings generated from the member account.

", + "ListAutomationRules": "

A list of automation rules and their metadata for the calling account.

", "ListEnabledProductsForImport": "

Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub.

", "ListFindingAggregators": "

If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding aggregator. You can run this operation from any Region.

", "ListInvitations": "

Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account.

This operation is only used by accounts that are managed by invitation. Accounts that are managed using the integration with Organizations do not receive invitations.

", @@ -129,6 +134,14 @@ "AwsSecurityFinding$Action": "

Provides details about an action that affects or that was taken on a resource.

" } }, + "ActionList": { + "base": null, + "refs": { + "AutomationRulesConfig$Actions": "

One or more actions to update finding fields if a finding matches the defined criteria of the rule.

", + "CreateAutomationRuleRequest$Actions": "

One or more actions to update finding fields if a finding matches the conditions specified in Criteria.

", + "UpdateAutomationRulesRequestItem$Actions": "

One or more actions to update finding fields if a finding matches the conditions specified in Criteria.

" + } + }, "ActionLocalIpDetails": { "base": "

Provides information about the IP address where the scanned port is located.

", "refs": { @@ -256,6 +269,65 @@ "UpdateOrganizationConfigurationRequest$AutoEnableStandards": "

Whether to automatically enable Security Hub default standards for new member accounts in the organization.

By default, this parameter is equal to DEFAULT, and new member accounts are automatically enabled with default Security Hub standards.

To opt out of enabling default standards for new member accounts, set this parameter equal to NONE.

" } }, + "AutomationRulesAction": { + "base": "

One or more actions to update finding fields if a finding matches the defined criteria of the rule.

", + "refs": { + "ActionList$member": null + } + }, + "AutomationRulesActionType": { + "base": null, + "refs": { + "AutomationRulesAction$Type": "

Specifies that the rule action should update the Types finding field. The Types finding field provides one or more finding types in the format of namespace/category/classifier that classify a finding. For more information, see Types taxonomy for ASFF in the Security Hub User Guide.

" + } + }, + "AutomationRulesArnsList": { + "base": null, + "refs": { + "BatchDeleteAutomationRulesRequest$AutomationRulesArns": "

A list of Amazon Resource Names (ARNs) for the rules that are to be deleted.

", + "BatchDeleteAutomationRulesResponse$ProcessedAutomationRules": "

A list of properly processed rule ARNs.

", + "BatchGetAutomationRulesRequest$AutomationRulesArns": "

A list of rule ARNs to get details for.

", + "BatchUpdateAutomationRulesResponse$ProcessedAutomationRules": "

A list of properly processed rule ARNs.

" + } + }, + "AutomationRulesConfig": { + "base": "

Defines the configuration of an automation rule.

", + "refs": { + "AutomationRulesConfigList$member": null + } + }, + "AutomationRulesConfigList": { + "base": null, + "refs": { + "BatchGetAutomationRulesResponse$Rules": "

A list of rule details for the provided rule ARNs.

" + } + }, + "AutomationRulesFindingFieldsUpdate": { + "base": "

Identifies the finding fields that the automation rule action will update when a finding matches the defined criteria.

", + "refs": { + "AutomationRulesAction$FindingFieldsUpdate": "

Specifies that the automation rule action is an update to a finding field.

" + } + }, + "AutomationRulesFindingFilters": { + "base": "

The criteria that determine which findings a rule applies to.

", + "refs": { + "AutomationRulesConfig$Criteria": "

A set of Amazon Web Services Security Finding Format finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.

", + "CreateAutomationRuleRequest$Criteria": "

A set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.

", + "UpdateAutomationRulesRequestItem$Criteria": "

A set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.

" + } + }, + "AutomationRulesMetadata": { + "base": "

Metadata for automation rules in the calling account. The response includes rules with a RuleStatus of ENABLED and DISABLED.

", + "refs": { + "AutomationRulesMetadataList$member": null + } + }, + "AutomationRulesMetadataList": { + "base": null, + "refs": { + "ListAutomationRulesResponse$AutomationRulesMetadata": "

Metadata for rules in the calling account. The response includes rules with a RuleStatus of ENABLED and DISABLED.

" + } + }, "AvailabilityZone": { "base": "

Information about an Availability Zone.

", "refs": { @@ -3903,6 +3975,16 @@ "ResourceDetails$AwsXrayEncryptionConfig": "

Information about the encryption configuration for X-Ray.

" } }, + "BatchDeleteAutomationRulesRequest": { + "base": null, + "refs": { + } + }, + "BatchDeleteAutomationRulesResponse": { + "base": null, + "refs": { + } + }, "BatchDisableStandardsRequest": { "base": null, "refs": { @@ -3923,6 +4005,16 @@ "refs": { } }, + "BatchGetAutomationRulesRequest": { + "base": null, + "refs": { + } + }, + "BatchGetAutomationRulesResponse": { + "base": null, + "refs": { + } + }, "BatchGetSecurityControlsRequest": { "base": null, "refs": { @@ -3959,6 +4051,16 @@ "refs": { } }, + "BatchUpdateAutomationRulesRequest": { + "base": null, + "refs": { + } + }, + "BatchUpdateAutomationRulesResponse": { + "base": null, + "refs": { + } + }, "BatchUpdateFindingsRequest": { "base": null, "refs": { @@ -3995,6 +4097,8 @@ "base": null, "refs": { "AssociationSetDetails$Main": "

Indicates whether this is the main route table.

", + "AutomationRulesConfig$IsTerminal": "

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this field is set to true for a rule, Security Hub applies the rule action to a finding that matches the rule criteria and won't evaluate other rules for the finding.
 The default value of this field is false.

", + "AutomationRulesMetadata$IsTerminal": "

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this field is set to true for a rule, Security Hub applies the rule action to a finding that matches the rule criteria and won't evaluate other rules for the finding.
 The default value of this field is false.

", "AwsAmazonMqBrokerDetails$AutoMinorVersionUpgrade": "

Whether automatically upgrade new minor versions for brokers, as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot.

", "AwsAmazonMqBrokerDetails$PubliclyAccessible": "

Permits connections from applications outside of the VPC that hosts the broker's subnets.

", "AwsAmazonMqBrokerEncryptionOptionsDetails$UseAwsOwnedKey": "

Specifies that an KMS key should be used for at-rest encryption. Set to true by default if no value is provided (for example, for RabbitMQ brokers).

", @@ -4178,6 +4282,7 @@ "BooleanFilter$Value": "

The value of the boolean.

", "ClassificationResult$AdditionalOccurrences": "

Indicates whether there are additional occurrences of sensitive data that are not included in the finding. This occurs when the number of occurrences exceeds the maximum that can be included.

", "ContainerDetails$Privileged": "

When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).

", + "CreateAutomationRuleRequest$IsTerminal": "

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this field is set to true for a rule, Security Hub applies the rule action to a finding that matches the rule criteria and won't evaluate other rules for the finding. The default value of this field is false.

", "DescribeHubResponse$AutoEnableControls": "

Whether to automatically enable new controls when they are added to standards that are enabled.

If set to true, then new controls for enabled standards are enabled automatically. If set to false, then new controls are not enabled.

", "DescribeOrganizationConfigurationResponse$AutoEnable": "

Whether to automatically enable Security Hub for new accounts in the organization.

If set to true, then Security Hub is enabled for new accounts. If set to false, then new accounts are not added automatically.

", "DescribeOrganizationConfigurationResponse$MemberAccountLimitReached": "

Whether the maximum number of allowed member accounts are already associated with the Security Hub administrator account.

", @@ -4188,6 +4293,7 @@ "NetworkConnectionAction$Blocked": "

Indicates whether the network connection attempt was blocked.

", "PortProbeAction$Blocked": "

Indicates whether the port probe was blocked.

", "Standard$EnabledByDefault": "

Whether the standard is enabled by default. When Security Hub is enabled from the console, if a standard is enabled by default, the check box for that standard is selected by default.

When Security Hub is enabled using the EnableSecurityHub API operation, the standard is enabled by default unless EnableDefaultStandards is set to false.

", + "UpdateAutomationRulesRequestItem$IsTerminal": "

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If the value of this field is set to true for a rule, Security Hub applies the rule action to a finding that matches the rule criteria and won't evaluate other rules for the finding.
 The default value of this field is false.

", "UpdateOrganizationConfigurationRequest$AutoEnable": "

Whether to automatically enable Security Hub for new accounts in the organization.

By default, this is false, and new accounts are not added automatically.

To automatically enable Security Hub for new accounts, set this to true.

", "UpdateSecurityHubConfigurationRequest$AutoEnableControls": "

Whether to automatically enable new controls when they are added to standards that are enabled.

By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.

", "VpcInfoPeeringOptionsDetails$AllowDnsResolutionFromRemoteVpc": "

Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

", @@ -4305,6 +4411,16 @@ "refs": { } }, + "CreateAutomationRuleRequest": { + "base": null, + "refs": { + } + }, + "CreateAutomationRuleResponse": { + "base": null, + "refs": { + } + }, "CreateFindingAggregatorRequest": { "base": null, "refs": { @@ -4387,6 +4503,11 @@ "DateFilterList": { "base": null, "refs": { + "AutomationRulesFindingFilters$FirstObservedAt": "

A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesFindingFilters$LastObservedAt": "

A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesFindingFilters$CreatedAt": "

A timestamp that indicates when this finding record was created.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesFindingFilters$UpdatedAt": "

A timestamp that indicates when the finding record was most recently updated.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesFindingFilters$NoteUpdatedAt": "

The timestamp of when the note was updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", "AwsSecurityFindingFilters$FirstObservedAt": "

An ISO8601-formatted timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.

A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

", "AwsSecurityFindingFilters$LastObservedAt": "

An ISO8601-formatted timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured.

A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

", "AwsSecurityFindingFilters$CreatedAt": "

An ISO8601-formatted timestamp that indicates when the security findings provider captured the potential security issue that a finding captured.

A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

", @@ -4654,6 +4775,7 @@ "FieldMap": { "base": null, "refs": { + "AutomationRulesFindingFieldsUpdate$UserDefinedFields": "

The rule action will update the UserDefinedFields field of a finding.

", "AwsApiCallAction$AffectedResources": "

Identifies the resources that were affected by the API call.

", "AwsApiGatewayCanarySettings$StageVariableOverrides": "

Stage variables that are overridden in the canary release deployment. The variables include new stage variables that are introduced in the canary.

Each variable is represented as a string-to-string map between the stage variable name and the variable value.

", "AwsApiGatewayStageDetails$Variables": "

A map that defines the stage variables for the stage.

Variable names can have alphanumeric and underscore characters.

Variable values can contain the following characters:

", @@ -5173,7 +5295,8 @@ "RuleGroupSourceStatelessRuleMatchAttributesSourcePorts$ToPort": "

The ending port value for the port range.

", "RuleGroupSourceStatelessRulesDetails$Priority": "

Indicates the order in which to run this rule relative to all of the rules in the stateless rule group.

", "Severity$Normalized": "

Deprecated. The normalized severity of a finding. This attribute is being deprecated. Instead of providing Normalized, provide Label.

If you provide Label and do not provide Normalized, then Normalized is set automatically as follows.

", - "Threat$ItemCount": "

This total number of items in which the threat has been detected.

" + "Threat$ItemCount": "

This total number of items in which the threat has been detected.

", + "UnprocessedAutomationRule$ErrorCode": "

The error code associated with the unprocessed automation rule.

" } }, "IntegerList": { @@ -5287,6 +5410,16 @@ "refs": { } }, + "ListAutomationRulesRequest": { + "base": null, + "refs": { + } + }, + "ListAutomationRulesResponse": { + "base": null, + "refs": { + } + }, "ListEnabledProductsForImportRequest": { "base": null, "refs": { @@ -5450,6 +5583,9 @@ "MapFilterList": { "base": null, "refs": { + "AutomationRulesFindingFilters$ResourceTags": "

A list of Amazon Web Services tags associated with a resource at the time the finding was processed.

", + "AutomationRulesFindingFilters$ResourceDetailsOther": "

Custom fields and values about the resource that a finding pertains to.

", + "AutomationRulesFindingFilters$UserDefinedFields": "

A list of user-defined name and value string pairs added to a finding.

", "AwsSecurityFindingFilters$ProductFields": "

A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

", "AwsSecurityFindingFilters$UserDefinedFields": "

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

", "AwsSecurityFindingFilters$ResourceTags": "

A list of Amazon Web Services tags associated with a resource at the time the finding was processed.

", @@ -5467,6 +5603,7 @@ "GetFindingHistoryRequest$MaxResults": "

The maximum number of results to be returned. If you don’t provide it, Security Hub returns up to 100 results of finding history.

", "GetFindingsRequest$MaxResults": "

The maximum number of findings to return.

", "GetInsightsRequest$MaxResults": "

The maximum number of items to return in the response.

", + "ListAutomationRulesRequest$MaxResults": "

The maximum number of rules to return in the response. This currently ranges from 1 to 100.

", "ListEnabledProductsForImportRequest$MaxResults": "

The maximum number of items to return in the response.

", "ListFindingAggregatorsRequest$MaxResults": "

The maximum number of results to return. This operation currently only returns a single result.

", "ListSecurityControlDefinitionsRequest$MaxResults": "

An optional parameter that limits the total results of the API response to the specified number. If this parameter isn't provided in the request, the results include the first 25 security controls that apply to the specified standard. The results also include a NextToken parameter that you can use in a subsequent API call to get the next 25 controls. This repeats until all controls for the standard are returned.

", @@ -5550,6 +5687,8 @@ "GetFindingsResponse$NextToken": "

The pagination token to use to request the next page of results.

", "GetInsightsRequest$NextToken": "

The token that is required for pagination. On your first call to the GetInsights operation, set the value of this parameter to NULL.

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

", "GetInsightsResponse$NextToken": "

The pagination token to use to request the next page of results.

", + "ListAutomationRulesRequest$NextToken": "

A token to specify where to start paginating the response. This is the NextToken from a previously truncated response. On your first call to the ListAutomationRules API, set the value of this parameter to NULL.

", + "ListAutomationRulesResponse$NextToken": "

A pagination token for the response.

", "ListEnabledProductsForImportRequest$NextToken": "

The token that is required for pagination. On your first call to the ListEnabledProductsForImport operation, set the value of this parameter to NULL.

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

", "ListEnabledProductsForImportResponse$NextToken": "

The pagination token to use to request the next page of results.

", "ListFindingAggregatorsRequest$NextToken": "

The token returned with the previous set of results. Identifies the next set of results to return.

", @@ -5594,6 +5733,15 @@ "AssociationSetDetails$SubnetId": "

The ID of the subnet. A subnet ID is not returned for an implicit association.

", "AssociationStateDetails$State": "

The state of the association.

", "AssociationStateDetails$StatusMessage": "

The status message, if applicable.

", + "AutomationRulesArnsList$member": null, + "AutomationRulesConfig$RuleArn": "

The Amazon Resource Name (ARN) of a rule.

", + "AutomationRulesConfig$RuleName": "

The name of the rule.

", + "AutomationRulesConfig$Description": "

A description of the rule.

", + "AutomationRulesConfig$CreatedBy": "

The principal that created a rule.

", + "AutomationRulesMetadata$RuleArn": "

The Amazon Resource Name (ARN) for the rule.

", + "AutomationRulesMetadata$RuleName": "

The name of the rule.

", + "AutomationRulesMetadata$Description": "

A description of the rule.

", + "AutomationRulesMetadata$CreatedBy": "

The principal that created a rule.

", "AvailabilityZone$ZoneName": "

The name of the Availability Zone.

", "AvailabilityZone$SubnetId": "

The ID of the subnet. You can specify one subnet per Availability Zone.

", "AwsAmazonMqBrokerDetails$AuthenticationStrategy": "

The authentication strategy used to secure the broker. The default is SIMPLE.

", @@ -6815,6 +6963,9 @@ "CreateActionTargetRequest$Description": "

The description for the custom action target.

", "CreateActionTargetRequest$Id": "

The ID for the custom action target. Can contain up to 20 alphanumeric characters.

", "CreateActionTargetResponse$ActionTargetArn": "

The Amazon Resource Name (ARN) for the custom action target.

", + "CreateAutomationRuleRequest$RuleName": "

The name of the rule.

", + "CreateAutomationRuleRequest$Description": "

A description of the rule.

", + "CreateAutomationRuleResponse$RuleArn": "

The Amazon Resource Name (ARN) of the automation rule that you created.

", "CreateFindingAggregatorRequest$RegionLinkingMode": "

Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.

The selected option also determines how to use the Regions provided in the Regions list.

The options are as follows:

", "CreateFindingAggregatorResponse$FindingAggregatorArn": "

The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and stop finding aggregation.

", "CreateFindingAggregatorResponse$FindingAggregationRegion": "

The aggregation Region.

", @@ -7062,6 +7213,8 @@ "ThreatIntelIndicator$Source": "

The source of the threat intelligence indicator.

", "ThreatIntelIndicator$SourceUrl": "

The URL to the page or site where you can get more information about the threat intelligence indicator.

", "TypeList$member": null, + "UnprocessedAutomationRule$RuleArn": "

The Amazon Resource Name (ARN) for the unprocessed automation rule.

", + "UnprocessedAutomationRule$ErrorMessage": "

An error message describing why a request didn't process a specific rule.

", "UnprocessedSecurityControl$SecurityControlId": "

The control (identified with SecurityControlId, SecurityControlArn, or a mix of both parameters) for which a response couldn't be returned.

", "UnprocessedSecurityControl$ErrorReason": "

The reason why the security control was unprocessed.

", "UnprocessedStandardsControlAssociation$ErrorReason": "

The reason why the standard and control association was unprocessed.

", @@ -7069,6 +7222,9 @@ "UpdateActionTargetRequest$ActionTargetArn": "

The ARN of the custom action target to update.

", "UpdateActionTargetRequest$Name": "

The updated name of the custom action target.

", "UpdateActionTargetRequest$Description": "

The updated description for the custom action target.

", + "UpdateAutomationRulesRequestItem$RuleArn": "

The Amazon Resource Name (ARN) for the rule.

", + "UpdateAutomationRulesRequestItem$Description": "

A description of the rule.

", + "UpdateAutomationRulesRequestItem$RuleName": "

The name of the rule.

", "UpdateFindingAggregatorRequest$FindingAggregatorArn": "

The ARN of the finding aggregator. To obtain the ARN, use ListFindingAggregators.

", "UpdateFindingAggregatorRequest$RegionLinkingMode": "

Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.

The selected option also determines how to use the Regions provided in the Regions list.

The options are as follows:

", "UpdateFindingAggregatorResponse$FindingAggregatorArn": "

The ARN of the finding aggregator.

", @@ -7188,6 +7344,7 @@ "NoteUpdate": { "base": "

The updated note.

", "refs": { + "AutomationRulesFindingFieldsUpdate$Note": null, "BatchUpdateFindingsRequest$Note": null, "UpdateFindingsRequest$Note": "

The updated note for the finding.

" } @@ -7201,6 +7358,8 @@ "NumberFilterList": { "base": null, "refs": { + "AutomationRulesFindingFilters$Confidence": "

The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see Confidence in the Security Hub User Guide.

", + "AutomationRulesFindingFilters$Criticality": "

The level of importance that is assigned to the resources that are associated with a finding. Criticality is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. For more information, see Criticality in the Security Hub User Guide.

", "AwsSecurityFindingFilters$SeverityProduct": "

The native severity as defined by the security findings provider's solution that generated the finding.

", "AwsSecurityFindingFilters$SeverityNormalized": "

The normalized severity of a finding.

", "AwsSecurityFindingFilters$Confidence": "

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

", @@ -7335,6 +7494,8 @@ "RatioScale": { "base": null, "refs": { + "AutomationRulesFindingFieldsUpdate$Confidence": "

The rule action will update the Confidence field of a finding.

", + "AutomationRulesFindingFieldsUpdate$Criticality": "

The rule action will update the Criticality field of a finding.

", "BatchUpdateFindingsRequest$Confidence": "

The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

", "BatchUpdateFindingsRequest$Criticality": "

The updated value for the level of importance assigned to the resources associated with the findings.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

", "FindingProviderFields$Confidence": "

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

", @@ -7382,6 +7543,7 @@ "RelatedFindingList": { "base": null, "refs": { + "AutomationRulesFindingFieldsUpdate$RelatedFindings": "

A list of findings that are related to a finding.

", "AwsSecurityFinding$RelatedFindings": "

A list of related findings.

", "BatchUpdateFindingsRequest$RelatedFindings": "

A list of findings that are related to the updated findings.

", "FindingProviderFields$RelatedFindings": "

A list of findings that are related to the current finding.

" @@ -7647,6 +7809,24 @@ "RuleGroupVariables$PortSets": "

A list of port ranges.

" } }, + "RuleOrderValue": { + "base": null, + "refs": { + "AutomationRulesConfig$RuleOrder": "

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

", + "AutomationRulesMetadata$RuleOrder": "

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

", + "CreateAutomationRuleRequest$RuleOrder": "

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

", + "UpdateAutomationRulesRequestItem$RuleOrder": "

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

" + } + }, + "RuleStatus": { + "base": null, + "refs": { + "AutomationRulesConfig$RuleStatus": "

Whether the rule is active after it is created. If this parameter is equal to >ENABLED, Security Hub will apply the rule to findings and finding updates after the rule is created.

", + "AutomationRulesMetadata$RuleStatus": "

Whether the rule is active after it is created. If this parameter is equal to ENABLED, Security Hub will apply the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.

", + "CreateAutomationRuleRequest$RuleStatus": "

Whether the rule is active after it is created. If this parameter is equal to Enabled, Security Hub will apply the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.

", + "UpdateAutomationRulesRequestItem$RuleStatus": "

Whether the rule is active after it is created. If this parameter is equal to ENABLED, Security Hub will apply the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.

" + } + }, "SecurityControl": { "base": "

A security control in Security Hub describes a security best practice related to a specific resource.

", "refs": { @@ -7726,6 +7906,7 @@ "SeverityUpdate": { "base": "

Updates to the severity information for a finding.

", "refs": { + "AutomationRulesFindingFieldsUpdate$Severity": null, "BatchUpdateFindingsRequest$Severity": "

Used to update the finding severity.

" } }, @@ -7962,6 +8143,31 @@ "StringFilterList": { "base": null, "refs": { + "AutomationRulesFindingFilters$ProductArn": "

The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.

", + "AutomationRulesFindingFilters$AwsAccountId": "

The Amazon Web Services account ID in which a finding was generated.

", + "AutomationRulesFindingFilters$Id": "

The product-specific identifier for a finding.

", + "AutomationRulesFindingFilters$GeneratorId": "

The identifier for the solution-specific component that generated a finding.

", + "AutomationRulesFindingFilters$Type": "

One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see Types taxonomy for ASFF in the Security Hub User Guide.

", + "AutomationRulesFindingFilters$Title": "

A finding's title.

", + "AutomationRulesFindingFilters$Description": "

A finding's description.

", + "AutomationRulesFindingFilters$SourceUrl": "

Provides a URL that links to a page about the current finding in the finding product.

", + "AutomationRulesFindingFilters$ProductName": "

Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.

", + "AutomationRulesFindingFilters$CompanyName": "

The name of the company for the product that generated the finding. For control-based findings, the company is Amazon Web Services.

", + "AutomationRulesFindingFilters$SeverityLabel": "

The severity value of the finding.

", + "AutomationRulesFindingFilters$ResourceType": "

The type of resource that the finding pertains to.

", + "AutomationRulesFindingFilters$ResourceId": "

The identifier for the given resource type. For Amazon Web Services resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For Amazon Web Services resources that lack ARNs, this is the identifier as defined by the Amazon Web Service that created the resource. For non-Amazon Web Services resources, this is a unique identifier that is associated with the resource.

", + "AutomationRulesFindingFilters$ResourcePartition": "

The partition in which the resource that the finding pertains to is located. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.

", + "AutomationRulesFindingFilters$ResourceRegion": "

The Amazon Web Services Region where the resource that a finding pertains to is located.

", + "AutomationRulesFindingFilters$ComplianceStatus": "

The result of a security check. This field is only used for findings generated from controls.

", + "AutomationRulesFindingFilters$ComplianceSecurityControlId": "

The security control ID for which a finding was generated. Security control IDs are the same across standards.

", + "AutomationRulesFindingFilters$ComplianceAssociatedStandardsId": "

The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the DescribeStandards API response.

", + "AutomationRulesFindingFilters$VerificationState": "

Provides the veracity of a finding.

", + "AutomationRulesFindingFilters$WorkflowStatus": "

Provides information about the status of the investigation into a finding.

", + "AutomationRulesFindingFilters$RecordState": "

Provides the current state of a finding.

", + "AutomationRulesFindingFilters$RelatedFindingsProductArn": "

The ARN for the product that generated a related finding.

", + "AutomationRulesFindingFilters$RelatedFindingsId": "

The product-generated identifier for a related finding.

", + "AutomationRulesFindingFilters$NoteText": "

The text of a user-defined note that's added to a finding.

", + "AutomationRulesFindingFilters$NoteUpdatedBy": "

The principal that created a note.

", "AwsSecurityFindingFilters$ProductArn": "

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

", "AwsSecurityFindingFilters$AwsAccountId": "

The Amazon Web Services account ID that a finding is generated in.

", "AwsSecurityFindingFilters$Id": "

The security findings provider-specific identifier for a finding.

", @@ -8087,6 +8293,7 @@ "TagMap": { "base": null, "refs": { + "CreateAutomationRuleRequest$Tags": "

User-defined tags that help you label the purpose of a rule.

", "EnableSecurityHubRequest$Tags": "

The tags to add to the hub resource when you enable Security Hub.

", "ListTagsForResourceResponse$Tags": "

The tags associated with a resource.

", "TagResourceRequest$Tags": "

The tags to add to the resource. You can add up to 50 tags at a time. The tag keys can be no longer than 128 characters. The tag values can be no longer than 256 characters.

" @@ -8147,6 +8354,10 @@ "Timestamp": { "base": null, "refs": { + "AutomationRulesConfig$CreatedAt": "

A timestamp that indicates when the rule was created.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesConfig$UpdatedAt": "

A timestamp that indicates when the rule was most recently updated.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesMetadata$CreatedAt": "

A timestamp that indicates when the rule was created.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", + "AutomationRulesMetadata$UpdatedAt": "

A timestamp that indicates when the rule was most recently updated.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

", "FindingHistoryRecord$UpdateTime": "

An ISO 8601-formatted timestamp that indicates when Security Hub processed the updated finding record.

A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

", "GetFindingHistoryRequest$StartTime": "

An ISO 8601-formatted timestamp that indicates the start time of the requested finding history. A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

", "GetFindingHistoryRequest$EndTime": "

An ISO 8601-formatted timestamp that indicates the end time of the requested finding history. A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

", @@ -8161,11 +8372,26 @@ "TypeList": { "base": null, "refs": { + "AutomationRulesFindingFieldsUpdate$Types": "

The rule action will update the Types field of a finding.

", "AwsSecurityFinding$Types": "

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

", "BatchUpdateFindingsRequest$Types": "

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are as follows.

", "FindingProviderFields$Types": "

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

" } }, + "UnprocessedAutomationRule": { + "base": "

A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter tells you which automation rules the request didn't process and why.

", + "refs": { + "UnprocessedAutomationRulesList$member": null + } + }, + "UnprocessedAutomationRulesList": { + "base": null, + "refs": { + "BatchDeleteAutomationRulesResponse$UnprocessedAutomationRules": "

A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter tells you which automation rules the request didn't delete and why.

", + "BatchGetAutomationRulesResponse$UnprocessedAutomationRules": "

A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter tells you which automation rules the request didn't retrieve and why.

", + "BatchUpdateAutomationRulesResponse$UnprocessedAutomationRules": "

A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter tells you which automation rules the request didn't update and why.

" + } + }, "UnprocessedErrorCode": { "base": null, "refs": { @@ -8230,6 +8456,18 @@ "refs": { } }, + "UpdateAutomationRulesRequestItem": { + "base": "

Specifies the parameters to update in an existing automation rule.

", + "refs": { + "UpdateAutomationRulesRequestItemsList$member": null + } + }, + "UpdateAutomationRulesRequestItemsList": { + "base": null, + "refs": { + "BatchUpdateAutomationRulesRequest$UpdateAutomationRulesRequestItems": "

An array of ARNs for the rules that are to be updated. Optionally, you can also include RuleStatus and RuleOrder.

" + } + }, "UpdateFindingAggregatorRequest": { "base": null, "refs": { @@ -8293,6 +8531,7 @@ "VerificationState": { "base": null, "refs": { + "AutomationRulesFindingFieldsUpdate$VerificationState": "

The rule action will update the VerificationState field of a finding.

", "AwsSecurityFinding$VerificationState": "

Indicates the veracity of a finding.

", "BatchUpdateFindingsRequest$VerificationState": "

Indicates the veracity of a finding.

The available values for VerificationState are as follows.

" } @@ -8409,6 +8648,7 @@ "WorkflowUpdate": { "base": "

Used to update information about the investigation into the finding.

", "refs": { + "AutomationRulesFindingFieldsUpdate$Workflow": null, "BatchUpdateFindingsRequest$Workflow": "

Used to update the workflow status of a finding.

The workflow status indicates the progress of the investigation into the finding.

" } } diff --git a/models/apis/securityhub/2018-10-26/examples-1.json b/models/apis/securityhub/2018-10-26/examples-1.json index df1fd0c5de1..84a9121efbd 100644 --- a/models/apis/securityhub/2018-10-26/examples-1.json +++ b/models/apis/securityhub/2018-10-26/examples-1.json @@ -18,6 +18,37 @@ "title": "To accept an invitation be a member account" } ], + "BatchDeleteAutomationRules": [ + { + "input": { + "AutomationRulesArns": [ + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" + ] + }, + "output": { + "ProcessedAutomationRules": [ + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + ], + "UnprocessedAutomationRules": [ + { + "ErrorCode": 500, + "ErrorMessage": "InternalException", + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" + } + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example deletes the specified automation rules.", + "id": "to-delete-one-or-more-automation-rules-1684769550318", + "title": "To delete one or more automation rules" + } + ], "BatchDisableStandards": [ { "input": { @@ -78,6 +109,105 @@ "title": "To enable security standards" } ], + "BatchGetAutomationRules": [ + { + "input": { + "AutomationRulesArns": [ + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" + ] + }, + "output": { + "Rules": [ + { + "Actions": [ + { + "FindingFieldsUpdate": { + "Workflow": { + "Status": "RESOLVED" + } + }, + "Type": "FINDING_FIELDS_UPDATE" + } + ], + "CreatedAt": "2022-08-31T01:52:33.250Z", + "CreatedBy": "AROAJURBUYQQNL5OL2TIM:TEST-16MJ75L9VBK14", + "Criteria": { + "AwsAccountId": [ + { + "Comparison": "EQUALS", + "Value": "111122223333" + } + ], + "FirstObservedAt": [ + { + "DateRange": { + "Unit": "DAYS", + "Value": 5 + } + } + ], + "Type": [ + { + "Comparison": "EQUALS", + "Value": "Software and Configuration Checks/Industry and Regulatory Standards" + } + ] + }, + "Description": "sample rule description 1", + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "RuleName": "sample-rule-name-1", + "RuleOrder": 1, + "RuleStatus": "ENABLED", + "UpdatedAt": "2022-08-31T01:52:33.250Z" + }, + { + "Actions": [ + { + "FindingFieldsUpdate": { + "Workflow": { + "Status": "RESOLVED" + } + }, + "Type": "FINDING_FIELDS_UPDATE" + } + ], + "CreatedAt": "2022-08-31T01:52:33.250Z", + "CreatedBy": "AROAJURBUYQQNL5OL2TIM:TEST-16MJ75L9VBK14", + "Criteria": { + "ResourceType": [ + { + "Comparison": "EQUALS", + "Value": "Ec2Instance" + } + ], + "SeverityLabel": [ + { + "Comparison": "EQUALS", + "Value": "INFORMATIONAL" + } + ] + }, + "Description": "Sample rule description 2", + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "RuleName": "sample-rule-name-2", + "RuleOrder": 2, + "RuleStatus": "ENABLED", + "UpdatedAt": "2022-08-31T01:52:33.250Z" + } + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example updates the specified automation rules.", + "id": "to-update-one-ore-more-automation-rules-1684771025347", + "title": "To update one ore more automation rules" + } + ], "BatchGetSecurityControls": [ { "input": { @@ -224,6 +354,38 @@ "title": "To import security findings from a third party provider to Security Hub" } ], + "BatchUpdateAutomationRules": [ + { + "input": { + "UpdateAutomationRulesRequestItems": [ + { + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "RuleOrder": 15, + "RuleStatus": "ENABLED" + }, + { + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "RuleStatus": "DISABLED" + } + ] + }, + "output": { + "ProcessedAutomationRules": [ + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example updates the specified automation rules.", + "id": "to-update-one-ore-more-automation-rules-1684771025347", + "title": "To update one ore more automation rules" + } + ], "BatchUpdateFindings": [ { "input": { @@ -353,6 +515,78 @@ "title": "To create a custom action target" } ], + "CreateAutomationRule": [ + { + "input": { + "Actions": [ + { + "FindingFieldsUpdate": { + "Note": { + "Text": "This is a critical S3 bucket, please look into this ASAP", + "UpdatedBy": "test-user" + }, + "Severity": { + "Label": "CRITICAL" + } + }, + "Type": "FINDING_FIELDS_UPDATE" + } + ], + "Criteria": { + "ComplianceStatus": [ + { + "Comparison": "EQUALS", + "Value": "FAILED" + } + ], + "ProductName": [ + { + "Comparison": "EQUALS", + "Value": "Security Hub" + } + ], + "RecordState": [ + { + "Comparison": "EQUALS", + "Value": "ACTIVE" + } + ], + "ResourceId": [ + { + "Comparison": "EQUALS", + "Value": "arn:aws:s3:::examplebucket/developers/design_info.doc" + } + ], + "WorkflowStatus": [ + { + "Comparison": "EQUALS", + "Value": "NEW" + } + ] + }, + "Description": "Elevate finding severity to Critical for important resources", + "IsTerminal": false, + "RuleName": "Elevate severity for important resources", + "RuleOrder": 1, + "RuleStatus": "ENABLED", + "Tags": { + "important-resources-rule": "s3-bucket" + } + }, + "output": { + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example creates an automation rule.", + "id": "to-create-an-automation-rule-1684768393507", + "title": "To create an automation rule" + } + ], "CreateFindingAggregator": [ { "input": { @@ -1292,6 +1526,48 @@ "title": "To invite accounts to become members" } ], + "ListAutomationRules": [ + { + "input": { + "MaxResults": 2, + "NextToken": "example-token" + }, + "output": { + "AutomationRulesMetadata": [ + { + "CreatedAt": "2022-08-31T01:52:33.250Z", + "CreatedBy": "AROAJURBUYQQNL5OL2TIM:TEST-16MJ75L9VBK14", + "Description": "IAM.8 is a known issue and can be resolved", + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "RuleName": "sample-rule-name-1", + "RuleOrder": 1, + "RuleStatus": "ENABLED", + "UpdatedAt": "2022-08-31T01:52:33.250Z" + }, + { + "CreatedAt": "2022-08-31T01:52:33.250Z", + "CreatedBy": "AROAJURBUYQQNL5OL2TIM:TEST-16MJ75L9VBK14", + "Description": "Lambda.2 is a known issue and can be resolved", + "RuleArn": "arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "RuleName": "sample-rule-name-2", + "RuleOrder": 2, + "RuleStatus": "ENABLED", + "UpdatedAt": "2022-08-31T01:52:33.250Z" + } + ], + "NextToken": "example-token" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example lists automation rules and rule metadata in the calling account.", + "id": "to-list-automation-rules-1684770582059", + "title": "To list automation rules" + } + ], "ListEnabledProductsForImport": [ { "output": { diff --git a/models/apis/simspaceweaver/2022-10-28/api-2.json b/models/apis/simspaceweaver/2022-10-28/api-2.json index 70392b75d05..2d0423a08b6 100644 --- a/models/apis/simspaceweaver/2022-10-28/api-2.json +++ b/models/apis/simspaceweaver/2022-10-28/api-2.json @@ -609,7 +609,7 @@ "type":"string", "max":1600, "min":0, - "pattern":"^arn:(?:aws|aws-cn):log-group:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:role\\/(.+)$" + "pattern":"^arn:(?:aws|aws-cn|aws-us-gov):log-group:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:role\\/(.+)$" }, "LoggingConfiguration":{ "type":"structure", @@ -659,7 +659,7 @@ "type":"string", "max":1600, "min":0, - "pattern":"^arn:(?:aws|aws-cn):iam::(\\d{12})?:role\\/(.+)$" + "pattern":"^arn:(?:aws|aws-cn|aws-us-gov):iam::(\\d{12})?:role\\/(.+)$" }, "S3Destination":{ "type":"structure", @@ -690,7 +690,7 @@ "type":"string", "max":1600, "min":0, - "pattern":"^arn:(?:aws|aws-cn):simspaceweaver:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:([a-z]+)\\/(.+)$" + "pattern":"^arn:(?:aws|aws-cn|aws-us-gov):simspaceweaver:([a-z]{2}-[a-z]+-\\d{1}):(\\d{12})?:([a-z]+)\\/(.+)$" }, "SimSpaceWeaverLongResourceName":{ "type":"string", diff --git a/models/apis/simspaceweaver/2022-10-28/docs-2.json b/models/apis/simspaceweaver/2022-10-28/docs-2.json index 3d5ab139b24..7efefd163b8 100644 --- a/models/apis/simspaceweaver/2022-10-28/docs-2.json +++ b/models/apis/simspaceweaver/2022-10-28/docs-2.json @@ -289,7 +289,7 @@ "S3Destination": { "base": "

An Amazon S3 bucket and optional folder (object key prefix) where SimSpace Weaver creates a file.

", "refs": { - "CreateSnapshotInput$Destination": "

The Amazon S3 bucket and optional folder (object key prefix) where SimSpace Weaver creates the snapshot file.

" + "CreateSnapshotInput$Destination": "

The Amazon S3 bucket and optional folder (object key prefix) where SimSpace Weaver creates the snapshot file.

The Amazon S3 bucket must be in the same Amazon Web Services Region as the simulation.

" } }, "S3Location": { @@ -298,7 +298,7 @@ "DescribeSimulationOutput$SchemaS3Location": "

The location of the simulation schema in Amazon Simple Storage Service (Amazon S3). For more information about Amazon S3, see the Amazon Simple Storage Service User Guide .

", "DescribeSimulationOutput$SnapshotS3Location": null, "StartSimulationInput$SchemaS3Location": "

The location of the simulation schema in Amazon Simple Storage Service (Amazon S3). For more information about Amazon S3, see the Amazon Simple Storage Service User Guide .

Provide a SchemaS3Location to start your simulation from a schema.

If you provide a SchemaS3Location then you can't provide a SnapshotS3Location.

", - "StartSimulationInput$SnapshotS3Location": "

The location of the snapshot .zip file in Amazon Simple Storage Service (Amazon S3). For more information about Amazon S3, see the Amazon Simple Storage Service User Guide .

Provide a SnapshotS3Location to start your simulation from a snapshot.

If you provide a SnapshotS3Location then you can't provide a SchemaS3Location.

" + "StartSimulationInput$SnapshotS3Location": "

The location of the snapshot .zip file in Amazon Simple Storage Service (Amazon S3). For more information about Amazon S3, see the Amazon Simple Storage Service User Guide .

Provide a SnapshotS3Location to start your simulation from a snapshot.

The Amazon S3 bucket must be in the same Amazon Web Services Region as the simulation.

If you provide a SnapshotS3Location then you can't provide a SchemaS3Location.

" } }, "ServiceQuotaExceededException": { diff --git a/models/apis/simspaceweaver/2022-10-28/endpoint-tests-1.json b/models/apis/simspaceweaver/2022-10-28/endpoint-tests-1.json index d44d3bd03f2..38383d6e5e0 100644 --- a/models/apis/simspaceweaver/2022-10-28/endpoint-tests-1.json +++ b/models/apis/simspaceweaver/2022-10-28/endpoint-tests-1.json @@ -8,9 +8,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-gov-east-1" } }, { @@ -21,9 +21,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-gov-east-1" } }, { @@ -34,9 +34,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-gov-east-1" } }, { @@ -47,9 +47,9 @@ } }, "params": { - "Region": "us-gov-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-gov-east-1" } }, { @@ -60,9 +60,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "cn-north-1" } }, { @@ -73,9 +73,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "cn-north-1" } }, { @@ -86,9 +86,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "cn-north-1" } }, { @@ -99,9 +99,9 @@ } }, "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "cn-north-1" } }, { @@ -110,9 +110,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-iso-east-1" } }, { @@ -123,9 +123,9 @@ } }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-iso-east-1" } }, { @@ -134,9 +134,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-iso-east-1" } }, { @@ -147,9 +147,9 @@ } }, "params": { - "Region": "us-iso-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-iso-east-1" } }, { @@ -160,9 +160,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-east-1" } }, { @@ -173,9 +173,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-east-1" } }, { @@ -186,9 +186,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-east-1" } }, { @@ -199,9 +199,9 @@ } }, "params": { - "Region": "us-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-east-1" } }, { @@ -210,9 +210,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": true + "Region": "us-isob-east-1" } }, { @@ -223,9 +223,9 @@ } }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": false + "Region": "us-isob-east-1" } }, { @@ -234,9 +234,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": true + "Region": "us-isob-east-1" } }, { @@ -247,9 +247,9 @@ } }, "params": { - "Region": "us-isob-east-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-isob-east-1" } }, { @@ -260,9 +260,9 @@ } }, "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -272,9 +272,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", - "UseFIPS": true, "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -284,9 +284,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1", "Endpoint": "https://example.com" } } diff --git a/models/apis/verifiedpermissions/2021-12-01/api-2.json b/models/apis/verifiedpermissions/2021-12-01/api-2.json new file mode 100644 index 00000000000..ab49db3fdf8 --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/api-2.json @@ -0,0 +1,1688 @@ +{ + "version":"2.0", + "metadata":{ + "apiVersion":"2021-12-01", + "endpointPrefix":"verifiedpermissions", + "jsonVersion":"1.0", + "protocol":"json", + "serviceFullName":"Amazon Verified Permissions", + "serviceId":"VerifiedPermissions", + "signatureVersion":"v4", + "signingName":"verifiedpermissions", + "targetPrefix":"VerifiedPermissions", + "uid":"verifiedpermissions-2021-12-01" + }, + "operations":{ + "CreateIdentitySource":{ + "name":"CreateIdentitySource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateIdentitySourceInput"}, + "output":{"shape":"CreateIdentitySourceOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "CreatePolicy":{ + "name":"CreatePolicy", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreatePolicyInput"}, + "output":{"shape":"CreatePolicyOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "CreatePolicyStore":{ + "name":"CreatePolicyStore", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreatePolicyStoreInput"}, + "output":{"shape":"CreatePolicyStoreOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "CreatePolicyTemplate":{ + "name":"CreatePolicyTemplate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreatePolicyTemplateInput"}, + "output":{"shape":"CreatePolicyTemplateOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "DeleteIdentitySource":{ + "name":"DeleteIdentitySource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteIdentitySourceInput"}, + "output":{"shape":"DeleteIdentitySourceOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "DeletePolicy":{ + "name":"DeletePolicy", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeletePolicyInput"}, + "output":{"shape":"DeletePolicyOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "DeletePolicyStore":{ + "name":"DeletePolicyStore", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeletePolicyStoreInput"}, + "output":{"shape":"DeletePolicyStoreOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "DeletePolicyTemplate":{ + "name":"DeletePolicyTemplate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeletePolicyTemplateInput"}, + "output":{"shape":"DeletePolicyTemplateOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "GetIdentitySource":{ + "name":"GetIdentitySource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetIdentitySourceInput"}, + "output":{"shape":"GetIdentitySourceOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "GetPolicy":{ + "name":"GetPolicy", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetPolicyInput"}, + "output":{"shape":"GetPolicyOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "GetPolicyStore":{ + "name":"GetPolicyStore", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetPolicyStoreInput"}, + "output":{"shape":"GetPolicyStoreOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "GetPolicyTemplate":{ + "name":"GetPolicyTemplate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetPolicyTemplateInput"}, + "output":{"shape":"GetPolicyTemplateOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "GetSchema":{ + "name":"GetSchema", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetSchemaInput"}, + "output":{"shape":"GetSchemaOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "IsAuthorized":{ + "name":"IsAuthorized", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"IsAuthorizedInput"}, + "output":{"shape":"IsAuthorizedOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "IsAuthorizedWithToken":{ + "name":"IsAuthorizedWithToken", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"IsAuthorizedWithTokenInput"}, + "output":{"shape":"IsAuthorizedWithTokenOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "ListIdentitySources":{ + "name":"ListIdentitySources", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListIdentitySourcesInput"}, + "output":{"shape":"ListIdentitySourcesOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "ListPolicies":{ + "name":"ListPolicies", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListPoliciesInput"}, + "output":{"shape":"ListPoliciesOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "ListPolicyStores":{ + "name":"ListPolicyStores", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListPolicyStoresInput"}, + "output":{"shape":"ListPolicyStoresOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "ListPolicyTemplates":{ + "name":"ListPolicyTemplates", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListPolicyTemplatesInput"}, + "output":{"shape":"ListPolicyTemplatesOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ] + }, + "PutSchema":{ + "name":"PutSchema", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"PutSchemaInput"}, + "output":{"shape":"PutSchemaOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "UpdateIdentitySource":{ + "name":"UpdateIdentitySource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateIdentitySourceInput"}, + "output":{"shape":"UpdateIdentitySourceOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "UpdatePolicy":{ + "name":"UpdatePolicy", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdatePolicyInput"}, + "output":{"shape":"UpdatePolicyOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "UpdatePolicyStore":{ + "name":"UpdatePolicyStore", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdatePolicyStoreInput"}, + "output":{"shape":"UpdatePolicyStoreOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, + "UpdatePolicyTemplate":{ + "name":"UpdatePolicyTemplate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdatePolicyTemplateInput"}, + "output":{"shape":"UpdatePolicyTemplateOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + } + }, + "shapes":{ + "AccessDeniedException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"} + }, + "exception":true + }, + "ActionId":{ + "type":"string", + "max":200, + "min":1, + "pattern":".*" + }, + "ActionIdentifier":{ + "type":"structure", + "required":[ + "actionType", + "actionId" + ], + "members":{ + "actionType":{"shape":"ActionType"}, + "actionId":{"shape":"ActionId"} + } + }, + "ActionType":{ + "type":"string", + "max":200, + "min":1, + "pattern":"Action$|^.+::Action" + }, + "AttributeValue":{ + "type":"structure", + "members":{ + "boolean":{"shape":"BooleanAttribute"}, + "entityIdentifier":{"shape":"EntityIdentifier"}, + "long":{"shape":"LongAttribute"}, + "string":{"shape":"StringAttribute"}, + "set":{"shape":"SetAttribute"}, + "record":{"shape":"RecordAttribute"} + }, + "union":true + }, + "Boolean":{ + "type":"boolean", + "box":true + }, + "BooleanAttribute":{ + "type":"boolean", + "box":true + }, + "ClientId":{ + "type":"string", + "max":255, + "min":1, + "pattern":".*" + }, + "ClientIds":{ + "type":"list", + "member":{"shape":"ClientId"}, + "max":1000, + "min":0 + }, + "CognitoUserPoolConfiguration":{ + "type":"structure", + "required":["userPoolArn"], + "members":{ + "userPoolArn":{"shape":"UserPoolArn"}, + "clientIds":{"shape":"ClientIds"} + } + }, + "Configuration":{ + "type":"structure", + "members":{ + "cognitoUserPoolConfiguration":{"shape":"CognitoUserPoolConfiguration"} + }, + "union":true + }, + "ConflictException":{ + "type":"structure", + "required":[ + "message", + "resources" + ], + "members":{ + "message":{"shape":"String"}, + "resources":{"shape":"ResourceConflictList"} + }, + "exception":true + }, + "ContextDefinition":{ + "type":"structure", + "members":{ + "contextMap":{"shape":"ContextMap"} + }, + "union":true + }, + "ContextMap":{ + "type":"map", + "key":{"shape":"String"}, + "value":{"shape":"AttributeValue"}, + "min":0 + }, + "CreateIdentitySourceInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "configuration" + ], + "members":{ + "clientToken":{ + "shape":"IdempotencyToken", + "idempotencyToken":true + }, + "policyStoreId":{"shape":"PolicyStoreId"}, + "configuration":{"shape":"Configuration"}, + "principalEntityType":{"shape":"PrincipalEntityType"} + } + }, + "CreateIdentitySourceOutput":{ + "type":"structure", + "required":[ + "createdDate", + "identitySourceId", + "lastUpdatedDate", + "policyStoreId" + ], + "members":{ + "createdDate":{"shape":"TimestampFormat"}, + "identitySourceId":{"shape":"IdentitySourceId"}, + "lastUpdatedDate":{"shape":"TimestampFormat"}, + "policyStoreId":{"shape":"PolicyStoreId"} + } + }, + "CreatePolicyInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "definition" + ], + "members":{ + "clientToken":{ + "shape":"IdempotencyToken", + "idempotencyToken":true + }, + "policyStoreId":{"shape":"PolicyStoreId"}, + "definition":{"shape":"PolicyDefinition"} + } + }, + "CreatePolicyOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId", + "policyType", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"}, + "policyType":{"shape":"PolicyType"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "CreatePolicyStoreInput":{ + "type":"structure", + "required":["validationSettings"], + "members":{ + "clientToken":{ + "shape":"IdempotencyToken", + "idempotencyToken":true + }, + "validationSettings":{"shape":"ValidationSettings"} + } + }, + "CreatePolicyStoreOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "arn", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "arn":{"shape":"ResourceArn"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "CreatePolicyTemplateInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "statement" + ], + "members":{ + "clientToken":{ + "shape":"IdempotencyToken", + "idempotencyToken":true + }, + "policyStoreId":{"shape":"PolicyStoreId"}, + "description":{"shape":"PolicyTemplateDescription"}, + "statement":{"shape":"PolicyStatement"} + } + }, + "CreatePolicyTemplateOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "Decision":{ + "type":"string", + "enum":[ + "ALLOW", + "DENY" + ] + }, + "DeleteIdentitySourceInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "identitySourceId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "identitySourceId":{"shape":"IdentitySourceId"} + } + }, + "DeleteIdentitySourceOutput":{ + "type":"structure", + "members":{ + } + }, + "DeletePolicyInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"} + } + }, + "DeletePolicyOutput":{ + "type":"structure", + "members":{ + } + }, + "DeletePolicyStoreInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"} + } + }, + "DeletePolicyStoreOutput":{ + "type":"structure", + "members":{ + } + }, + "DeletePolicyTemplateInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"} + } + }, + "DeletePolicyTemplateOutput":{ + "type":"structure", + "members":{ + } + }, + "DeterminingPolicyItem":{ + "type":"structure", + "required":["policyId"], + "members":{ + "policyId":{"shape":"PolicyId"} + } + }, + "DeterminingPolicyList":{ + "type":"list", + "member":{"shape":"DeterminingPolicyItem"} + }, + "DiscoveryUrl":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"https://.*" + }, + "EntitiesDefinition":{ + "type":"structure", + "members":{ + "entityList":{"shape":"EntityList"} + }, + "union":true + }, + "EntityAttributes":{ + "type":"map", + "key":{"shape":"String"}, + "value":{"shape":"AttributeValue"}, + "min":0 + }, + "EntityId":{ + "type":"string", + "max":200, + "min":1, + "pattern":".*" + }, + "EntityIdentifier":{ + "type":"structure", + "required":[ + "entityType", + "entityId" + ], + "members":{ + "entityType":{"shape":"EntityType"}, + "entityId":{"shape":"EntityId"} + } + }, + "EntityItem":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{"shape":"EntityIdentifier"}, + "attributes":{"shape":"EntityAttributes"}, + "parents":{"shape":"ParentList"} + } + }, + "EntityList":{ + "type":"list", + "member":{"shape":"EntityItem"}, + "min":0 + }, + "EntityReference":{ + "type":"structure", + "members":{ + "unspecified":{"shape":"Boolean"}, + "identifier":{"shape":"EntityIdentifier"} + }, + "union":true + }, + "EntityType":{ + "type":"string", + "max":200, + "min":1, + "pattern":".*" + }, + "EvaluationErrorItem":{ + "type":"structure", + "required":["errorDescription"], + "members":{ + "errorDescription":{"shape":"String"} + } + }, + "EvaluationErrorList":{ + "type":"list", + "member":{"shape":"EvaluationErrorItem"} + }, + "GetIdentitySourceInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "identitySourceId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "identitySourceId":{"shape":"IdentitySourceId"} + } + }, + "GetIdentitySourceOutput":{ + "type":"structure", + "required":[ + "createdDate", + "details", + "identitySourceId", + "lastUpdatedDate", + "policyStoreId", + "principalEntityType" + ], + "members":{ + "createdDate":{"shape":"TimestampFormat"}, + "details":{"shape":"IdentitySourceDetails"}, + "identitySourceId":{"shape":"IdentitySourceId"}, + "lastUpdatedDate":{"shape":"TimestampFormat"}, + "policyStoreId":{"shape":"PolicyStoreId"}, + "principalEntityType":{"shape":"PrincipalEntityType"} + } + }, + "GetPolicyInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"} + } + }, + "GetPolicyOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId", + "policyType", + "definition", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"}, + "policyType":{"shape":"PolicyType"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "definition":{"shape":"PolicyDefinitionDetail"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "GetPolicyStoreInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"} + } + }, + "GetPolicyStoreOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "arn", + "validationSettings", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "arn":{"shape":"ResourceArn"}, + "validationSettings":{"shape":"ValidationSettings"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "GetPolicyTemplateInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"} + } + }, + "GetPolicyTemplateOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId", + "statement", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "description":{"shape":"PolicyTemplateDescription"}, + "statement":{"shape":"PolicyStatement"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "GetSchemaInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"} + } + }, + "GetSchemaOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "schema", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "schema":{"shape":"SchemaJson"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "IdempotencyToken":{ + "type":"string", + "max":64, + "min":1, + "pattern":"[a-zA-Z0-9-]*" + }, + "IdentitySourceDetails":{ + "type":"structure", + "members":{ + "clientIds":{"shape":"ClientIds"}, + "userPoolArn":{"shape":"UserPoolArn"}, + "discoveryUrl":{"shape":"DiscoveryUrl"}, + "openIdIssuer":{"shape":"OpenIdIssuer"} + } + }, + "IdentitySourceFilter":{ + "type":"structure", + "members":{ + "principalEntityType":{"shape":"PrincipalEntityType"} + } + }, + "IdentitySourceFilters":{ + "type":"list", + "member":{"shape":"IdentitySourceFilter"}, + "max":10, + "min":0 + }, + "IdentitySourceId":{ + "type":"string", + "max":200, + "min":1, + "pattern":"[a-zA-Z0-9-]*" + }, + "IdentitySourceItem":{ + "type":"structure", + "required":[ + "createdDate", + "details", + "identitySourceId", + "lastUpdatedDate", + "policyStoreId", + "principalEntityType" + ], + "members":{ + "createdDate":{"shape":"TimestampFormat"}, + "details":{"shape":"IdentitySourceItemDetails"}, + "identitySourceId":{"shape":"IdentitySourceId"}, + "lastUpdatedDate":{"shape":"TimestampFormat"}, + "policyStoreId":{"shape":"PolicyStoreId"}, + "principalEntityType":{"shape":"PrincipalEntityType"} + } + }, + "IdentitySourceItemDetails":{ + "type":"structure", + "members":{ + "clientIds":{"shape":"ClientIds"}, + "userPoolArn":{"shape":"UserPoolArn"}, + "discoveryUrl":{"shape":"DiscoveryUrl"}, + "openIdIssuer":{"shape":"OpenIdIssuer"} + } + }, + "IdentitySources":{ + "type":"list", + "member":{"shape":"IdentitySourceItem"} + }, + "InternalServerException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"} + }, + "exception":true, + "fault":true, + "retryable":{"throttling":false} + }, + "IsAuthorizedInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "principal":{"shape":"EntityIdentifier"}, + "action":{"shape":"ActionIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "context":{"shape":"ContextDefinition"}, + "entities":{"shape":"EntitiesDefinition"} + } + }, + "IsAuthorizedOutput":{ + "type":"structure", + "required":[ + "decision", + "determiningPolicies", + "errors" + ], + "members":{ + "decision":{"shape":"Decision"}, + "determiningPolicies":{"shape":"DeterminingPolicyList"}, + "errors":{"shape":"EvaluationErrorList"} + } + }, + "IsAuthorizedWithTokenInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "identityToken":{"shape":"Token"}, + "accessToken":{"shape":"Token"}, + "action":{"shape":"ActionIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "context":{"shape":"ContextDefinition"}, + "entities":{"shape":"EntitiesDefinition"} + } + }, + "IsAuthorizedWithTokenOutput":{ + "type":"structure", + "required":[ + "decision", + "determiningPolicies", + "errors" + ], + "members":{ + "decision":{"shape":"Decision"}, + "determiningPolicies":{"shape":"DeterminingPolicyList"}, + "errors":{"shape":"EvaluationErrorList"} + } + }, + "ListIdentitySourcesInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "nextToken":{"shape":"NextToken"}, + "maxResults":{"shape":"ListIdentitySourcesMaxResults"}, + "filters":{"shape":"IdentitySourceFilters"} + } + }, + "ListIdentitySourcesMaxResults":{ + "type":"integer", + "box":true, + "max":200, + "min":1 + }, + "ListIdentitySourcesOutput":{ + "type":"structure", + "required":["identitySources"], + "members":{ + "nextToken":{"shape":"NextToken"}, + "identitySources":{"shape":"IdentitySources"} + } + }, + "ListPoliciesInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "nextToken":{"shape":"NextToken"}, + "maxResults":{"shape":"MaxResults"}, + "filter":{"shape":"PolicyFilter"} + } + }, + "ListPoliciesOutput":{ + "type":"structure", + "required":["policies"], + "members":{ + "nextToken":{"shape":"NextToken"}, + "policies":{"shape":"PolicyList"} + } + }, + "ListPolicyStoresInput":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"NextToken"}, + "maxResults":{"shape":"MaxResults"} + } + }, + "ListPolicyStoresOutput":{ + "type":"structure", + "required":["policyStores"], + "members":{ + "nextToken":{"shape":"NextToken"}, + "policyStores":{"shape":"PolicyStoreList"} + } + }, + "ListPolicyTemplatesInput":{ + "type":"structure", + "required":["policyStoreId"], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "nextToken":{"shape":"NextToken"}, + "maxResults":{"shape":"MaxResults"} + } + }, + "ListPolicyTemplatesOutput":{ + "type":"structure", + "required":["policyTemplates"], + "members":{ + "nextToken":{"shape":"NextToken"}, + "policyTemplates":{"shape":"PolicyTemplatesList"} + } + }, + "LongAttribute":{ + "type":"long", + "box":true + }, + "MaxResults":{ + "type":"integer", + "box":true, + "max":20, + "min":1 + }, + "Namespace":{ + "type":"string", + "max":100, + "min":1, + "pattern":".*" + }, + "NamespaceList":{ + "type":"list", + "member":{"shape":"Namespace"} + }, + "NextToken":{ + "type":"string", + "max":8000, + "min":1, + "pattern":"[A-Za-z0-9-_=+/\\.]*" + }, + "OpenIdIssuer":{ + "type":"string", + "enum":["COGNITO"] + }, + "ParentList":{ + "type":"list", + "member":{"shape":"EntityIdentifier"}, + "max":100, + "min":0 + }, + "PolicyDefinition":{ + "type":"structure", + "members":{ + "static":{"shape":"StaticPolicyDefinition"}, + "templateLinked":{"shape":"TemplateLinkedPolicyDefinition"} + }, + "union":true + }, + "PolicyDefinitionDetail":{ + "type":"structure", + "members":{ + "static":{"shape":"StaticPolicyDefinitionDetail"}, + "templateLinked":{"shape":"TemplateLinkedPolicyDefinitionDetail"} + }, + "union":true + }, + "PolicyDefinitionItem":{ + "type":"structure", + "members":{ + "static":{"shape":"StaticPolicyDefinitionItem"}, + "templateLinked":{"shape":"TemplateLinkedPolicyDefinitionItem"} + }, + "union":true + }, + "PolicyFilter":{ + "type":"structure", + "members":{ + "principal":{"shape":"EntityReference"}, + "resource":{"shape":"EntityReference"}, + "policyType":{"shape":"PolicyType"}, + "policyTemplateId":{"shape":"PolicyTemplateId"} + } + }, + "PolicyId":{ + "type":"string", + "max":200, + "min":1, + "pattern":"[a-zA-Z0-9-]*" + }, + "PolicyItem":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId", + "policyType", + "definition", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"}, + "policyType":{"shape":"PolicyType"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "definition":{"shape":"PolicyDefinitionItem"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "PolicyList":{ + "type":"list", + "member":{"shape":"PolicyItem"} + }, + "PolicyStatement":{ + "type":"string", + "max":10000, + "min":1 + }, + "PolicyStoreId":{ + "type":"string", + "max":200, + "min":1, + "pattern":"[a-zA-Z0-9-]*" + }, + "PolicyStoreItem":{ + "type":"structure", + "required":[ + "policyStoreId", + "arn", + "createdDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "arn":{"shape":"ResourceArn"}, + "createdDate":{"shape":"TimestampFormat"} + } + }, + "PolicyStoreList":{ + "type":"list", + "member":{"shape":"PolicyStoreItem"} + }, + "PolicyTemplateDescription":{ + "type":"string", + "max":150, + "min":0 + }, + "PolicyTemplateId":{ + "type":"string", + "max":200, + "min":1, + "pattern":"[a-zA-Z0-9-]*" + }, + "PolicyTemplateItem":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "description":{"shape":"PolicyTemplateDescription"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "PolicyTemplatesList":{ + "type":"list", + "member":{"shape":"PolicyTemplateItem"} + }, + "PolicyType":{ + "type":"string", + "enum":[ + "STATIC", + "TEMPLATE_LINKED" + ] + }, + "PrincipalEntityType":{ + "type":"string", + "max":200, + "min":1, + "pattern":".*" + }, + "PutSchemaInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "definition" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "definition":{"shape":"SchemaDefinition"} + } + }, + "PutSchemaOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "namespaces", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "namespaces":{"shape":"NamespaceList"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "RecordAttribute":{ + "type":"map", + "key":{"shape":"String"}, + "value":{"shape":"AttributeValue"} + }, + "ResourceArn":{ + "type":"string", + "max":2500, + "min":1, + "pattern":"arn:[^:]*:[^:]*:[^:]*:[^:]*:.*" + }, + "ResourceConflict":{ + "type":"structure", + "required":[ + "resourceId", + "resourceType" + ], + "members":{ + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"ResourceType"} + } + }, + "ResourceConflictList":{ + "type":"list", + "member":{"shape":"ResourceConflict"} + }, + "ResourceNotFoundException":{ + "type":"structure", + "required":[ + "message", + "resourceId", + "resourceType" + ], + "members":{ + "message":{"shape":"String"}, + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"ResourceType"} + }, + "exception":true + }, + "ResourceType":{ + "type":"string", + "enum":[ + "IDENTITY_SOURCE", + "POLICY_STORE", + "POLICY", + "POLICY_TEMPLATE", + "SCHEMA" + ] + }, + "SchemaDefinition":{ + "type":"structure", + "members":{ + "cedarJson":{"shape":"SchemaJson"} + }, + "union":true + }, + "SchemaJson":{ + "type":"string", + "max":10000, + "min":1 + }, + "ServiceQuotaExceededException":{ + "type":"structure", + "required":[ + "message", + "resourceType" + ], + "members":{ + "message":{"shape":"String"}, + "resourceId":{"shape":"String"}, + "resourceType":{"shape":"ResourceType"}, + "serviceCode":{"shape":"String"}, + "quotaCode":{"shape":"String"} + }, + "exception":true + }, + "SetAttribute":{ + "type":"list", + "member":{"shape":"AttributeValue"} + }, + "StaticPolicyDefinition":{ + "type":"structure", + "required":["statement"], + "members":{ + "description":{"shape":"StaticPolicyDescription"}, + "statement":{"shape":"PolicyStatement"} + } + }, + "StaticPolicyDefinitionDetail":{ + "type":"structure", + "required":["statement"], + "members":{ + "description":{"shape":"StaticPolicyDescription"}, + "statement":{"shape":"PolicyStatement"} + } + }, + "StaticPolicyDefinitionItem":{ + "type":"structure", + "members":{ + "description":{"shape":"StaticPolicyDescription"} + } + }, + "StaticPolicyDescription":{ + "type":"string", + "max":150, + "min":0 + }, + "String":{"type":"string"}, + "StringAttribute":{"type":"string"}, + "TemplateLinkedPolicyDefinition":{ + "type":"structure", + "required":["policyTemplateId"], + "members":{ + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"} + } + }, + "TemplateLinkedPolicyDefinitionDetail":{ + "type":"structure", + "required":["policyTemplateId"], + "members":{ + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"} + } + }, + "TemplateLinkedPolicyDefinitionItem":{ + "type":"structure", + "required":["policyTemplateId"], + "members":{ + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"} + } + }, + "ThrottlingException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"}, + "serviceCode":{"shape":"String"}, + "quotaCode":{"shape":"String"} + }, + "exception":true, + "retryable":{"throttling":true} + }, + "TimestampFormat":{ + "type":"timestamp", + "timestampFormat":"iso8601" + }, + "Token":{ + "type":"string", + "max":131072, + "min":1, + "pattern":"[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+" + }, + "UpdateCognitoUserPoolConfiguration":{ + "type":"structure", + "required":["userPoolArn"], + "members":{ + "userPoolArn":{"shape":"UserPoolArn"}, + "clientIds":{"shape":"ClientIds"} + } + }, + "UpdateConfiguration":{ + "type":"structure", + "members":{ + "cognitoUserPoolConfiguration":{"shape":"UpdateCognitoUserPoolConfiguration"} + }, + "union":true + }, + "UpdateIdentitySourceInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "identitySourceId", + "updateConfiguration" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "identitySourceId":{"shape":"IdentitySourceId"}, + "updateConfiguration":{"shape":"UpdateConfiguration"}, + "principalEntityType":{"shape":"PrincipalEntityType"} + } + }, + "UpdateIdentitySourceOutput":{ + "type":"structure", + "required":[ + "createdDate", + "identitySourceId", + "lastUpdatedDate", + "policyStoreId" + ], + "members":{ + "createdDate":{"shape":"TimestampFormat"}, + "identitySourceId":{"shape":"IdentitySourceId"}, + "lastUpdatedDate":{"shape":"TimestampFormat"}, + "policyStoreId":{"shape":"PolicyStoreId"} + } + }, + "UpdatePolicyDefinition":{ + "type":"structure", + "members":{ + "static":{"shape":"UpdateStaticPolicyDefinition"} + }, + "union":true + }, + "UpdatePolicyInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId", + "definition" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"}, + "definition":{"shape":"UpdatePolicyDefinition"} + } + }, + "UpdatePolicyOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyId", + "policyType", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyId":{"shape":"PolicyId"}, + "policyType":{"shape":"PolicyType"}, + "principal":{"shape":"EntityIdentifier"}, + "resource":{"shape":"EntityIdentifier"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "UpdatePolicyStoreInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "validationSettings" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "validationSettings":{"shape":"ValidationSettings"} + } + }, + "UpdatePolicyStoreOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "arn", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "arn":{"shape":"ResourceArn"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "UpdatePolicyTemplateInput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId", + "statement" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "description":{"shape":"PolicyTemplateDescription"}, + "statement":{"shape":"PolicyStatement"} + } + }, + "UpdatePolicyTemplateOutput":{ + "type":"structure", + "required":[ + "policyStoreId", + "policyTemplateId", + "createdDate", + "lastUpdatedDate" + ], + "members":{ + "policyStoreId":{"shape":"PolicyStoreId"}, + "policyTemplateId":{"shape":"PolicyTemplateId"}, + "createdDate":{"shape":"TimestampFormat"}, + "lastUpdatedDate":{"shape":"TimestampFormat"} + } + }, + "UpdateStaticPolicyDefinition":{ + "type":"structure", + "required":["statement"], + "members":{ + "description":{"shape":"StaticPolicyDescription"}, + "statement":{"shape":"PolicyStatement"} + } + }, + "UserPoolArn":{ + "type":"string", + "max":255, + "min":1, + "pattern":"arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\\d{12}:userpool/[\\w-]+_[0-9a-zA-Z]+))" + }, + "ValidationException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"}, + "fieldList":{"shape":"ValidationExceptionFieldList"} + }, + "exception":true + }, + "ValidationExceptionField":{ + "type":"structure", + "required":[ + "path", + "message" + ], + "members":{ + "path":{"shape":"String"}, + "message":{"shape":"String"} + } + }, + "ValidationExceptionFieldList":{ + "type":"list", + "member":{"shape":"ValidationExceptionField"} + }, + "ValidationMode":{ + "type":"string", + "enum":[ + "OFF", + "STRICT" + ] + }, + "ValidationSettings":{ + "type":"structure", + "required":["mode"], + "members":{ + "mode":{"shape":"ValidationMode"} + } + } + } +} diff --git a/models/apis/verifiedpermissions/2021-12-01/docs-2.json b/models/apis/verifiedpermissions/2021-12-01/docs-2.json new file mode 100644 index 00000000000..fb6ea7f84ba --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/docs-2.json @@ -0,0 +1,1022 @@ +{ + "version": "2.0", + "service": "

Amazon Verified Permissions is a permissions management service from Amazon Web Services. You can use Verified Permissions to manage permissions for your application, and authorize user access based on those permissions. Using Verified Permissions, application developers can grant access based on information about the users, resources, and requested actions. You can also evaluate additional information like group membership, attributes of the resources, and session context, such as time of request and IP addresses. Verified Permissions manages these permissions by letting you create and store authorization policies for your applications, such as consumer-facing web sites and enterprise business systems.

Verified Permissions uses Cedar as the policy language to express your permission requirements. Cedar supports both role-based access control (RBAC) and attribute-based access control (ABAC) authorization models.

For more information about configuring, administering, and using Amazon Verified Permissions in your applications, see the Amazon Verified Permissions User Guide.

For more information about the Cedar policy language, see the Cedar Policy Language Guide.

When you write Cedar policies that reference principals, resources and actions, you can define the unique identifiers used for each of those elements. We strongly recommend that you follow these best practices:

  • Use values like universally unique identifiers (UUIDs) for all principal and resource identifiers.

    For example, if user jane leaves the company, and you later let someone else use the name jane, then that new user automatically gets access to everything granted by policies that still reference User::\"jane\". Cedar can’t distinguish between the new user and the old. This applies to both principal and resource identifiers. Always use identifiers that are guaranteed unique and never reused to ensure that you don’t unintentionally grant access because of the presence of an old identifier in a policy.

    Where you use a UUID for an entity, we recommend that you follow it with the // comment specifier and the ‘friendly’ name of your entity. This helps to make your policies easier to understand. For example: principal == User::\"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111\", // alice

  • Do not include personally identifying, confidential, or sensitive information as part of the unique identifier for your principals or resources. These identifiers are included in log entries shared in CloudTrail trails.

Several operations return structures that appear similar, but have different purposes. As new functionality is added to the product, the structure used in a parameter of one operation might need to change in a way that wouldn't make sense for the same parameter in a different operation. To help you understand the purpose of each, the following naming convention is used for the structures:

", + "operations": { + "CreateIdentitySource": "

Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP).

After you create an identity source, you can use the identities provided by the IdP as proxies for the principal in authorization queries that use the IsAuthorizedWithToken operation. These identities take the form of tokens that contain claims about the user, such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens and access tokens, and Verified Permissions can use either or both. Any combination of identity and access tokens results in the same Cedar principal. Verified Permissions automatically translates the information about the identities into the standard Cedar attributes that can be evaluated by your policies. Because the Amazon Cognito identity and access tokens can contain different information, the tokens you choose to use determine which principal attributes are available to access when evaluating Cedar policies.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

To reference a user from this identity source in your Cedar policies, use the following syntax.

IdentityType::\"<CognitoUserPoolIdentifier>|<CognitoClientId>

Where IdentityType is the string that you provide to the PrincipalEntityType parameter for this operation. The CognitoUserPoolId and CognitoClientId are defined by the Amazon Cognito user pool.

", + "CreatePolicy": "

Creates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template.

Creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass validation, the operation fails and the policy isn't stored.

", + "CreatePolicyStore": "

Creates a policy store. A policy store is a container for policy resources.

", + "CreatePolicyTemplate": "

Creates a policy template. A template can use placeholders for the principal and resource. A template must be instantiated into a policy by associating it with specific principals and resources to use for the placeholders. That instantiated policy can then be considered in authorization decisions. The instantiated policy works identically to any other policy, except that it is dynamically linked to the template. If the template changes, then any policies that are linked to that template are immediately updated as well.

", + "DeleteIdentitySource": "

Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito. After you delete the identity source, you can no longer use tokens for identities from that identity source to represent principals in authorization queries made using IsAuthorizedWithToken. operations.

", + "DeletePolicy": "

Deletes the specified policy from the policy store.

This operation is idempotent; if you specify a policy that doesn't exist, the request response returns a successful HTTP 200 status code.

", + "DeletePolicyStore": "

Deletes the specified policy store.

This operation is idempotent. If you specify a policy store that does not exist, the request response will still return a successful HTTP 200 status code.

", + "DeletePolicyTemplate": "

Deletes the specified policy template from the policy store.

This operation also deletes any policies that were created from the specified policy template. Those policies are immediately removed from all future API responses, and are asynchronously deleted from the policy store.

", + "GetIdentitySource": "

Retrieves the details about the specified identity source.

", + "GetPolicy": "

Retrieves information about the specified policy.

", + "GetPolicyStore": "

Retrieves details about a policy store.

", + "GetPolicyTemplate": "

Retrieve the details for the specified policy template in the specified policy store.

", + "GetSchema": "

Retrieve the details for the specified schema in the specified policy store.

", + "IsAuthorized": "

Makes an authorization decision about a service request described in the parameters. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

", + "IsAuthorizedWithToken": "

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

", + "ListIdentitySources": "

Returns a paginated list of all of the identity sources defined in the specified policy store.

", + "ListPolicies": "

Returns a paginated list of all policies stored in the specified policy store.

", + "ListPolicyStores": "

Returns a paginated list of all policy stores in the calling Amazon Web Services account.

", + "ListPolicyTemplates": "

Returns a paginated list of all policy templates in the specified policy store.

", + "PutSchema": "

Creates or updates the policy schema in the specified policy store. The schema is used to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.

", + "UpdateIdentitySource": "

Updates the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type.

", + "UpdatePolicy": "

Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition parameter. You can directly update only static policies. To change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate.

If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored.

", + "UpdatePolicyStore": "

Modifies the validation setting for a policy store.

", + "UpdatePolicyTemplate": "

Updates the specified policy template. You can update only the description and the some elements of the policyBody.

Changes you make to the policy template content are immediately reflected in authorization decisions that involve all template-linked policies instantiated from this template.

" + }, + "shapes": { + "AccessDeniedException": { + "base": "

You don't have sufficient access to perform this action.

", + "refs": { + } + }, + "ActionId": { + "base": null, + "refs": { + "ActionIdentifier$actionId": "

The ID of an action.

" + } + }, + "ActionIdentifier": { + "base": "

Contains information about an action for a request for which an authorization decision is made.

This data type is used as an request parameter to the IsAuthorized and IsAuthorizedWithToken operations.

Example: { \"actionId\": \"<action name>\", \"actionType\": \"Action\" }

", + "refs": { + "IsAuthorizedInput$action": "

Specifies the requested action to be authorized. For example, is the principal authorized to perform this action on the resource?

", + "IsAuthorizedWithTokenInput$action": "

Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.

" + } + }, + "ActionType": { + "base": null, + "refs": { + "ActionIdentifier$actionType": "

The type of an action.

" + } + }, + "AttributeValue": { + "base": "

The value of an attribute.

Contains information about the runtime context for a request for which an authorization decision is made.

This data type is used as a member of the ContextDefinition structure which is uses as a request parameter for the IsAuthorized and IsAuthorizedWithToken operations.

", + "refs": { + "ContextMap$value": null, + "EntityAttributes$value": null, + "RecordAttribute$value": null, + "SetAttribute$member": null + } + }, + "Boolean": { + "base": null, + "refs": { + "EntityReference$unspecified": "

Used to indicate that a principal or resource is not specified. This can be used to search for policies that are not associated with a specific principal or resource.

" + } + }, + "BooleanAttribute": { + "base": null, + "refs": { + "AttributeValue$boolean": "

An attribute value of Boolean type.

Example: {\"boolean\": true}

" + } + }, + "ClientId": { + "base": null, + "refs": { + "ClientIds$member": null + } + }, + "ClientIds": { + "base": null, + "refs": { + "CognitoUserPoolConfiguration$clientIds": "

The unique application client IDs that are associated with the specified Amazon Cognito user pool.

Example: \"ClientIds\": [\"&ExampleCogClientId;\"]

", + "IdentitySourceDetails$clientIds": "

The application client IDs associated with the specified Amazon Cognito user pool that are enabled for this identity source.

", + "IdentitySourceItemDetails$clientIds": "

The application client IDs associated with the specified Amazon Cognito user pool that are enabled for this identity source.

", + "UpdateCognitoUserPoolConfiguration$clientIds": "

The client ID of an app client that is configured for the specified Amazon Cognito user pool.

" + } + }, + "CognitoUserPoolConfiguration": { + "base": "

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type is used as a field that is part of an Configuration structure that is used as a parameter to the Configuration.

Example:\"CognitoUserPoolConfiguration\":{\"UserPoolArn\":\"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\",\"ClientIds\": [\"a1b2c3d4e5f6g7h8i9j0kalbmc\"]}

", + "refs": { + "Configuration$cognitoUserPoolConfiguration": "

Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of authenticated identities as entities. It specifies the Amazon Resource Name (ARN) of a Amazon Cognito user pool and one or more application client IDs.

Example: \"configuration\":{\"cognitoUserPoolConfiguration\":{\"userPoolArn\":\"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\",\"clientIds\": [\"a1b2c3d4e5f6g7h8i9j0kalbmc\"]}}

" + } + }, + "Configuration": { + "base": "

Contains configuration information used when creating a new identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a userPoolArn, and optionally, a ClientId.

This data type is used as a request parameter for the CreateIdentitySource operation.

", + "refs": { + "CreateIdentitySourceInput$configuration": "

Specifies the details required to communicate with the identity provider (IdP) associated with this identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a UserPoolArn, and optionally, a ClientId.

" + } + }, + "ConflictException": { + "base": "

The request failed because another request to modify a resource occurred at the same.

", + "refs": { + } + }, + "ContextDefinition": { + "base": "

Contains additional details about the context of the request. Verified Permissions evaluates this information in an authorization request as part of the when and unless clauses in a policy.

This data type is used as a request parameter for the IsAuthorized and IsAuthorizedWithToken operations.

Example: \"context\":{\"Context\":{\"<KeyName1>\":{\"boolean\":true},\"<KeyName2>\":{\"long\":1234}}}

", + "refs": { + "IsAuthorizedInput$context": "

Specifies additional context that can be used to make more granular authorization decisions.

", + "IsAuthorizedWithTokenInput$context": "

Specifies additional context that can be used to make more granular authorization decisions.

" + } + }, + "ContextMap": { + "base": null, + "refs": { + "ContextDefinition$contextMap": "

An list of attributes that are needed to successfully evaluate an authorization request. Each attribute in this array must include a map of a data type and its value.

Example: \"Context\":{\"<KeyName1>\":{\"boolean\":true},\"<KeyName2>\":{\"long\":1234}}

" + } + }, + "CreateIdentitySourceInput": { + "base": null, + "refs": { + } + }, + "CreateIdentitySourceOutput": { + "base": null, + "refs": { + } + }, + "CreatePolicyInput": { + "base": null, + "refs": { + } + }, + "CreatePolicyOutput": { + "base": null, + "refs": { + } + }, + "CreatePolicyStoreInput": { + "base": null, + "refs": { + } + }, + "CreatePolicyStoreOutput": { + "base": null, + "refs": { + } + }, + "CreatePolicyTemplateInput": { + "base": null, + "refs": { + } + }, + "CreatePolicyTemplateOutput": { + "base": null, + "refs": { + } + }, + "Decision": { + "base": null, + "refs": { + "IsAuthorizedOutput$decision": "

An authorization decision that indicates if the authorization request should be allowed or denied.

", + "IsAuthorizedWithTokenOutput$decision": "

An authorization decision that indicates if the authorization request should be allowed or denied.

" + } + }, + "DeleteIdentitySourceInput": { + "base": null, + "refs": { + } + }, + "DeleteIdentitySourceOutput": { + "base": null, + "refs": { + } + }, + "DeletePolicyInput": { + "base": null, + "refs": { + } + }, + "DeletePolicyOutput": { + "base": null, + "refs": { + } + }, + "DeletePolicyStoreInput": { + "base": null, + "refs": { + } + }, + "DeletePolicyStoreOutput": { + "base": null, + "refs": { + } + }, + "DeletePolicyTemplateInput": { + "base": null, + "refs": { + } + }, + "DeletePolicyTemplateOutput": { + "base": null, + "refs": { + } + }, + "DeterminingPolicyItem": { + "base": "

Contains information about one of the policies that determined an authorization decision.

This data type is used as an element in a response parameter for the IsAuthorized and IsAuthorizedWithToken operations.

Example: \"determiningPolicies\":[{\"policyId\":\"SPEXAMPLEabcdefg111111\"}]

", + "refs": { + "DeterminingPolicyList$member": null + } + }, + "DeterminingPolicyList": { + "base": null, + "refs": { + "IsAuthorizedOutput$determiningPolicies": "

The list of determining policies used to make the authorization decision. For example, if there are two matching policies, where one is a forbid and the other is a permit, then the forbid policy will be the determining policy. In the case of multiple matching permit policies then there would be multiple determining policies. In the case that no policies match, and hence the response is DENY, there would be no determining policies.

", + "IsAuthorizedWithTokenOutput$determiningPolicies": "

The list of determining policies used to make the authorization decision. For example, if there are multiple matching policies, where at least one is a forbid policy, then because forbid always overrides permit the forbid policies are the determining policies. If all matching policies are permit policies, then those policies are the determining policies. When no policies match and the response is the default DENY, there are no determining policies.

" + } + }, + "DiscoveryUrl": { + "base": null, + "refs": { + "IdentitySourceDetails$discoveryUrl": "

The well-known URL that points to this user pool's OIDC discovery endpoint. This is a URL string in the following format. This URL replaces the placeholders for both the Amazon Web Services Region and the user pool identifier with those appropriate for this user pool.

https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration

", + "IdentitySourceItemDetails$discoveryUrl": "

The well-known URL that points to this user pool's OIDC discovery endpoint. This is a URL string in the following format. This URL replaces the placeholders for both the Amazon Web Services Region and the user pool identifier with those appropriate for this user pool.

https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration

" + } + }, + "EntitiesDefinition": { + "base": "

Contains the list of entities to be considered during an authorization request. This includes all principals, resources, and actions required to successfully evaluate the request.

This data type is used as a field in the response parameter for the IsAuthorized and IsAuthorizedWithToken operations.

", + "refs": { + "IsAuthorizedInput$entities": "

Specifies the list of entities and their associated attributes that Verified Permissions can examine when evaluating the policies.

", + "IsAuthorizedWithTokenInput$entities": "

Specifies the list of entities and their associated attributes that Verified Permissions can examine when evaluating the policies.

" + } + }, + "EntityAttributes": { + "base": null, + "refs": { + "EntityItem$attributes": "

A list of attributes for the entity.

" + } + }, + "EntityId": { + "base": null, + "refs": { + "EntityIdentifier$entityId": "

The identifier of an entity.

\"entityId\":\"identifier\"

" + } + }, + "EntityIdentifier": { + "base": "

Contains the identifier of an entity, including its ID and type.

This data type is used as a request parameter for IsAuthorized operation, and as a response parameter for the CreatePolicy, GetPolicy, and UpdatePolicy operations.

Example: {\"entityId\":\"string\",\"entityType\":\"string\"}

", + "refs": { + "AttributeValue$entityIdentifier": "

An attribute value of type EntityIdentifier.

Example: \"entityIdentifier\": { \"entityId\": \"<id>\", \"entityType\": \"<entity type>\"}

", + "CreatePolicyOutput$principal": "

The principal specified in the new policy's scope. This response element isn't present when principal isn't specified in the policy content.

", + "CreatePolicyOutput$resource": "

The resource specified in the new policy's scope. This response element isn't present when the resource isn't specified in the policy content.

", + "EntityItem$identifier": "

The identifier of the entity.

", + "EntityReference$identifier": "

The identifier of the entity. It can consist of either an EntityType and EntityId, a principal, or a resource.

", + "GetPolicyOutput$principal": "

The principal specified in the policy's scope. This element isn't included in the response when Principal isn't present in the policy content.

", + "GetPolicyOutput$resource": "

The resource specified in the policy's scope. This element isn't included in the response when Resource isn't present in the policy content.

", + "IsAuthorizedInput$principal": "

Specifies the principal for which the authorization decision is to be made.

", + "IsAuthorizedInput$resource": "

Specifies the resource for which the authorization decision is to be made.

", + "IsAuthorizedWithTokenInput$resource": "

Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?

", + "ParentList$member": null, + "PolicyItem$principal": "

The principal associated with the policy.

", + "PolicyItem$resource": "

The resource associated with the policy.

", + "TemplateLinkedPolicyDefinition$principal": "

The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the ?principal placeholder in the policy template when it evaluates an authorization request.

", + "TemplateLinkedPolicyDefinition$resource": "

The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the ?resource placeholder in the policy template when it evaluates an authorization request.

", + "TemplateLinkedPolicyDefinitionDetail$principal": "

The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the ?principal placeholder in the policy template when it evaluates an authorization request.

", + "TemplateLinkedPolicyDefinitionDetail$resource": "

The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the ?resource placeholder in the policy template when it evaluates an authorization request.

", + "TemplateLinkedPolicyDefinitionItem$principal": "

The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the ?principal placeholder in the policy template when it evaluates an authorization request.

", + "TemplateLinkedPolicyDefinitionItem$resource": "

The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the ?resource placeholder in the policy template when it evaluates an authorization request.

", + "UpdatePolicyOutput$principal": "

The principal specified in the policy's scope. This element isn't included in the response when Principal isn't present in the policy content.

", + "UpdatePolicyOutput$resource": "

The resource specified in the policy's scope. This element isn't included in the response when Resource isn't present in the policy content.

" + } + }, + "EntityItem": { + "base": "

Contains information about an entity that can be referenced in a Cedar policy.

This data type is used as one of the fields in the EntitiesDefinition structure.

{ \"id\": { \"entityType\": \"Photo\", \"entityId\": \"VacationPhoto94.jpg\" }, \"Attributes\": {}, \"Parents\": [ { \"entityType\": \"Album\", \"entityId\": \"alice_folder\" } ] }

", + "refs": { + "EntityList$member": null + } + }, + "EntityList": { + "base": null, + "refs": { + "EntitiesDefinition$entityList": "

An array of entities that are needed to successfully evaluate an authorization request. Each entity in this array must include an identifier for the entity, the attributes of the entity, and a list of any parent entities.

" + } + }, + "EntityReference": { + "base": "

Contains information about a principal or resource that can be referenced in a Cedar policy.

This data type is used as part of the PolicyFilter structure that is used as a request parameter for the ListPolicies operation..

", + "refs": { + "PolicyFilter$principal": "

Filters the output to only policies that reference the specified principal.

", + "PolicyFilter$resource": "

Filters the output to only policies that reference the specified resource.

" + } + }, + "EntityType": { + "base": null, + "refs": { + "EntityIdentifier$entityType": "

The type of an entity.

Example: \"entityType\":\"typeName\"

" + } + }, + "EvaluationErrorItem": { + "base": "

Contains a description of an evaluation error.

This data type is used as a request parameter in the IsAuthorized and IsAuthorizedWithToken operations.

", + "refs": { + "EvaluationErrorList$member": null + } + }, + "EvaluationErrorList": { + "base": null, + "refs": { + "IsAuthorizedOutput$errors": "

Errors that occurred while making an authorization decision, for example, a policy references an Entity or entity Attribute that does not exist in the slice.

", + "IsAuthorizedWithTokenOutput$errors": "

Errors that occurred while making an authorization decision. For example, a policy references an entity or entity attribute that does not exist in the slice.

" + } + }, + "GetIdentitySourceInput": { + "base": null, + "refs": { + } + }, + "GetIdentitySourceOutput": { + "base": null, + "refs": { + } + }, + "GetPolicyInput": { + "base": null, + "refs": { + } + }, + "GetPolicyOutput": { + "base": null, + "refs": { + } + }, + "GetPolicyStoreInput": { + "base": null, + "refs": { + } + }, + "GetPolicyStoreOutput": { + "base": null, + "refs": { + } + }, + "GetPolicyTemplateInput": { + "base": null, + "refs": { + } + }, + "GetPolicyTemplateOutput": { + "base": null, + "refs": { + } + }, + "GetSchemaInput": { + "base": null, + "refs": { + } + }, + "GetSchemaOutput": { + "base": null, + "refs": { + } + }, + "IdempotencyToken": { + "base": null, + "refs": { + "CreateIdentitySourceInput$clientToken": "

Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..

If you don't provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

", + "CreatePolicyInput$clientToken": "

Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..

If you don't provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

", + "CreatePolicyStoreInput$clientToken": "

Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..

If you don't provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

", + "CreatePolicyTemplateInput$clientToken": "

Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..

If you don't provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

" + } + }, + "IdentitySourceDetails": { + "base": "

A structure that contains configuration of the identity source.

This data type is used as a response parameter for the CreateIdentitySource operation.

", + "refs": { + "GetIdentitySourceOutput$details": "

A structure that describes the configuration of the identity source.

" + } + }, + "IdentitySourceFilter": { + "base": "

A structure that defines characteristics of an identity source that you can use to filter.

This data type is used as a request parameter for the ListIdentityStores operation.

", + "refs": { + "IdentitySourceFilters$member": null + } + }, + "IdentitySourceFilters": { + "base": null, + "refs": { + "ListIdentitySourcesInput$filters": "

Specifies characteristics of an identity source that you can use to limit the output to matching identity sources.

" + } + }, + "IdentitySourceId": { + "base": null, + "refs": { + "CreateIdentitySourceOutput$identitySourceId": "

The unique ID of the new identity source.

", + "DeleteIdentitySourceInput$identitySourceId": "

Specifies the ID of the identity source that you want to delete.

", + "GetIdentitySourceInput$identitySourceId": "

Specifies the ID of the identity source you want information about.

", + "GetIdentitySourceOutput$identitySourceId": "

The ID of the identity source.

", + "IdentitySourceItem$identitySourceId": "

The unique identifier of the identity source.

", + "UpdateIdentitySourceInput$identitySourceId": "

Specifies the ID of the identity source that you want to update.

", + "UpdateIdentitySourceOutput$identitySourceId": "

The ID of the updated identity source.

" + } + }, + "IdentitySourceItem": { + "base": "

A structure that defines an identity source.

This data type is used as a request parameter for the ListIdentityStores operation.

", + "refs": { + "IdentitySources$member": null + } + }, + "IdentitySourceItemDetails": { + "base": "

A structure that contains configuration of the identity source.

This data type is used as a response parameter for the CreateIdentitySource operation.

", + "refs": { + "IdentitySourceItem$details": "

A structure that contains the details of the associated identity provider (IdP).

" + } + }, + "IdentitySources": { + "base": null, + "refs": { + "ListIdentitySourcesOutput$identitySources": "

The list of identity sources stored in the specified policy store.

" + } + }, + "InternalServerException": { + "base": "

The request failed because of an internal error. Try your request again later

", + "refs": { + } + }, + "IsAuthorizedInput": { + "base": null, + "refs": { + } + }, + "IsAuthorizedOutput": { + "base": null, + "refs": { + } + }, + "IsAuthorizedWithTokenInput": { + "base": null, + "refs": { + } + }, + "IsAuthorizedWithTokenOutput": { + "base": null, + "refs": { + } + }, + "ListIdentitySourcesInput": { + "base": null, + "refs": { + } + }, + "ListIdentitySourcesMaxResults": { + "base": null, + "refs": { + "ListIdentitySourcesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

" + } + }, + "ListIdentitySourcesOutput": { + "base": null, + "refs": { + } + }, + "ListPoliciesInput": { + "base": null, + "refs": { + } + }, + "ListPoliciesOutput": { + "base": null, + "refs": { + } + }, + "ListPolicyStoresInput": { + "base": null, + "refs": { + } + }, + "ListPolicyStoresOutput": { + "base": null, + "refs": { + } + }, + "ListPolicyTemplatesInput": { + "base": null, + "refs": { + } + }, + "ListPolicyTemplatesOutput": { + "base": null, + "refs": { + } + }, + "LongAttribute": { + "base": null, + "refs": { + "AttributeValue$long": "

An attribute value of Long type.

Example: {\"long\": 0}

" + } + }, + "MaxResults": { + "base": null, + "refs": { + "ListPoliciesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListPolicyStoresInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListPolicyTemplatesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

" + } + }, + "Namespace": { + "base": null, + "refs": { + "NamespaceList$member": null + } + }, + "NamespaceList": { + "base": null, + "refs": { + "PutSchemaOutput$namespaces": "

Identifies the namespaces of the entities referenced by this schema.

" + } + }, + "NextToken": { + "base": null, + "refs": { + "ListIdentitySourcesInput$nextToken": "

Specifies that you want to receive the next page of results. Valid only if you received a NextToken response in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call's NextToken response to request the next page of results.

", + "ListIdentitySourcesOutput$nextToken": "

If present, this value indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null. This indicates that this is the last page of results.

", + "ListPoliciesInput$nextToken": "

Specifies that you want to receive the next page of results. Valid only if you received a NextToken response in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call's NextToken response to request the next page of results.

", + "ListPoliciesOutput$nextToken": "

If present, this value indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null. This indicates that this is the last page of results.

", + "ListPolicyStoresInput$nextToken": "

Specifies that you want to receive the next page of results. Valid only if you received a NextToken response in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call's NextToken response to request the next page of results.

", + "ListPolicyStoresOutput$nextToken": "

If present, this value indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null. This indicates that this is the last page of results.

", + "ListPolicyTemplatesInput$nextToken": "

Specifies that you want to receive the next page of results. Valid only if you received a NextToken response in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call's NextToken response to request the next page of results.

", + "ListPolicyTemplatesOutput$nextToken": "

If present, this value indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null. This indicates that this is the last page of results.

" + } + }, + "OpenIdIssuer": { + "base": null, + "refs": { + "IdentitySourceDetails$openIdIssuer": "

A string that identifies the type of OIDC service represented by this identity source.

At this time, the only valid value is cognito.

", + "IdentitySourceItemDetails$openIdIssuer": "

A string that identifies the type of OIDC service represented by this identity source.

At this time, the only valid value is cognito.

" + } + }, + "ParentList": { + "base": null, + "refs": { + "EntityItem$parents": "

The parents in the hierarchy that contains the entity.

" + } + }, + "PolicyDefinition": { + "base": "

A structure that contains the details for a Cedar policy definition. It includes the policy type, a description, and a policy body. This is a top level data type used to create a policy.

This data type is used as a request parameter for the CreatePolicy operation. This structure must always have either an static or a templateLinked element.

", + "refs": { + "CreatePolicyInput$definition": "

A structure that specifies the policy type and content to use for the new policy. You must include either a static or a templateLinked element. The policy content must be written in the Cedar policy language.

" + } + }, + "PolicyDefinitionDetail": { + "base": "

A structure that describes a policy definition. It must always have either an static or a templateLinked element.

This data type is used as a response parameter for the GetPolicy operation.

", + "refs": { + "GetPolicyOutput$definition": "

The definition of the requested policy.

" + } + }, + "PolicyDefinitionItem": { + "base": "

A structure that describes a PolicyDefinintion. It will always have either an StaticPolicy or a TemplateLinkedPolicy element.

This data type is used as a response parameter for the CreatePolicy and ListPolicies operations.

", + "refs": { + "PolicyItem$definition": "

The policy definition of an item in the list of policies returned.

" + } + }, + "PolicyFilter": { + "base": "

Contains information about a filter to refine policies returned in a query.

This data type is used as a response parameter for the ListPolicies operation.

", + "refs": { + "ListPoliciesInput$filter": "

Specifies a filter that limits the response to only policies that match the specified criteria. For example, you list only the policies that reference a specified principal.

" + } + }, + "PolicyId": { + "base": null, + "refs": { + "CreatePolicyOutput$policyId": "

The unique ID of the new policy.

", + "DeletePolicyInput$policyId": "

Specifies the ID of the policy that you want to delete.

", + "DeterminingPolicyItem$policyId": "

The Id of a policy that determined to an authorization decision.

Example: \"policyId\":\"SPEXAMPLEabcdefg111111\"

", + "GetPolicyInput$policyId": "

Specifies the ID of the policy you want information about.

", + "GetPolicyOutput$policyId": "

The unique ID of the policy that you want information about.

", + "PolicyItem$policyId": "

The identifier of the policy you want information about.

", + "UpdatePolicyInput$policyId": "

Specifies the ID of the policy that you want to update. To find this value, you can use ListPolicies.

", + "UpdatePolicyOutput$policyId": "

The ID of the policy that was updated.

" + } + }, + "PolicyItem": { + "base": "

Contains information about a policy.

This data type is used as a response parameter for the ListPolicies operation.

", + "refs": { + "PolicyList$member": null + } + }, + "PolicyList": { + "base": null, + "refs": { + "ListPoliciesOutput$policies": "

Lists all policies that are available in the specified policy store.

" + } + }, + "PolicyStatement": { + "base": null, + "refs": { + "CreatePolicyTemplateInput$statement": "

Specifies the content that you want to use for the new policy template, written in the Cedar policy language.

", + "GetPolicyTemplateOutput$statement": "

The content of the body of the policy template written in the Cedar policy language.

", + "StaticPolicyDefinition$statement": "

The policy content of the static policy, written in the Cedar policy language.

", + "StaticPolicyDefinitionDetail$statement": "

The content of the static policy written in the Cedar policy language.

", + "UpdatePolicyTemplateInput$statement": "

Specifies new statement content written in Cedar policy language to replace the current body of the policy template.

You can change only the following elements of the policy body:

You can't change the following elements:

", + "UpdateStaticPolicyDefinition$statement": "

Specifies the Cedar policy language text to be added to or replaced on the static policy.

You can change only the following elements from the original content:

  • The action referenced by the policy.

  • Any conditional clauses, such as when or unless clauses.

You can't change the following elements:

  • Changing from StaticPolicy to TemplateLinkedPolicy.

  • The effect (permit or forbid) of the policy.

  • The principal referenced by the policy.

  • The resource referenced by the policy.

" + } + }, + "PolicyStoreId": { + "base": null, + "refs": { + "CreateIdentitySourceInput$policyStoreId": "

Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.

", + "CreateIdentitySourceOutput$policyStoreId": "

The ID of the policy store that contains the identity source.

", + "CreatePolicyInput$policyStoreId": "

Specifies the PolicyStoreId of the policy store you want to store the policy in.

", + "CreatePolicyOutput$policyStoreId": "

The ID of the policy store that contains the new policy.

", + "CreatePolicyStoreOutput$policyStoreId": "

The unique ID of the new policy store.

", + "CreatePolicyTemplateInput$policyStoreId": "

The ID of the policy store in which to create the policy template.

", + "CreatePolicyTemplateOutput$policyStoreId": "

The ID of the policy store that contains the policy template.

", + "DeleteIdentitySourceInput$policyStoreId": "

Specifies the ID of the policy store that contains the identity source that you want to delete.

", + "DeletePolicyInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy that you want to delete.

", + "DeletePolicyStoreInput$policyStoreId": "

Specifies the ID of the policy store that you want to delete.

", + "DeletePolicyTemplateInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy template that you want to delete.

", + "GetIdentitySourceInput$policyStoreId": "

Specifies the ID of the policy store that contains the identity source you want information about.

", + "GetIdentitySourceOutput$policyStoreId": "

The ID of the policy store that contains the identity source.

", + "GetPolicyInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy that you want information about.

", + "GetPolicyOutput$policyStoreId": "

The ID of the policy store that contains the policy that you want information about.

", + "GetPolicyStoreInput$policyStoreId": "

Specifies the ID of the policy store that you want information about.

", + "GetPolicyStoreOutput$policyStoreId": "

The ID of the policy store;

", + "GetPolicyTemplateInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy template that you want information about.

", + "GetPolicyTemplateOutput$policyStoreId": "

The ID of the policy store that contains the policy template.

", + "GetSchemaInput$policyStoreId": "

Specifies the ID of the policy store that contains the schema.

", + "GetSchemaOutput$policyStoreId": "

The ID of the policy store that contains the schema.

", + "IdentitySourceItem$policyStoreId": "

The identifier of the policy store that contains the identity source.

", + "IsAuthorizedInput$policyStoreId": "

Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.

", + "IsAuthorizedWithTokenInput$policyStoreId": "

Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.

", + "ListIdentitySourcesInput$policyStoreId": "

Specifies the ID of the policy store that contains the identity sources that you want to list.

", + "ListPoliciesInput$policyStoreId": "

Specifies the ID of the policy store you want to list policies from.

", + "ListPolicyTemplatesInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy templates you want to list.

", + "PolicyItem$policyStoreId": "

The identifier of the PolicyStore where the policy you want information about is stored.

", + "PolicyStoreItem$policyStoreId": "

The unique identifier of the policy store.

", + "PolicyTemplateItem$policyStoreId": "

The unique identifier of the policy store that contains the template.

", + "PutSchemaInput$policyStoreId": "

Specifies the ID of the policy store in which to place the schema.

", + "PutSchemaOutput$policyStoreId": "

The unique ID of the policy store that contains the schema.

", + "UpdateIdentitySourceInput$policyStoreId": "

Specifies the ID of the policy store that contains the identity source that you want to update.

", + "UpdateIdentitySourceOutput$policyStoreId": "

The ID of the policy store that contains the updated identity source.

", + "UpdatePolicyInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy that you want to update.

", + "UpdatePolicyOutput$policyStoreId": "

The ID of the policy store that contains the policy that was updated.

", + "UpdatePolicyStoreInput$policyStoreId": "

Specifies the ID of the policy store that you want to update

", + "UpdatePolicyStoreOutput$policyStoreId": "

The ID of the updated policy store.

", + "UpdatePolicyTemplateInput$policyStoreId": "

Specifies the ID of the policy store that contains the policy template that you want to update.

", + "UpdatePolicyTemplateOutput$policyStoreId": "

The ID of the policy store that contains the updated policy template.

" + } + }, + "PolicyStoreItem": { + "base": "

Contains information about a policy store.

This data type is used as a response parameter for the ListPolicyStores operation.

", + "refs": { + "PolicyStoreList$member": null + } + }, + "PolicyStoreList": { + "base": null, + "refs": { + "ListPolicyStoresOutput$policyStores": "

The list of policy stores in the account.

" + } + }, + "PolicyTemplateDescription": { + "base": null, + "refs": { + "CreatePolicyTemplateInput$description": "

Specifies a description for the policy template.

", + "GetPolicyTemplateOutput$description": "

The description of the policy template.

", + "PolicyTemplateItem$description": "

The description attached to the policy template.

", + "UpdatePolicyTemplateInput$description": "

Specifies a new description to apply to the policy template.

" + } + }, + "PolicyTemplateId": { + "base": null, + "refs": { + "CreatePolicyTemplateOutput$policyTemplateId": "

The unique ID of the new policy template.

", + "DeletePolicyTemplateInput$policyTemplateId": "

Specifies the ID of the policy template that you want to delete.

", + "GetPolicyTemplateInput$policyTemplateId": "

Specifies the ID of the policy template that you want information about.

", + "GetPolicyTemplateOutput$policyTemplateId": "

The ID of the policy template.

", + "PolicyFilter$policyTemplateId": "

Filters the output to only template-linked policies that were instantiated from the specified policy template.

", + "PolicyTemplateItem$policyTemplateId": "

The unique identifier of the policy template.

", + "TemplateLinkedPolicyDefinition$policyTemplateId": "

The unique identifier of the policy template used to create this policy.

", + "TemplateLinkedPolicyDefinitionDetail$policyTemplateId": "

The unique identifier of the policy template used to create this policy.

", + "TemplateLinkedPolicyDefinitionItem$policyTemplateId": "

The unique identifier of the policy template used to create this policy.

", + "UpdatePolicyTemplateInput$policyTemplateId": "

Specifies the ID of the policy template that you want to update.

", + "UpdatePolicyTemplateOutput$policyTemplateId": "

The ID of the updated policy template.

" + } + }, + "PolicyTemplateItem": { + "base": "

Contains details about a policy template

This data type is used as a response parameter for the ListPolicyTemplates operation.

", + "refs": { + "PolicyTemplatesList$member": null + } + }, + "PolicyTemplatesList": { + "base": null, + "refs": { + "ListPolicyTemplatesOutput$policyTemplates": "

The list of the policy templates in the specified policy store.

" + } + }, + "PolicyType": { + "base": null, + "refs": { + "CreatePolicyOutput$policyType": "

The policy type of the new policy.

", + "GetPolicyOutput$policyType": "

The type of the policy.

", + "PolicyFilter$policyType": "

Filters the output to only policies of the specified type.

", + "PolicyItem$policyType": "

The type of the policy. This is one of the following values:

", + "UpdatePolicyOutput$policyType": "

The type of the policy that was updated.

" + } + }, + "PrincipalEntityType": { + "base": null, + "refs": { + "CreateIdentitySourceInput$principalEntityType": "

Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.

", + "GetIdentitySourceOutput$principalEntityType": "

The data type of principals generated for identities authenticated by this identity source.

", + "IdentitySourceFilter$principalEntityType": "

The Cedar entity type of the principals returned by the identity provider (IdP) associated with this identity source.

", + "IdentitySourceItem$principalEntityType": "

The Cedar entity type of the principals returned from the IdP associated with this identity source.

", + "UpdateIdentitySourceInput$principalEntityType": "

Specifies the data type of principals generated for identities authenticated by the identity source.

" + } + }, + "PutSchemaInput": { + "base": null, + "refs": { + } + }, + "PutSchemaOutput": { + "base": null, + "refs": { + } + }, + "RecordAttribute": { + "base": null, + "refs": { + "AttributeValue$record": "

An attribute value of Record type.

Example: {\"record\": { \"keyName\": {} } }

" + } + }, + "ResourceArn": { + "base": null, + "refs": { + "CreatePolicyStoreOutput$arn": "

The Amazon Resource Name (ARN) of the new policy store.

", + "GetPolicyStoreOutput$arn": "

The Amazon Resource Name (ARN) of the policy store.

", + "PolicyStoreItem$arn": "

The Amazon Resource Name (ARN) of the policy store.

", + "UpdatePolicyStoreOutput$arn": "

The Amazon Resource Name (ARN) of the updated policy store.

" + } + }, + "ResourceConflict": { + "base": "

Contains information about a resource conflict.

", + "refs": { + "ResourceConflictList$member": null + } + }, + "ResourceConflictList": { + "base": null, + "refs": { + "ConflictException$resources": "

The list of resources referenced with this failed request.

" + } + }, + "ResourceNotFoundException": { + "base": "

The request failed because it references a resource that doesn't exist.

", + "refs": { + } + }, + "ResourceType": { + "base": null, + "refs": { + "ResourceConflict$resourceType": "

The type of the resource involved in a conflict.

", + "ResourceNotFoundException$resourceType": "

The resource type of the resource referenced in the failed request.

", + "ServiceQuotaExceededException$resourceType": "

The resource type of the resource referenced in the failed request.

" + } + }, + "SchemaDefinition": { + "base": "

Contains a list of principal types, resource types, and actions that can be specified in policies stored in the same policy store. If the validation mode for the policy store is set to STRICT, then policies that can't be validated by this schema are rejected by Verified Permissions and can't be stored in the policy store.

", + "refs": { + "PutSchemaInput$definition": "

Specifies the definition of the schema to be stored. The schema definition must be written in Cedar schema JSON.

" + } + }, + "SchemaJson": { + "base": null, + "refs": { + "GetSchemaOutput$schema": "

The body of the schema, written in Cedar schema JSON.

", + "SchemaDefinition$cedarJson": "

A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide.

" + } + }, + "ServiceQuotaExceededException": { + "base": "

The request failed because it would cause a service quota to be exceeded.

", + "refs": { + } + }, + "SetAttribute": { + "base": null, + "refs": { + "AttributeValue$set": "

An attribute value of Set type.

Example: {\"set\": [ {} ] }

" + } + }, + "StaticPolicyDefinition": { + "base": "

Contains information about a static policy.

This data type is used as a field that is part of the PolicyDefinitionDetail type.

", + "refs": { + "PolicyDefinition$static": "

A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.

" + } + }, + "StaticPolicyDefinitionDetail": { + "base": "

A structure that contains details about a static policy. It includes the description and policy body.

This data type is used within a PolicyDefinition structure as part of a request parameter for the CreatePolicy operation.

", + "refs": { + "PolicyDefinitionDetail$static": "

Information about a static policy that wasn't created with a policy template.

" + } + }, + "StaticPolicyDefinitionItem": { + "base": "

A structure that contains details about a static policy. It includes the description and policy statement.

This data type is used within a PolicyDefinition structure as part of a request parameter for the CreatePolicy operation.

", + "refs": { + "PolicyDefinitionItem$static": "

Information about a static policy that wasn't created with a policy template.

" + } + }, + "StaticPolicyDescription": { + "base": null, + "refs": { + "StaticPolicyDefinition$description": "

The description of the static policy.

", + "StaticPolicyDefinitionDetail$description": "

A description of the static policy.

", + "StaticPolicyDefinitionItem$description": "

A description of the static policy.

", + "UpdateStaticPolicyDefinition$description": "

Specifies the description to be added to or replaced on the static policy.

" + } + }, + "String": { + "base": null, + "refs": { + "AccessDeniedException$message": null, + "ConflictException$message": null, + "ContextMap$key": null, + "EntityAttributes$key": null, + "EvaluationErrorItem$errorDescription": "

The error description.

", + "InternalServerException$message": null, + "RecordAttribute$key": null, + "ResourceConflict$resourceId": "

The unique identifier of the resource involved in a conflict.

", + "ResourceNotFoundException$message": null, + "ResourceNotFoundException$resourceId": "

The unique ID of the resource referenced in the failed request.

", + "ServiceQuotaExceededException$message": null, + "ServiceQuotaExceededException$resourceId": "

The unique ID of the resource referenced in the failed request.

", + "ServiceQuotaExceededException$serviceCode": "

The code for the Amazon Web Service that owns the quota.

", + "ServiceQuotaExceededException$quotaCode": "

The quota code recognized by the Amazon Web Services Service Quotas service.

", + "ThrottlingException$message": null, + "ThrottlingException$serviceCode": "

The code for the Amazon Web Service that owns the quota.

", + "ThrottlingException$quotaCode": "

The quota code recognized by the Amazon Web Services Service Quotas service.

", + "ValidationException$message": null, + "ValidationExceptionField$path": "

The path to the specific element that Verified Permissions found to be not valid.

", + "ValidationExceptionField$message": "

Describes the policy validation error.

" + } + }, + "StringAttribute": { + "base": null, + "refs": { + "AttributeValue$string": "

An attribute value of String type.

Example: {\"string\": \"abc\"}

" + } + }, + "TemplateLinkedPolicyDefinition": { + "base": "

Contains information about a policy created by instantiating a policy template.

", + "refs": { + "PolicyDefinition$templateLinked": "

A structure that describes a policy that was instantiated from a template. The template can specify placeholders for principal and resource. When you use CreatePolicy to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.

" + } + }, + "TemplateLinkedPolicyDefinitionDetail": { + "base": "

Contains information about a policy that was

created by instantiating a policy template.

This

", + "refs": { + "PolicyDefinitionDetail$templateLinked": "

Information about a template-linked policy that was created by instantiating a policy template.

" + } + }, + "TemplateLinkedPolicyDefinitionItem": { + "base": "

Contains information about a policy created by instantiating a policy template.

This

", + "refs": { + "PolicyDefinitionItem$templateLinked": "

Information about a template-linked policy that was created by instantiating a policy template.

" + } + }, + "ThrottlingException": { + "base": "

The request failed because it exceeded a throttling quota.

", + "refs": { + } + }, + "TimestampFormat": { + "base": null, + "refs": { + "CreateIdentitySourceOutput$createdDate": "

The date and time the identity source was originally created.

", + "CreateIdentitySourceOutput$lastUpdatedDate": "

The date and time the identity source was most recently updated.

", + "CreatePolicyOutput$createdDate": "

The date and time the policy was originally created.

", + "CreatePolicyOutput$lastUpdatedDate": "

The date and time the policy was last updated.

", + "CreatePolicyStoreOutput$createdDate": "

The date and time the policy store was originally created.

", + "CreatePolicyStoreOutput$lastUpdatedDate": "

The date and time the policy store was last updated.

", + "CreatePolicyTemplateOutput$createdDate": "

The date and time the policy template was originally created.

", + "CreatePolicyTemplateOutput$lastUpdatedDate": "

The date and time the policy template was most recently updated.

", + "GetIdentitySourceOutput$createdDate": "

The date and time that the identity source was originally created.

", + "GetIdentitySourceOutput$lastUpdatedDate": "

The date and time that the identity source was most recently updated.

", + "GetPolicyOutput$createdDate": "

The date and time that the policy was originally created.

", + "GetPolicyOutput$lastUpdatedDate": "

The date and time that the policy was last updated.

", + "GetPolicyStoreOutput$createdDate": "

The date and time that the policy store was originally created.

", + "GetPolicyStoreOutput$lastUpdatedDate": "

The date and time that the policy store was last updated.

", + "GetPolicyTemplateOutput$createdDate": "

The date and time that the policy template was originally created.

", + "GetPolicyTemplateOutput$lastUpdatedDate": "

The date and time that the policy template was most recently updated.

", + "GetSchemaOutput$createdDate": "

The date and time that the schema was originally created.

", + "GetSchemaOutput$lastUpdatedDate": "

The date and time that the schema was most recently updated.

", + "IdentitySourceItem$createdDate": "

The date and time the identity source was originally created.

", + "IdentitySourceItem$lastUpdatedDate": "

The date and time the identity source was most recently updated.

", + "PolicyItem$createdDate": "

The date and time the policy was created.

", + "PolicyItem$lastUpdatedDate": "

The date and time the policy was most recently updated.

", + "PolicyStoreItem$createdDate": "

The date and time the policy was created.

", + "PolicyTemplateItem$createdDate": "

The date and time that the policy template was created.

", + "PolicyTemplateItem$lastUpdatedDate": "

The date and time that the policy template was most recently updated.

", + "PutSchemaOutput$createdDate": "

The date and time that the schema was originally created.

", + "PutSchemaOutput$lastUpdatedDate": "

The date and time that the schema was last updated.

", + "UpdateIdentitySourceOutput$createdDate": "

The date and time that the updated identity source was originally created.

", + "UpdateIdentitySourceOutput$lastUpdatedDate": "

The date and time that the identity source was most recently updated.

", + "UpdatePolicyOutput$createdDate": "

The date and time that the policy was originally created.

", + "UpdatePolicyOutput$lastUpdatedDate": "

The date and time that the policy was most recently updated.

", + "UpdatePolicyStoreOutput$createdDate": "

The date and time that the policy store was originally created.

", + "UpdatePolicyStoreOutput$lastUpdatedDate": "

The date and time that the policy store was most recently updated.

", + "UpdatePolicyTemplateOutput$createdDate": "

The date and time that the policy template was originally created.

", + "UpdatePolicyTemplateOutput$lastUpdatedDate": "

The date and time that the policy template was most recently updated.

" + } + }, + "Token": { + "base": null, + "refs": { + "IsAuthorizedWithTokenInput$identityToken": "

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, but not both.

", + "IsAuthorizedWithTokenInput$accessToken": "

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, but not both.

" + } + }, + "UpdateCognitoUserPoolConfiguration": { + "base": "

Contains configuration details of a Amazon Cognito user pool for use with an identity source.

", + "refs": { + "UpdateConfiguration$cognitoUserPoolConfiguration": "

Contains configuration details of a Amazon Cognito user pool.

" + } + }, + "UpdateConfiguration": { + "base": "

Contains an updated configuration to replace the configuration in an existing identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a userPoolArn, and optionally, a ClientId.

", + "refs": { + "UpdateIdentitySourceInput$updateConfiguration": "

Specifies the details required to communicate with the identity provider (IdP) associated with this identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a userPoolArn, and optionally, a ClientId.

" + } + }, + "UpdateIdentitySourceInput": { + "base": null, + "refs": { + } + }, + "UpdateIdentitySourceOutput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyDefinition": { + "base": "

Contains information about updates to be applied to a policy.

This data type is used as a request parameter in the UpdatePolicy operation.

", + "refs": { + "UpdatePolicyInput$definition": "

Specifies the updated policy content that you want to replace on the specified policy. The content must be valid Cedar policy language text.

You can change only the following elements from the policy definition:

You can't change the following elements:

" + } + }, + "UpdatePolicyInput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyOutput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyStoreInput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyStoreOutput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyTemplateInput": { + "base": null, + "refs": { + } + }, + "UpdatePolicyTemplateOutput": { + "base": null, + "refs": { + } + }, + "UpdateStaticPolicyDefinition": { + "base": "

Contains information about an update to a static policy.

", + "refs": { + "UpdatePolicyDefinition$static": "

Contains details about the updates to be applied to a static policy.

" + } + }, + "UserPoolArn": { + "base": null, + "refs": { + "CognitoUserPoolConfiguration$userPoolArn": "

The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be authorized.

Example: \"UserPoolArn\": \"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5\"

", + "IdentitySourceDetails$userPoolArn": "

The Amazon Resource Name (ARN) of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.

", + "IdentitySourceItemDetails$userPoolArn": "

The Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.

", + "UpdateCognitoUserPoolConfiguration$userPoolArn": "

The Amazon Resource Name (ARN) of the Amazon Cognito user pool associated with this identity source.

" + } + }, + "ValidationException": { + "base": "

The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

The possible reasons include the following:

", + "refs": { + } + }, + "ValidationExceptionField": { + "base": "

Details about a field that failed policy validation.

", + "refs": { + "ValidationExceptionFieldList$member": null + } + }, + "ValidationExceptionFieldList": { + "base": null, + "refs": { + "ValidationException$fieldList": "

The list of fields that aren't valid.

" + } + }, + "ValidationMode": { + "base": null, + "refs": { + "ValidationSettings$mode": "

The validation mode currently configured for this policy store. The valid values are:

If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

To submit a static policy or policy template without a schema, you must turn off validation.

" + } + }, + "ValidationSettings": { + "base": "

A structure that contains Cedar policy validation settings for the policy store. The validation mode determines which validation failures that Cedar considers serious enough to block acceptance of a new or edited static policy or policy template.

This data type is used as a request parameter in the CreatePolicyStore and UpdatePolicyStore operations.

", + "refs": { + "CreatePolicyStoreInput$validationSettings": "

Specifies the validation setting for this policy store.

Currently, the only valid and required value is Mode.

We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore. Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

", + "GetPolicyStoreOutput$validationSettings": "

The current validation settings for the policy store.

", + "UpdatePolicyStoreInput$validationSettings": "

A structure that defines the validation settings that want to enable for the policy store.

" + } + } + } +} diff --git a/models/apis/verifiedpermissions/2021-12-01/endpoint-rule-set-1.json b/models/apis/verifiedpermissions/2021-12-01/endpoint-rule-set-1.json new file mode 100644 index 00000000000..17b9ad0a91f --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/endpoint-rule-set-1.json @@ -0,0 +1,350 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://verifiedpermissions-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://verifiedpermissions-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://verifiedpermissions.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://verifiedpermissions.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + } + ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json b/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json new file mode 100644 index 00000000000..18725a06d46 --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json @@ -0,0 +1,295 @@ +{ + "testCases": [ + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-gov-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-gov-east-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "cn-north-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-iso-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-east-1.api.aws" + } + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-east-1.amazonaws.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "UseDualStack": true, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://verifiedpermissions.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-isob-east-1" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseDualStack": false, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseDualStack": false, + "UseFIPS": true, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseDualStack": true, + "UseFIPS": false, + "Region": "us-east-1", + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/verifiedpermissions/2021-12-01/examples-1.json b/models/apis/verifiedpermissions/2021-12-01/examples-1.json new file mode 100644 index 00000000000..0ea7e3b0bbe --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/examples-1.json @@ -0,0 +1,5 @@ +{ + "version": "1.0", + "examples": { + } +} diff --git a/models/apis/verifiedpermissions/2021-12-01/paginators-1.json b/models/apis/verifiedpermissions/2021-12-01/paginators-1.json new file mode 100644 index 00000000000..4314d715de4 --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/paginators-1.json @@ -0,0 +1,28 @@ +{ + "pagination": { + "ListIdentitySources": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "identitySources" + }, + "ListPolicies": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "policies" + }, + "ListPolicyStores": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "policyStores" + }, + "ListPolicyTemplates": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "policyTemplates" + } + } +} diff --git a/models/apis/verifiedpermissions/2021-12-01/smoke.json b/models/apis/verifiedpermissions/2021-12-01/smoke.json new file mode 100644 index 00000000000..a9756813e4a --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/smoke.json @@ -0,0 +1,6 @@ +{ + "version": 1, + "defaultRegion": "us-west-2", + "testCases": [ + ] +} diff --git a/models/apis/verifiedpermissions/2021-12-01/waiters-2.json b/models/apis/verifiedpermissions/2021-12-01/waiters-2.json new file mode 100644 index 00000000000..13f60ee66be --- /dev/null +++ b/models/apis/verifiedpermissions/2021-12-01/waiters-2.json @@ -0,0 +1,5 @@ +{ + "version": 2, + "waiters": { + } +} diff --git a/models/apis/wafv2/2019-07-29/api-2.json b/models/apis/wafv2/2019-07-29/api-2.json index 831a6c79c7e..3a217135643 100755 --- a/models/apis/wafv2/2019-07-29/api-2.json +++ b/models/apis/wafv2/2019-07-29/api-2.json @@ -910,13 +910,29 @@ "type":"integer", "min":0 }, + "AWSManagedRulesACFPRuleSet":{ + "type":"structure", + "required":[ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "members":{ + "CreationPath":{"shape":"CreationPathString"}, + "RegistrationPagePath":{"shape":"RegistrationPagePathString"}, + "RequestInspection":{"shape":"RequestInspectionACFP"}, + "ResponseInspection":{"shape":"ResponseInspection"}, + "EnableRegexInPath":{"shape":"Boolean"} + } + }, "AWSManagedRulesATPRuleSet":{ "type":"structure", "required":["LoginPath"], "members":{ "LoginPath":{"shape":"String"}, "RequestInspection":{"shape":"RequestInspection"}, - "ResponseInspection":{"shape":"ResponseInspection"} + "ResponseInspection":{"shape":"ResponseInspection"}, + "EnableRegexInPath":{"shape":"Boolean"} } }, "AWSManagedRulesBotControlRuleSet":{ @@ -945,6 +961,17 @@ "EXCLUDED_AS_COUNT" ] }, + "AddressField":{ + "type":"structure", + "required":["Identifier"], + "members":{ + "Identifier":{"shape":"FieldIdentifier"} + } + }, + "AddressFields":{ + "type":"list", + "member":{"shape":"AddressField"} + }, "All":{ "type":"structure", "members":{ @@ -1527,6 +1554,12 @@ "Summary":{"shape":"WebACLSummary"} } }, + "CreationPathString":{ + "type":"string", + "max":256, + "min":1, + "pattern":".*\\S.*" + }, "CustomHTTPHeader":{ "type":"structure", "required":[ @@ -1785,6 +1818,13 @@ } }, "DownloadUrl":{"type":"string"}, + "EmailField":{ + "type":"structure", + "required":["Identifier"], + "members":{ + "Identifier":{"shape":"FieldIdentifier"} + } + }, "EntityDescription":{ "type":"string", "max":256, @@ -2740,7 +2780,8 @@ "deprecatedMessage":"Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PasswordField" }, "AWSManagedRulesBotControlRuleSet":{"shape":"AWSManagedRulesBotControlRuleSet"}, - "AWSManagedRulesATPRuleSet":{"shape":"AWSManagedRulesATPRuleSet"} + "AWSManagedRulesATPRuleSet":{"shape":"AWSManagedRulesATPRuleSet"}, + "AWSManagedRulesACFPRuleSet":{"shape":"AWSManagedRulesACFPRuleSet"} } }, "ManagedRuleGroupConfigs":{ @@ -2975,7 +3016,8 @@ "ATP_RULE_SET_RESPONSE_INSPECTION", "ASSOCIATED_RESOURCE_TYPE", "SCOPE_DOWN", - "CUSTOM_KEYS" + "CUSTOM_KEYS", + "ACP_RULE_SET_RESPONSE_INSPECTION" ] }, "ParameterExceptionParameter":{ @@ -2996,6 +3038,17 @@ "FORM_ENCODED" ] }, + "PhoneNumberField":{ + "type":"structure", + "required":["Identifier"], + "members":{ + "Identifier":{"shape":"FieldIdentifier"} + } + }, + "PhoneNumberFields":{ + "type":"list", + "member":{"shape":"PhoneNumberField"} + }, "Platform":{ "type":"string", "enum":[ @@ -3287,6 +3340,12 @@ "min":1, "pattern":".*" }, + "RegistrationPagePathString":{ + "type":"string", + "max":256, + "min":1, + "pattern":".*\\S.*" + }, "RegularExpressionList":{ "type":"list", "member":{"shape":"Regex"} @@ -3328,6 +3387,18 @@ "PasswordField":{"shape":"PasswordField"} } }, + "RequestInspectionACFP":{ + "type":"structure", + "required":["PayloadType"], + "members":{ + "PayloadType":{"shape":"PayloadType"}, + "UsernameField":{"shape":"UsernameField"}, + "PasswordField":{"shape":"PasswordField"}, + "EmailField":{"shape":"EmailField"}, + "PhoneNumberFields":{"shape":"PhoneNumberFields"}, + "AddressFields":{"shape":"AddressFields"} + } + }, "ResourceArn":{ "type":"string", "max":2048, diff --git a/models/apis/wafv2/2019-07-29/docs-2.json b/models/apis/wafv2/2019-07-29/docs-2.json index 34156697a70..dc50ddb0810 100755 --- a/models/apis/wafv2/2019-07-29/docs-2.json +++ b/models/apis/wafv2/2019-07-29/docs-2.json @@ -89,6 +89,12 @@ "APIKeySummary$Version": "

Internal value used by WAF to manage the key.

" } }, + "AWSManagedRulesACFPRuleSet": { + "base": "

Details for your use of the account creation fraud prevention managed rule group, AWSManagedRulesACFPRuleSet. This configuration is used in ManagedRuleGroupConfig.

", + "refs": { + "ManagedRuleGroupConfig$AWSManagedRulesACFPRuleSet": "

Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet. Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.

For information about using the ACFP managed rule group, see WAF Fraud Control account creation fraud prevention (ACFP) rule group and WAF Fraud Control account creation fraud prevention (ACFP) in the WAF Developer Guide.

" + } + }, "AWSManagedRulesATPRuleSet": { "base": "

Details for your use of the account takeover prevention managed rule group, AWSManagedRulesATPRuleSet. This configuration is used in ManagedRuleGroupConfig.

", "refs": { @@ -120,6 +126,18 @@ "ActionCondition$Action": "

The action setting that a log record must contain in order to meet the condition. This is the action that WAF applied to the web request.

For rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value EXCLUDED_AS_COUNT matches on excluded rules and also on rules that have a rule action override of Count.

" } }, + "AddressField": { + "base": "

The name of a field in the request payload that contains part or all of your customer's primary physical address.

This data type is used in the RequestInspectionACFP data type.

", + "refs": { + "AddressFields$member": null + } + }, + "AddressFields": { + "base": null, + "refs": { + "RequestInspectionACFP$AddressFields": "

The names of the fields in the request payload that contain your customer's primary physical address.

Order the address fields in the array exactly as they are ordered in the request payload.

How you specify the address fields depends on the request inspection payload type.

" + } + }, "All": { "base": "

Inspect all of the elements that WAF has parsed and extracted from the web request component that you've identified in your FieldToMatch specifications.

This is used in the FieldToMatch specification for some web request component types.

JSON specification: \"All\": {}

", "refs": { @@ -193,6 +211,8 @@ "Boolean": { "base": null, "refs": { + "AWSManagedRulesACFPRuleSet$EnableRegexInPath": "

Allow the use of regular expressions in the registration page path and the account creation path.

", + "AWSManagedRulesATPRuleSet$EnableRegexInPath": "

Allow the use of regular expressions in the login page path.

", "LoggingConfiguration$ManagedByFirewallManager": "

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

", "ManagedProductDescriptor$IsVersioningSupported": "

Indicates whether the rule group is versioned.

", "ManagedProductDescriptor$IsAdvancedManagedRuleSet": "

Indicates whether the rule group provides an advanced set of protections, such as the the Amazon Web Services Managed Rules rule groups that are used for WAF intelligent threat mitigation.

", @@ -388,6 +408,12 @@ "refs": { } }, + "CreationPathString": { + "base": null, + "refs": { + "AWSManagedRulesACFPRuleSet$CreationPath": "

The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept POST requests.

For example, for the URL https://example.com/web/signup, you would provide the path /web/signup.

" + } + }, "CustomHTTPHeader": { "base": "

A custom header for custom request and response handling. This is used in CustomResponse and CustomRequestHandling.

", "refs": { @@ -569,6 +595,12 @@ "GenerateMobileSdkReleaseUrlResponse$Url": "

The presigned download URL for the specified SDK release.

" } }, + "EmailField": { + "base": "

The name of the field in the request payload that contains your customer's email.

This data type is used in the RequestInspectionACFP data type.

", + "refs": { + "RequestInspectionACFP$EmailField": "

The name of the field in the request payload that contains your customer's email.

How you specify this depends on the request inspection payload type.

" + } + }, "EntityDescription": { "base": null, "refs": { @@ -748,9 +780,12 @@ "FieldIdentifier": { "base": null, "refs": { - "PasswordField$Identifier": "

The name of the password field. For example /form/password.

", - "ResponseInspectionJson$Identifier": "

The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.

JSON example: \"Identifier\": [ \"/login/success\" ]

", - "UsernameField$Identifier": "

The name of the username field. For example /form/username.

" + "AddressField$Identifier": "

The name of a single primary address field.

How you specify the address fields depends on the request inspection payload type.

", + "EmailField$Identifier": "

The name of the email field.

How you specify this depends on the request inspection payload type.

", + "PasswordField$Identifier": "

The name of the password field.

How you specify this depends on the request inspection payload type.

", + "PhoneNumberField$Identifier": "

The name of a single primary phone number field.

How you specify the phone number fields depends on the request inspection payload type.

", + "ResponseInspectionJson$Identifier": "

The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.

JSON examples: \"Identifier\": [ \"/login/success\" ] and \"Identifier\": [ \"/sign-up/success\" ]

", + "UsernameField$Identifier": "

The name of the username field.

How you specify this depends on the request inspection payload type.

" } }, "FieldToMatch": { @@ -1027,9 +1062,9 @@ } }, "HeaderOrder": { - "base": "

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using commas and no added spaces.

Matches against the header order string are case insensitive.

", + "base": "

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.

", "refs": { - "FieldToMatch$HeaderOrder": "

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using commas and no added spaces.

Matches against the header order string are case insensitive.

" + "FieldToMatch$HeaderOrder": "

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.

" } }, "HeaderValue": { @@ -1424,7 +1459,7 @@ } }, "ManagedRuleGroupConfig": { - "base": "

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

Use the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.

Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

For example specifications, see the examples section of CreateWebACL.

", + "base": "

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

The rule groups used for intelligent threat mitigation require additional configuration:

For example specifications, see the examples section of CreateWebACL.

", "refs": { "ManagedRuleGroupConfigs$member": null } @@ -1432,14 +1467,14 @@ "ManagedRuleGroupConfigs": { "base": null, "refs": { - "ManagedRuleGroupStatement$ManagedRuleGroupConfigs": "

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

Use the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.

Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

" + "ManagedRuleGroupStatement$ManagedRuleGroupConfigs": "

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

The rule groups used for intelligent threat mitigation require additional configuration:

" } }, "ManagedRuleGroupStatement": { - "base": "

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.

You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.

", + "base": "

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.

You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or the WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing.

", "refs": { "FirewallManagerStatement$ManagedRuleGroupStatement": "

A statement used by Firewall Manager to run the rules that are defined in a managed rule group. This is managed by Firewall Manager for an Firewall Manager WAF policy.

", - "Statement$ManagedRuleGroupStatement": "

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.

You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.

" + "Statement$ManagedRuleGroupStatement": "

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.

You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or the WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing.

" } }, "ManagedRuleGroupSummaries": { @@ -1564,7 +1599,7 @@ "OutputUrl": { "base": null, "refs": { - "GetWebACLResponse$ApplicationIntegrationURL": "

The URL to use in SDK integrations with Amazon Web Services managed rule groups. For example, you can use the integration SDKs with the account takeover prevention managed rule group AWSManagedRulesATPRuleSet. This is only populated if you are using a rule group in your web ACL that integrates with your applications in this way. For more information, see WAF client application integration in the WAF Developer Guide.

", + "GetWebACLResponse$ApplicationIntegrationURL": "

The URL to use in SDK integrations with Amazon Web Services managed rule groups. For example, you can use the integration SDKs with the account takeover prevention managed rule group AWSManagedRulesATPRuleSet and the account creation fraud prevention managed rule group AWSManagedRulesACFPRuleSet. This is only populated if you are using a rule group in your web ACL that integrates with your applications in this way. For more information, see WAF client application integration in the WAF Developer Guide.

", "ListAPIKeysResponse$ApplicationIntegrationURL": "

The CAPTCHA application integration URL, for use in your JavaScript implementation.

" } }, @@ -1614,17 +1649,31 @@ } }, "PasswordField": { - "base": "

Details about your login page password field for request inspection, used in the AWSManagedRulesATPRuleSet RequestInspection configuration.

", + "base": "

The name of the field in the request payload that contains your customer's password.

This data type is used in the RequestInspection and RequestInspectionACFP data types.

", "refs": { - "ManagedRuleGroupConfig$PasswordField": "

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

", - "RequestInspection$PasswordField": "

Details about your login page password field.

How you specify this depends on the payload type.

" + "ManagedRuleGroupConfig$PasswordField": "

Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

", + "RequestInspection$PasswordField": "

The name of the field in the request payload that contains your customer's password.

How you specify this depends on the request inspection payload type.

", + "RequestInspectionACFP$PasswordField": "

The name of the field in the request payload that contains your customer's password.

How you specify this depends on the request inspection payload type.

" } }, "PayloadType": { "base": null, "refs": { - "ManagedRuleGroupConfig$PayloadType": "

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

", - "RequestInspection$PayloadType": "

The payload type for your login endpoint, either JSON or form encoded.

" + "ManagedRuleGroupConfig$PayloadType": "

Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

", + "RequestInspection$PayloadType": "

The payload type for your login endpoint, either JSON or form encoded.

", + "RequestInspectionACFP$PayloadType": "

The payload type for your account creation endpoint, either JSON or form encoded.

" + } + }, + "PhoneNumberField": { + "base": "

The name of a field in the request payload that contains part or all of your customer's primary phone number.

This data type is used in the RequestInspectionACFP data type.

", + "refs": { + "PhoneNumberFields$member": null + } + }, + "PhoneNumberFields": { + "base": null, + "refs": { + "RequestInspectionACFP$PhoneNumberFields": "

The names of the fields in the request payload that contain your customer's primary phone number.

Order the phone number fields in the array exactly as they are ordered in the request payload.

How you specify the phone number fields depends on the request inspection payload type.

" } }, "Platform": { @@ -1808,7 +1857,7 @@ "RedactedFields": { "base": null, "refs": { - "LoggingConfiguration$RedactedFields": "

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

" + "LoggingConfiguration$RedactedFields": "

The parts of the request that you want to keep out of the logs.

For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

" } }, "Regex": { @@ -1855,6 +1904,12 @@ "RegexMatchStatement$RegexString": "

The string representing the regular expression.

" } }, + "RegistrationPagePathString": { + "base": null, + "refs": { + "AWSManagedRulesACFPRuleSet$RegistrationPagePath": "

The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.

This page must accept GET text/html requests.

For example, for the URL https://example.com/web/register, you would provide the path /web/register.

" + } + }, "RegularExpressionList": { "base": null, "refs": { @@ -1899,6 +1954,12 @@ "AWSManagedRulesATPRuleSet$RequestInspection": "

The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.

" } }, + "RequestInspectionACFP": { + "base": "

The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.

This is part of the AWSManagedRulesACFPRuleSet configuration in ManagedRuleGroupConfig.

In these settings, you specify how your application accepts account creation attempts by providing the request payload type and the names of the fields within the request body where the username, password, email, and primary address and phone number fields are provided.

", + "refs": { + "AWSManagedRulesACFPRuleSet$RequestInspection": "

The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.

" + } + }, "ResourceArn": { "base": null, "refs": { @@ -1973,87 +2034,88 @@ } }, "ResponseInspection": { - "base": "

The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.

The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.

Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.

", + "base": "

The criteria for inspecting responses to login requests and account creation requests, used by the ATP and ACFP rule groups to track login and account creation success and failure rates.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

The rule groups evaluates the responses that your protected resources send back to client login and account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses with too much suspicious activity in a short amount of time.

This is part of the AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet configurations in ManagedRuleGroupConfig.

Enable response inspection by configuring exactly one component of the response to inspect, for example, Header or StatusCode. You can't configure more than one component for inspection. If you don't configure any of the response inspection options, response inspection is disabled.

", "refs": { - "AWSManagedRulesATPRuleSet$ResponseInspection": "

The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.

The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

" + "AWSManagedRulesACFPRuleSet$ResponseInspection": "

The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

The ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.

", + "AWSManagedRulesATPRuleSet$ResponseInspection": "

The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.

" } }, "ResponseInspectionBodyContains": { - "base": "

Configures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", + "base": "

Configures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", "refs": { - "ResponseInspection$BodyContains": "

Configures inspection of the response body. WAF can inspect the first 65,536 bytes (64 KB) of the response body.

" + "ResponseInspection$BodyContains": "

Configures inspection of the response body for success and failure indicators. WAF can inspect the first 65,536 bytes (64 KB) of the response body.

" } }, "ResponseInspectionBodyContainsFailureStrings": { "base": null, "refs": { - "ResponseInspectionBodyContains$FailureStrings": "

Strings in the body of the response that indicate a failed login attempt. To be counted as a failed login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.

JSON example: \"FailureStrings\": [ \"Login failed\" ]

" + "ResponseInspectionBodyContains$FailureStrings": "

Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.

JSON example: \"FailureStrings\": [ \"Request failed\" ]

" } }, "ResponseInspectionBodyContainsSuccessStrings": { "base": null, "refs": { - "ResponseInspectionBodyContains$SuccessStrings": "

Strings in the body of the response that indicate a successful login attempt. To be counted as a successful login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.

JSON example: \"SuccessStrings\": [ \"Login successful\", \"Welcome to our site!\" ]

" + "ResponseInspectionBodyContains$SuccessStrings": "

Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.

JSON examples: \"SuccessStrings\": [ \"Login successful\" ] and \"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]

" } }, "ResponseInspectionHeader": { - "base": "

Configures inspection of the response header. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", + "base": "

Configures inspection of the response header. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", "refs": { - "ResponseInspection$Header": "

Configures inspection of the response header.

" + "ResponseInspection$Header": "

Configures inspection of the response header for success and failure indicators.

" } }, "ResponseInspectionHeaderFailureValues": { "base": null, "refs": { - "ResponseInspectionHeader$FailureValues": "

Values in the response header with the specified name that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]

" + "ResponseInspectionHeader$FailureValues": "

Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON examples: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ] and \"FailureValues\": [ \"AccountCreationFailed\" ]

" } }, "ResponseInspectionHeaderName": { "base": null, "refs": { - "ResponseInspectionHeader$Name": "

The name of the header to match against. The name must be an exact match, including case.

JSON example: \"Name\": [ \"LoginResult\" ]

" + "ResponseInspectionHeader$Name": "

The name of the header to match against. The name must be an exact match, including case.

JSON example: \"Name\": [ \"RequestResult\" ]

" } }, "ResponseInspectionHeaderSuccessValues": { "base": null, "refs": { - "ResponseInspectionHeader$SuccessValues": "

Values in the response header with the specified name that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]

" + "ResponseInspectionHeader$SuccessValues": "

Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON examples: \"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ] and \"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]

" } }, "ResponseInspectionJson": { - "base": "

Configures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", + "base": "

Configures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", "refs": { - "ResponseInspection$Json": "

Configures inspection of the response JSON. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.

" + "ResponseInspection$Json": "

Configures inspection of the response JSON for success and failure indicators. WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.

" } }, "ResponseInspectionJsonFailureValues": { "base": null, "refs": { - "ResponseInspectionJson$FailureValues": "

Values for the specified identifier in the response JSON that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"FailureValues\": [ \"False\", \"Failed\" ]

" + "ResponseInspectionJson$FailureValues": "

Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"FailureValues\": [ \"False\", \"Failed\" ]

" } }, "ResponseInspectionJsonSuccessValues": { "base": null, "refs": { - "ResponseInspectionJson$SuccessValues": "

Values for the specified identifier in the response JSON that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"SuccessValues\": [ \"True\", \"Succeeded\" ]

" + "ResponseInspectionJson$SuccessValues": "

Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: \"SuccessValues\": [ \"True\", \"Succeeded\" ]

" } }, "ResponseInspectionStatusCode": { - "base": "

Configures inspection of the response status code. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", + "base": "

Configures inspection of the response status code. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

", "refs": { - "ResponseInspection$StatusCode": "

Configures inspection of the response status code.

" + "ResponseInspection$StatusCode": "

Configures inspection of the response status code for success and failure indicators.

" } }, "ResponseInspectionStatusCodeFailureCodes": { "base": null, "refs": { - "ResponseInspectionStatusCode$FailureCodes": "

Status codes in the response that indicate a failed login attempt. To be counted as a failed login, the response status code must match one of these. Each code must be unique among the success and failure status codes.

JSON example: \"FailureCodes\": [ 400, 404 ]

" + "ResponseInspectionStatusCode$FailureCodes": "

Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.

JSON example: \"FailureCodes\": [ 400, 404 ]

" } }, "ResponseInspectionStatusCodeSuccessCodes": { "base": null, "refs": { - "ResponseInspectionStatusCode$SuccessCodes": "

Status codes in the response that indicate a successful login attempt. To be counted as a successful login, the response status code must match one of these. Each code must be unique among the success and failure status codes.

JSON example: \"SuccessCodes\": [ 200, 201 ]

" + "ResponseInspectionStatusCode$SuccessCodes": "

Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.

JSON example: \"SuccessCodes\": [ 200, 201 ]

" } }, "ResponseStatusCode": { @@ -2518,10 +2580,11 @@ } }, "UsernameField": { - "base": "

Details about your login page username field for request inspection, used in the AWSManagedRulesATPRuleSet RequestInspection configuration.

", + "base": "

The name of the field in the request payload that contains your customer's username.

This data type is used in the RequestInspection and RequestInspectionACFP data types.

", "refs": { - "ManagedRuleGroupConfig$UsernameField": "

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

", - "RequestInspection$UsernameField": "

Details about your login page username field.

How you specify this depends on the payload type.

" + "ManagedRuleGroupConfig$UsernameField": "

Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

", + "RequestInspection$UsernameField": "

The name of the field in the request payload that contains your customer's username.

How you specify this depends on the request inspection payload type.

", + "RequestInspectionACFP$UsernameField": "

The name of the field in the request payload that contains your customer's username.

How you specify this depends on the request inspection payload type.

" } }, "VendorName": { diff --git a/models/apis/wellarchitected/2020-03-31/api-2.json b/models/apis/wellarchitected/2020-03-31/api-2.json index 0c3c70407db..8e2d5bf8653 100644 --- a/models/apis/wellarchitected/2020-03-31/api-2.json +++ b/models/apis/wellarchitected/2020-03-31/api-2.json @@ -29,6 +29,22 @@ {"shape":"ThrottlingException"} ] }, + "AssociateProfiles":{ + "name":"AssociateProfiles", + "http":{ + "method":"PATCH", + "requestUri":"/workloads/{WorkloadId}/associateProfiles" + }, + "input":{"shape":"AssociateProfilesInput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "CreateLensShare":{ "name":"CreateLensShare", "http":{ @@ -83,6 +99,41 @@ {"shape":"ThrottlingException"} ] }, + "CreateProfile":{ + "name":"CreateProfile", + "http":{ + "method":"POST", + "requestUri":"/profiles" + }, + "input":{"shape":"CreateProfileInput"}, + "output":{"shape":"CreateProfileOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, + "CreateProfileShare":{ + "name":"CreateProfileShare", + "http":{ + "method":"POST", + "requestUri":"/profiles/{ProfileArn}/shares" + }, + "input":{"shape":"CreateProfileShareInput"}, + "output":{"shape":"CreateProfileShareOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "CreateWorkload":{ "name":"CreateWorkload", "http":{ @@ -151,6 +202,38 @@ {"shape":"ThrottlingException"} ] }, + "DeleteProfile":{ + "name":"DeleteProfile", + "http":{ + "method":"DELETE", + "requestUri":"/profiles/{ProfileArn}" + }, + "input":{"shape":"DeleteProfileInput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, + "DeleteProfileShare":{ + "name":"DeleteProfileShare", + "http":{ + "method":"DELETE", + "requestUri":"/profiles/{ProfileArn}/shares/{ShareId}" + }, + "input":{"shape":"DeleteProfileShareInput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "DeleteWorkload":{ "name":"DeleteWorkload", "http":{ @@ -199,6 +282,22 @@ {"shape":"ThrottlingException"} ] }, + "DisassociateProfiles":{ + "name":"DisassociateProfiles", + "http":{ + "method":"PATCH", + "requestUri":"/workloads/{WorkloadId}/disassociateProfiles" + }, + "input":{"shape":"DisassociateProfilesInput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "ExportLens":{ "name":"ExportLens", "http":{ @@ -327,6 +426,38 @@ {"shape":"ThrottlingException"} ] }, + "GetProfile":{ + "name":"GetProfile", + "http":{ + "method":"GET", + "requestUri":"/profiles/{ProfileArn}" + }, + "input":{"shape":"GetProfileInput"}, + "output":{"shape":"GetProfileOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, + "GetProfileTemplate":{ + "name":"GetProfileTemplate", + "http":{ + "method":"GET", + "requestUri":"/profileTemplate" + }, + "input":{"shape":"GetProfileTemplateInput"}, + "output":{"shape":"GetProfileTemplateOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "GetWorkload":{ "name":"GetWorkload", "http":{ @@ -503,6 +634,52 @@ {"shape":"ThrottlingException"} ] }, + "ListProfileNotifications":{ + "name":"ListProfileNotifications", + "http":{ + "method":"GET", + "requestUri":"/profileNotifications/" + }, + "input":{"shape":"ListProfileNotificationsInput"}, + "output":{"shape":"ListProfileNotificationsOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, + "ListProfileShares":{ + "name":"ListProfileShares", + "http":{ + "method":"GET", + "requestUri":"/profiles/{ProfileArn}/shares" + }, + "input":{"shape":"ListProfileSharesInput"}, + "output":{"shape":"ListProfileSharesOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, + "ListProfiles":{ + "name":"ListProfiles", + "http":{ + "method":"GET", + "requestUri":"/profileSummaries" + }, + "input":{"shape":"ListProfilesInput"}, + "output":{"shape":"ListProfilesOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "ListShareInvitations":{ "name":"ListShareInvitations", "http":{ @@ -637,6 +814,23 @@ {"shape":"ThrottlingException"} ] }, + "UpdateProfile":{ + "name":"UpdateProfile", + "http":{ + "method":"PATCH", + "requestUri":"/profiles/{ProfileArn}" + }, + "input":{"shape":"UpdateProfileInput"}, + "output":{"shape":"UpdateProfileOutput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] + }, "UpdateShareInvitation":{ "name":"UpdateShareInvitation", "http":{ @@ -703,6 +897,22 @@ {"shape":"AccessDeniedException"}, {"shape":"ThrottlingException"} ] + }, + "UpgradeProfileVersion":{ + "name":"UpgradeProfileVersion", + "http":{ + "method":"PUT", + "requestUri":"/workloads/{WorkloadId}/profiles/{ProfileArn}/upgrade" + }, + "input":{"shape":"UpgradeProfileVersionInput"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ] } }, "shapes":{ @@ -782,7 +992,8 @@ "ChoiceAnswerSummaries":{"shape":"ChoiceAnswerSummaries"}, "IsApplicable":{"shape":"IsApplicable"}, "Risk":{"shape":"Risk"}, - "Reason":{"shape":"AnswerReason"} + "Reason":{"shape":"AnswerReason"}, + "QuestionType":{"shape":"QuestionType"} } }, "ApplicationArn":{ @@ -805,8 +1016,25 @@ "LensAliases":{"shape":"LensAliases"} } }, + "AssociateProfilesInput":{ + "type":"structure", + "required":[ + "WorkloadId", + "ProfileArns" + ], + "members":{ + "WorkloadId":{ + "shape":"WorkloadId", + "location":"uri", + "locationName":"WorkloadId" + }, + "ProfileArns":{"shape":"ProfileArns"} + } + }, "AwsAccountId":{ "type":"string", + "max":12, + "min":12, "pattern":"[0-9]{12}" }, "AwsRegion":{ @@ -1018,7 +1246,11 @@ "type":"list", "member":{"shape":"Choice"} }, - "ClientRequestToken":{"type":"string"}, + "ClientRequestToken":{ + "type":"string", + "max":2048, + "min":1 + }, "ConflictException":{ "type":"structure", "required":[ @@ -1136,6 +1368,59 @@ "MilestoneNumber":{"shape":"MilestoneNumber"} } }, + "CreateProfileInput":{ + "type":"structure", + "required":[ + "ProfileName", + "ProfileDescription", + "ProfileQuestions", + "ClientRequestToken" + ], + "members":{ + "ProfileName":{"shape":"ProfileName"}, + "ProfileDescription":{"shape":"ProfileDescription"}, + "ProfileQuestions":{"shape":"ProfileQuestionUpdates"}, + "ClientRequestToken":{ + "shape":"ClientRequestToken", + "idempotencyToken":true + }, + "Tags":{"shape":"TagMap"} + } + }, + "CreateProfileOutput":{ + "type":"structure", + "members":{ + "ProfileArn":{"shape":"ProfileArn"}, + "ProfileVersion":{"shape":"ProfileVersion"} + } + }, + "CreateProfileShareInput":{ + "type":"structure", + "required":[ + "ProfileArn", + "SharedWith", + "ClientRequestToken" + ], + "members":{ + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "SharedWith":{"shape":"SharedWith"}, + "ClientRequestToken":{ + "shape":"ClientRequestToken", + "idempotencyToken":true + } + } + }, + "CreateProfileShareOutput":{ + "type":"structure", + "members":{ + "ShareId":{"shape":"ShareId"}, + "ProfileArn":{"shape":"ProfileArn"} + } + }, "CreateWorkloadInput":{ "type":"structure", "required":[ @@ -1165,7 +1450,8 @@ }, "Tags":{"shape":"TagMap"}, "DiscoveryConfig":{"shape":"WorkloadDiscoveryConfig"}, - "Applications":{"shape":"WorkloadApplications"} + "Applications":{"shape":"WorkloadApplications"}, + "ProfileArns":{"shape":"WorkloadProfileArns"} } }, "CreateWorkloadOutput":{ @@ -1263,6 +1549,52 @@ } } }, + "DeleteProfileInput":{ + "type":"structure", + "required":[ + "ProfileArn", + "ClientRequestToken" + ], + "members":{ + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "ClientRequestToken":{ + "shape":"ClientRequestToken", + "idempotencyToken":true, + "location":"querystring", + "locationName":"ClientRequestToken" + } + } + }, + "DeleteProfileShareInput":{ + "type":"structure", + "required":[ + "ShareId", + "ProfileArn", + "ClientRequestToken" + ], + "members":{ + "ShareId":{ + "shape":"ShareId", + "location":"uri", + "locationName":"ShareId" + }, + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "ClientRequestToken":{ + "shape":"ClientRequestToken", + "idempotencyToken":true, + "location":"querystring", + "locationName":"ClientRequestToken" + } + } + }, "DeleteWorkloadInput":{ "type":"structure", "required":[ @@ -1332,6 +1664,21 @@ "LensAliases":{"shape":"LensAliases"} } }, + "DisassociateProfilesInput":{ + "type":"structure", + "required":[ + "WorkloadId", + "ProfileArns" + ], + "members":{ + "WorkloadId":{ + "shape":"WorkloadId", + "location":"uri", + "locationName":"WorkloadId" + }, + "ProfileArns":{"shape":"ProfileArns"} + } + }, "DiscoveryIntegrationStatus":{ "type":"string", "enum":[ @@ -1597,12 +1944,45 @@ "Milestone":{"shape":"Milestone"} } }, - "GetWorkloadInput":{ + "GetProfileInput":{ "type":"structure", - "required":["WorkloadId"], + "required":["ProfileArn"], "members":{ - "WorkloadId":{ - "shape":"WorkloadId", + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "ProfileVersion":{ + "shape":"ProfileVersion", + "location":"querystring", + "locationName":"ProfileVersion" + } + } + }, + "GetProfileOutput":{ + "type":"structure", + "members":{ + "Profile":{"shape":"Profile"} + } + }, + "GetProfileTemplateInput":{ + "type":"structure", + "members":{ + } + }, + "GetProfileTemplateOutput":{ + "type":"structure", + "members":{ + "ProfileTemplate":{"shape":"ProfileTemplate"} + } + }, + "GetWorkloadInput":{ + "type":"structure", + "required":["WorkloadId"], + "members":{ + "WorkloadId":{ + "shape":"WorkloadId", "location":"uri", "locationName":"WorkloadId" } @@ -1751,7 +2131,9 @@ "UpdatedAt":{"shape":"Timestamp"}, "Notes":{"shape":"Notes"}, "RiskCounts":{"shape":"RiskCounts"}, - "NextToken":{"shape":"NextToken"} + "NextToken":{"shape":"NextToken"}, + "Profiles":{"shape":"WorkloadProfiles"}, + "PrioritizedRiskCounts":{"shape":"RiskCounts"} } }, "LensReviewReport":{ @@ -1775,7 +2157,9 @@ "LensName":{"shape":"LensName"}, "LensStatus":{"shape":"LensStatus"}, "UpdatedAt":{"shape":"Timestamp"}, - "RiskCounts":{"shape":"RiskCounts"} + "RiskCounts":{"shape":"RiskCounts"}, + "Profiles":{"shape":"WorkloadProfiles"}, + "PrioritizedRiskCounts":{"shape":"RiskCounts"} } }, "LensShareSummaries":{ @@ -1892,6 +2276,11 @@ "shape":"ListAnswersMaxResults", "location":"querystring", "locationName":"MaxResults" + }, + "QuestionPriority":{ + "shape":"QuestionPriority", + "location":"querystring", + "locationName":"QuestionPriority" } } }, @@ -2007,6 +2396,11 @@ "shape":"ListLensReviewImprovementsMaxResults", "location":"querystring", "locationName":"MaxResults" + }, + "QuestionPriority":{ + "shape":"QuestionPriority", + "location":"querystring", + "locationName":"QuestionPriority" } } }, @@ -2177,6 +2571,108 @@ "NextToken":{"shape":"NextToken"} } }, + "ListProfileNotificationsInput":{ + "type":"structure", + "members":{ + "WorkloadId":{ + "shape":"WorkloadId", + "location":"querystring", + "locationName":"WorkloadId" + }, + "NextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"NextToken" + }, + "MaxResults":{ + "shape":"MaxResults", + "location":"querystring", + "locationName":"MaxResults" + } + } + }, + "ListProfileNotificationsOutput":{ + "type":"structure", + "members":{ + "NotificationSummaries":{"shape":"ProfileNotificationSummaries"}, + "NextToken":{"shape":"NextToken"} + } + }, + "ListProfileSharesInput":{ + "type":"structure", + "required":["ProfileArn"], + "members":{ + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "SharedWithPrefix":{ + "shape":"SharedWithPrefix", + "location":"querystring", + "locationName":"SharedWithPrefix" + }, + "NextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"NextToken" + }, + "MaxResults":{ + "shape":"ListProfileSharesMaxResults", + "location":"querystring", + "locationName":"MaxResults" + }, + "Status":{ + "shape":"ShareStatus", + "location":"querystring", + "locationName":"Status" + } + } + }, + "ListProfileSharesMaxResults":{ + "type":"integer", + "max":50, + "min":1 + }, + "ListProfileSharesOutput":{ + "type":"structure", + "members":{ + "ProfileShareSummaries":{"shape":"ProfileShareSummaries"}, + "NextToken":{"shape":"NextToken"} + } + }, + "ListProfilesInput":{ + "type":"structure", + "members":{ + "ProfileNamePrefix":{ + "shape":"ProfileNamePrefix", + "location":"querystring", + "locationName":"ProfileNamePrefix" + }, + "ProfileOwnerType":{ + "shape":"ProfileOwnerType", + "location":"querystring", + "locationName":"ProfileOwnerType" + }, + "NextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"NextToken" + }, + "MaxResults":{ + "shape":"MaxResults", + "location":"querystring", + "locationName":"MaxResults" + } + } + }, + "ListProfilesOutput":{ + "type":"structure", + "members":{ + "ProfileSummaries":{"shape":"ProfileSummaries"}, + "NextToken":{"shape":"NextToken"} + } + }, "ListShareInvitationsInput":{ "type":"structure", "members":{ @@ -2204,6 +2700,11 @@ "shape":"ListShareInvitationsMaxResults", "location":"querystring", "locationName":"MaxResults" + }, + "ProfileNamePrefix":{ + "shape":"ProfileNamePrefix", + "location":"querystring", + "locationName":"ProfileNamePrefix" } } }, @@ -2305,6 +2806,10 @@ "max":50, "min":1 }, + "MaxSelectedProfileChoices":{ + "type":"integer", + "min":0 + }, "MetricType":{ "type":"string", "enum":["WORKLOAD"] @@ -2341,6 +2846,10 @@ "WorkloadSummary":{"shape":"WorkloadSummary"} } }, + "MinSelectedProfileChoices":{ + "type":"integer", + "min":0 + }, "NextToken":{"type":"string"}, "Notes":{ "type":"string", @@ -2428,9 +2937,188 @@ "PillarId":{"shape":"PillarId"}, "PillarName":{"shape":"PillarName"}, "Notes":{"shape":"Notes"}, - "RiskCounts":{"shape":"RiskCounts"} + "RiskCounts":{"shape":"RiskCounts"}, + "PrioritizedRiskCounts":{"shape":"RiskCounts"} + } + }, + "Profile":{ + "type":"structure", + "members":{ + "ProfileArn":{"shape":"ProfileArn"}, + "ProfileVersion":{"shape":"ProfileVersion"}, + "ProfileName":{"shape":"ProfileName"}, + "ProfileDescription":{"shape":"ProfileDescription"}, + "ProfileQuestions":{"shape":"ProfileQuestions"}, + "Owner":{"shape":"AwsAccountId"}, + "CreatedAt":{"shape":"Timestamp"}, + "UpdatedAt":{"shape":"Timestamp"}, + "ShareInvitationId":{"shape":"ShareInvitationId"}, + "Tags":{"shape":"TagMap"} + } + }, + "ProfileArn":{ + "type":"string", + "max":2084, + "pattern":"arn:aws[-a-z]*:wellarchitected:[a-z]{2}(-gov)?-[a-z]+-\\d:\\d{12}:profile/[a-z0-9]+" + }, + "ProfileArns":{ + "type":"list", + "member":{"shape":"ProfileArn"}, + "min":1 + }, + "ProfileChoice":{ + "type":"structure", + "members":{ + "ChoiceId":{"shape":"ChoiceId"}, + "ChoiceTitle":{"shape":"ChoiceTitle"}, + "ChoiceDescription":{"shape":"ChoiceDescription"} + } + }, + "ProfileDescription":{ + "type":"string", + "max":100, + "min":3, + "pattern":"^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" + }, + "ProfileName":{ + "type":"string", + "max":100, + "min":3, + "pattern":"^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" + }, + "ProfileNamePrefix":{ + "type":"string", + "max":100, + "pattern":"^[A-Za-z0-9-_.,:/()@!&?#+'’\\s]+$" + }, + "ProfileNotificationSummaries":{ + "type":"list", + "member":{"shape":"ProfileNotificationSummary"} + }, + "ProfileNotificationSummary":{ + "type":"structure", + "members":{ + "CurrentProfileVersion":{"shape":"ProfileVersion"}, + "LatestProfileVersion":{"shape":"ProfileVersion"}, + "Type":{"shape":"ProfileNotificationType"}, + "ProfileArn":{"shape":"ProfileArn"}, + "ProfileName":{"shape":"ProfileName"}, + "WorkloadId":{"shape":"WorkloadId"}, + "WorkloadName":{"shape":"WorkloadName"} + } + }, + "ProfileNotificationType":{ + "type":"string", + "enum":[ + "PROFILE_ANSWERS_UPDATED", + "PROFILE_DELETED" + ] + }, + "ProfileOwnerType":{ + "type":"string", + "enum":[ + "SELF", + "SHARED" + ] + }, + "ProfileQuestion":{ + "type":"structure", + "members":{ + "QuestionId":{"shape":"QuestionId"}, + "QuestionTitle":{"shape":"QuestionTitle"}, + "QuestionDescription":{"shape":"QuestionDescription"}, + "QuestionChoices":{"shape":"ProfileQuestionChoices"}, + "SelectedChoiceIds":{"shape":"SelectedChoiceIds"}, + "MinSelectedChoices":{"shape":"MinSelectedProfileChoices"}, + "MaxSelectedChoices":{"shape":"MaxSelectedProfileChoices"} + } + }, + "ProfileQuestionChoices":{ + "type":"list", + "member":{"shape":"ProfileChoice"} + }, + "ProfileQuestionUpdate":{ + "type":"structure", + "members":{ + "QuestionId":{"shape":"QuestionId"}, + "SelectedChoiceIds":{"shape":"SelectedProfileChoiceIds"} + } + }, + "ProfileQuestionUpdates":{ + "type":"list", + "member":{"shape":"ProfileQuestionUpdate"} + }, + "ProfileQuestions":{ + "type":"list", + "member":{"shape":"ProfileQuestion"} + }, + "ProfileShareSummaries":{ + "type":"list", + "member":{"shape":"ProfileShareSummary"} + }, + "ProfileShareSummary":{ + "type":"structure", + "members":{ + "ShareId":{"shape":"ShareId"}, + "SharedWith":{"shape":"SharedWith"}, + "Status":{"shape":"ShareStatus"}, + "StatusMessage":{"shape":"StatusMessage"} + } + }, + "ProfileSummaries":{ + "type":"list", + "member":{"shape":"ProfileSummary"} + }, + "ProfileSummary":{ + "type":"structure", + "members":{ + "ProfileArn":{"shape":"ProfileArn"}, + "ProfileVersion":{"shape":"ProfileVersion"}, + "ProfileName":{"shape":"ProfileName"}, + "ProfileDescription":{"shape":"ProfileDescription"}, + "Owner":{"shape":"AwsAccountId"}, + "CreatedAt":{"shape":"Timestamp"}, + "UpdatedAt":{"shape":"Timestamp"} + } + }, + "ProfileTemplate":{ + "type":"structure", + "members":{ + "TemplateName":{"shape":"ProfileName"}, + "TemplateQuestions":{"shape":"TemplateQuestions"}, + "CreatedAt":{"shape":"Timestamp"}, + "UpdatedAt":{"shape":"Timestamp"} + } + }, + "ProfileTemplateChoice":{ + "type":"structure", + "members":{ + "ChoiceId":{"shape":"ChoiceId"}, + "ChoiceTitle":{"shape":"ChoiceTitle"}, + "ChoiceDescription":{"shape":"ChoiceDescription"} + } + }, + "ProfileTemplateQuestion":{ + "type":"structure", + "members":{ + "QuestionId":{"shape":"QuestionId"}, + "QuestionTitle":{"shape":"QuestionTitle"}, + "QuestionDescription":{"shape":"QuestionDescription"}, + "QuestionChoices":{"shape":"ProfileTemplateQuestionChoices"}, + "MinSelectedChoices":{"shape":"MinSelectedProfileChoices"}, + "MaxSelectedChoices":{"shape":"MaxSelectedProfileChoices"} } }, + "ProfileTemplateQuestionChoices":{ + "type":"list", + "member":{"shape":"ProfileTemplateChoice"} + }, + "ProfileVersion":{ + "type":"string", + "max":32, + "min":1, + "pattern":"^[A-Za-z0-9-]+$" + }, "QuestionDescription":{ "type":"string", "max":1024, @@ -2465,11 +3153,25 @@ "type":"list", "member":{"shape":"QuestionMetric"} }, + "QuestionPriority":{ + "type":"string", + "enum":[ + "PRIORITIZED", + "NONE" + ] + }, "QuestionTitle":{ "type":"string", "max":512, "min":1 }, + "QuestionType":{ + "type":"string", + "enum":[ + "PRIORITIZED", + "NON_PRIORITIZED" + ] + }, "QuotaCode":{"type":"string"}, "ReportFormat":{ "type":"string", @@ -2508,10 +3210,18 @@ "key":{"shape":"Risk"}, "value":{"shape":"Count"} }, + "SelectedChoiceIds":{ + "type":"list", + "member":{"shape":"ChoiceId"} + }, "SelectedChoices":{ "type":"list", "member":{"shape":"ChoiceId"} }, + "SelectedProfileChoiceIds":{ + "type":"list", + "member":{"shape":"ChoiceId"} + }, "ServiceCode":{"type":"string"}, "ServiceQuotaExceededException":{ "type":"structure", @@ -2541,7 +3251,8 @@ "ShareResourceType":{"shape":"ShareResourceType"}, "WorkloadId":{"shape":"WorkloadId"}, "LensAlias":{"shape":"LensAlias"}, - "LensArn":{"shape":"LensArn"} + "LensArn":{"shape":"LensArn"}, + "ProfileArn":{"shape":"ProfileArn"} } }, "ShareInvitationAction":{ @@ -2570,14 +3281,17 @@ "WorkloadName":{"shape":"WorkloadName"}, "WorkloadId":{"shape":"WorkloadId"}, "LensName":{"shape":"LensName"}, - "LensArn":{"shape":"LensArn"} + "LensArn":{"shape":"LensArn"}, + "ProfileName":{"shape":"ProfileName"}, + "ProfileArn":{"shape":"ProfileArn"} } }, "ShareResourceType":{ "type":"string", "enum":[ "WORKLOAD", - "LENS" + "LENS", + "PROFILE" ] }, "ShareStatus":{ @@ -2650,6 +3364,10 @@ "max":256, "min":0 }, + "TemplateQuestions":{ + "type":"list", + "member":{"shape":"ProfileTemplateQuestion"} + }, "ThrottlingException":{ "type":"structure", "required":["Message"], @@ -2767,6 +3485,25 @@ "LensReview":{"shape":"LensReview"} } }, + "UpdateProfileInput":{ + "type":"structure", + "required":["ProfileArn"], + "members":{ + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "ProfileDescription":{"shape":"ProfileDescription"}, + "ProfileQuestions":{"shape":"ProfileQuestionUpdates"} + } + }, + "UpdateProfileOutput":{ + "type":"structure", + "members":{ + "Profile":{"shape":"Profile"} + } + }, "UpdateShareInvitationInput":{ "type":"structure", "required":[ @@ -2871,6 +3608,30 @@ "ClientRequestToken":{"shape":"ClientRequestToken"} } }, + "UpgradeProfileVersionInput":{ + "type":"structure", + "required":[ + "WorkloadId", + "ProfileArn" + ], + "members":{ + "WorkloadId":{ + "shape":"WorkloadId", + "location":"uri", + "locationName":"WorkloadId" + }, + "ProfileArn":{ + "shape":"ProfileArn", + "location":"uri", + "locationName":"ProfileArn" + }, + "MilestoneName":{"shape":"MilestoneName"}, + "ClientRequestToken":{ + "shape":"ClientRequestToken", + "idempotencyToken":true + } + } + }, "Urls":{ "type":"list", "member":{"shape":"ChoiceContent"} @@ -2944,7 +3705,9 @@ "ShareInvitationId":{"shape":"ShareInvitationId"}, "Tags":{"shape":"TagMap"}, "DiscoveryConfig":{"shape":"WorkloadDiscoveryConfig"}, - "Applications":{"shape":"WorkloadApplications"} + "Applications":{"shape":"WorkloadApplications"}, + "Profiles":{"shape":"WorkloadProfiles"}, + "PrioritizedRiskCounts":{"shape":"RiskCounts"} } }, "WorkloadAccountIds":{ @@ -2989,6 +3752,8 @@ }, "WorkloadId":{ "type":"string", + "max":32, + "min":32, "pattern":"[0-9a-f]{32}" }, "WorkloadImprovementStatus":{ @@ -3036,6 +3801,23 @@ "type":"list", "member":{"shape":"PillarId"} }, + "WorkloadProfile":{ + "type":"structure", + "members":{ + "ProfileArn":{"shape":"ProfileArn"}, + "ProfileVersion":{"shape":"ProfileVersion"} + } + }, + "WorkloadProfileArns":{ + "type":"list", + "member":{"shape":"ProfileArn"}, + "max":1 + }, + "WorkloadProfiles":{ + "type":"list", + "member":{"shape":"WorkloadProfile"}, + "max":1 + }, "WorkloadResourceDefinition":{ "type":"list", "member":{"shape":"DefinitionType"} @@ -3085,7 +3867,9 @@ "UpdatedAt":{"shape":"Timestamp"}, "Lenses":{"shape":"WorkloadLenses"}, "RiskCounts":{"shape":"RiskCounts"}, - "ImprovementStatus":{"shape":"WorkloadImprovementStatus"} + "ImprovementStatus":{"shape":"WorkloadImprovementStatus"}, + "Profiles":{"shape":"WorkloadProfiles"}, + "PrioritizedRiskCounts":{"shape":"RiskCounts"} } } } diff --git a/models/apis/wellarchitected/2020-03-31/docs-2.json b/models/apis/wellarchitected/2020-03-31/docs-2.json index 572efafb7ca..5250fe0d23f 100644 --- a/models/apis/wellarchitected/2020-03-31/docs-2.json +++ b/models/apis/wellarchitected/2020-03-31/docs-2.json @@ -3,16 +3,22 @@ "service": "Well-Architected Tool

This is the Well-Architected Tool API Reference. The WA Tool API provides programmatic access to the Well-Architected Tool in the Amazon Web Services Management Console. For information about the Well-Architected Tool, see the Well-Architected Tool User Guide.

", "operations": { "AssociateLenses": "

Associate a lens to a workload.

Up to 10 lenses can be associated with a workload in a single API operation. A maximum of 20 lenses can be associated with a workload.

Disclaimer

By accessing and/or applying custom lenses created by another Amazon Web Services user or account, you acknowledge that custom lenses created by other users and shared with you are Third Party Content as defined in the Amazon Web Services Customer Agreement.

", + "AssociateProfiles": "

Associate a profile with a workload.

", "CreateLensShare": "

Create a lens share.

The owner of a lens can share it with other Amazon Web Services accounts, users, an organization, and organizational units (OUs) in the same Amazon Web Services Region. Lenses provided by Amazon Web Services (Amazon Web Services Official Content) cannot be shared.

Shared access to a lens is not removed until the lens invitation is deleted.

If you share a lens with an organization or OU, all accounts in the organization or OU are granted access to the lens.

For more information, see Sharing a custom lens in the Well-Architected Tool User Guide.

Disclaimer

By sharing your custom lenses with other Amazon Web Services accounts, you acknowledge that Amazon Web Services will make your custom lenses available to those other accounts. Those other accounts may continue to access and use your shared custom lenses even if you delete the custom lenses from your own Amazon Web Services account or terminate your Amazon Web Services account.

", "CreateLensVersion": "

Create a new lens version.

A lens can have up to 100 versions.

Use this operation to publish a new lens version after you have imported a lens. The LensAlias is used to identify the lens to be published. The owner of a lens can share the lens with other Amazon Web Services accounts and users in the same Amazon Web Services Region. Only the owner of a lens can delete it.

", "CreateMilestone": "

Create a milestone for an existing workload.

", + "CreateProfile": "

Create a profile.

", + "CreateProfileShare": "

Create a profile share.

", "CreateWorkload": "

Create a new workload.

The owner of a workload can share the workload with other Amazon Web Services accounts, users, an organization, and organizational units (OUs) in the same Amazon Web Services Region. Only the owner of a workload can delete it.

For more information, see Defining a Workload in the Well-Architected Tool User Guide.

Either AwsRegions, NonAwsRegions, or both must be specified when creating a workload.

You also must specify ReviewOwner, even though the parameter is listed as not being required in the following section.

", "CreateWorkloadShare": "

Create a workload share.

The owner of a workload can share it with other Amazon Web Services accounts and users in the same Amazon Web Services Region. Shared access to a workload is not removed until the workload invitation is deleted.

If you share a workload with an organization or OU, all accounts in the organization or OU are granted access to the workload.

For more information, see Sharing a workload in the Well-Architected Tool User Guide.

", "DeleteLens": "

Delete an existing lens.

Only the owner of a lens can delete it. After the lens is deleted, Amazon Web Services accounts and users that you shared the lens with can continue to use it, but they will no longer be able to apply it to new workloads.

Disclaimer

By sharing your custom lenses with other Amazon Web Services accounts, you acknowledge that Amazon Web Services will make your custom lenses available to those other accounts. Those other accounts may continue to access and use your shared custom lenses even if you delete the custom lenses from your own Amazon Web Services account or terminate your Amazon Web Services account.

", "DeleteLensShare": "

Delete a lens share.

After the lens share is deleted, Amazon Web Services accounts, users, organizations, and organizational units (OUs) that you shared the lens with can continue to use it, but they will no longer be able to apply it to new workloads.

Disclaimer

By sharing your custom lenses with other Amazon Web Services accounts, you acknowledge that Amazon Web Services will make your custom lenses available to those other accounts. Those other accounts may continue to access and use your shared custom lenses even if you delete the custom lenses from your own Amazon Web Services account or terminate your Amazon Web Services account.

", + "DeleteProfile": "

Delete a profile.

Disclaimer

By sharing your profile with other Amazon Web Services accounts, you acknowledge that Amazon Web Services will make your profile available to those other accounts. Those other accounts may continue to access and use your shared profile even if you delete the profile from your own Amazon Web Services account or terminate your Amazon Web Services account.

", + "DeleteProfileShare": "

Delete a profile share.

", "DeleteWorkload": "

Delete an existing workload.

", "DeleteWorkloadShare": "

Delete a workload share.

", "DisassociateLenses": "

Disassociate a lens from a workload.

Up to 10 lenses can be disassociated from a workload in a single API operation.

The Amazon Web Services Well-Architected Framework lens (wellarchitected) cannot be removed from a workload.

", + "DisassociateProfiles": "

Disassociate a profile from a workload.

", "ExportLens": "

Export an existing lens.

Only the owner of a lens can export it. Lenses provided by Amazon Web Services (Amazon Web Services Official Content) cannot be exported.

Lenses are defined in JSON. For more information, see JSON format specification in the Well-Architected Tool User Guide.

Disclaimer

Do not include or gather personal identifiable information (PII) of end users or other identifiable individuals in or via your custom lenses. If your custom lens or those shared with you and used in your account do include or collect PII you are responsible for: ensuring that the included PII is processed in accordance with applicable law, providing adequate privacy notices, and obtaining necessary consents for processing such data.

", "GetAnswer": "

Get the answer to a specific question in a workload review.

", "GetConsolidatedReport": "

Get a consolidated report of your workloads.

You can optionally choose to include workloads that have been shared with you.

", @@ -21,6 +27,8 @@ "GetLensReviewReport": "

Get lens review report.

", "GetLensVersionDifference": "

Get lens version differences.

", "GetMilestone": "

Get a milestone for an existing workload.

", + "GetProfile": "

Get profile information.

", + "GetProfileTemplate": "

Get profile template.

", "GetWorkload": "

Get an existing workload.

", "ImportLens": "

Import a new custom lens or update an existing custom lens.

To update an existing custom lens, specify its ARN as the LensAlias. If no ARN is specified, a new custom lens is created.

The new or updated lens will have a status of DRAFT. The lens cannot be applied to workloads or shared with other Amazon Web Services accounts until it's published with CreateLensVersion.

Lenses are defined in JSON. For more information, see JSON format specification in the Well-Architected Tool User Guide.

A custom lens cannot exceed 500 KB in size.

Disclaimer

Do not include or gather personal identifiable information (PII) of end users or other identifiable individuals in or via your custom lenses. If your custom lens or those shared with you and used in your account do include or collect PII you are responsible for: ensuring that the included PII is processed in accordance with applicable law, providing adequate privacy notices, and obtaining necessary consents for processing such data.

", "ListAnswers": "

List of answers for a particular workload and lens.

", @@ -32,19 +40,24 @@ "ListLenses": "

List the available lenses.

", "ListMilestones": "

List all milestones for an existing workload.

", "ListNotifications": "

List lens notifications.

", + "ListProfileNotifications": "

List profile notifications.

", + "ListProfileShares": "

List profile shares.

", + "ListProfiles": "

List profiles.

", "ListShareInvitations": "

List the workload invitations.

", - "ListTagsForResource": "

List the tags for a resource.

The WorkloadArn parameter can be either a workload ARN or a custom lens ARN.

", + "ListTagsForResource": "

List the tags for a resource.

The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.

", "ListWorkloadShares": "

List the workload shares associated with the workload.

", "ListWorkloads": "

Paginated list of workloads.

", - "TagResource": "

Adds one or more tags to the specified resource.

The WorkloadArn parameter can be either a workload ARN or a custom lens ARN.

", - "UntagResource": "

Deletes specified tags from a resource.

The WorkloadArn parameter can be either a workload ARN or a custom lens ARN.

To specify multiple tags, use separate tagKeys parameters, for example:

DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2

", + "TagResource": "

Adds one or more tags to the specified resource.

The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.

", + "UntagResource": "

Deletes specified tags from a resource.

The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a profile ARN.

To specify multiple tags, use separate tagKeys parameters, for example:

DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2

", "UpdateAnswer": "

Update the answer to a specific question in a workload review.

", "UpdateGlobalSettings": "

Updates whether the Amazon Web Services account is opted into organization sharing and discovery integration features.

", "UpdateLensReview": "

Update lens review for a particular workload.

", + "UpdateProfile": "

Update a profile.

", "UpdateShareInvitation": "

Update a workload or custom lens share invitation.

This API operation can be called independently of any resource. Previous documentation implied that a workload ARN must be specified.

", "UpdateWorkload": "

Update an existing workload.

", "UpdateWorkloadShare": "

Update a workload share.

", - "UpgradeLensReview": "

Upgrade lens review for a particular workload.

" + "UpgradeLensReview": "

Upgrade lens review for a particular workload.

", + "UpgradeProfileVersion": "

Upgrade a profile.

" }, "shapes": { "AccessDeniedException": { @@ -114,11 +127,18 @@ "refs": { } }, + "AssociateProfilesInput": { + "base": null, + "refs": { + } + }, "AwsAccountId": { "base": "

An Amazon Web Services account ID.

", "refs": { "CheckDetail$AccountId": null, "LensSummary$Owner": null, + "Profile$Owner": null, + "ProfileSummary$Owner": null, "ShareInvitationSummary$SharedBy": null, "Workload$Owner": null, "WorkloadAccountIds$member": null, @@ -276,7 +296,9 @@ "ChoiceDescription": { "base": "

The description of a choice.

", "refs": { - "Choice$Description": null + "Choice$Description": null, + "ProfileChoice$ChoiceDescription": null, + "ProfileTemplateChoice$ChoiceDescription": null } }, "ChoiceId": { @@ -292,7 +314,11 @@ "ChoiceUpdates$key": null, "ListCheckDetailsInput$ChoiceId": null, "ListCheckSummariesInput$ChoiceId": null, - "SelectedChoices$member": null + "ProfileChoice$ChoiceId": null, + "ProfileTemplateChoice$ChoiceId": null, + "SelectedChoiceIds$member": null, + "SelectedChoices$member": null, + "SelectedProfileChoiceIds$member": null } }, "ChoiceImprovementPlan": { @@ -334,7 +360,9 @@ "base": "

The title of a choice.

", "refs": { "BestPractice$ChoiceTitle": null, - "Choice$Title": null + "Choice$Title": null, + "ProfileChoice$ChoiceTitle": null, + "ProfileTemplateChoice$ChoiceTitle": null } }, "ChoiceUpdate": { @@ -362,14 +390,19 @@ "CreateLensShareInput$ClientRequestToken": null, "CreateLensVersionInput$ClientRequestToken": null, "CreateMilestoneInput$ClientRequestToken": null, + "CreateProfileInput$ClientRequestToken": null, + "CreateProfileShareInput$ClientRequestToken": null, "CreateWorkloadInput$ClientRequestToken": null, "CreateWorkloadShareInput$ClientRequestToken": null, "DeleteLensInput$ClientRequestToken": null, "DeleteLensShareInput$ClientRequestToken": null, + "DeleteProfileInput$ClientRequestToken": null, + "DeleteProfileShareInput$ClientRequestToken": null, "DeleteWorkloadInput$ClientRequestToken": null, "DeleteWorkloadShareInput$ClientRequestToken": null, "ImportLensInput$ClientRequestToken": null, - "UpgradeLensReviewInput$ClientRequestToken": null + "UpgradeLensReviewInput$ClientRequestToken": null, + "UpgradeProfileVersionInput$ClientRequestToken": null } }, "ConflictException": { @@ -425,6 +458,26 @@ "refs": { } }, + "CreateProfileInput": { + "base": null, + "refs": { + } + }, + "CreateProfileOutput": { + "base": null, + "refs": { + } + }, + "CreateProfileShareInput": { + "base": null, + "refs": { + } + }, + "CreateProfileShareOutput": { + "base": null, + "refs": { + } + }, "CreateWorkloadInput": { "base": "

Input for workload creation.

", "refs": { @@ -461,6 +514,16 @@ "refs": { } }, + "DeleteProfileInput": { + "base": null, + "refs": { + } + }, + "DeleteProfileShareInput": { + "base": null, + "refs": { + } + }, "DeleteWorkloadInput": { "base": "

Input for workload deletion.

", "refs": { @@ -483,6 +546,11 @@ "refs": { } }, + "DisassociateProfilesInput": { + "base": null, + "refs": { + } + }, "DiscoveryIntegrationStatus": { "base": null, "refs": { @@ -617,6 +685,26 @@ "refs": { } }, + "GetProfileInput": { + "base": null, + "refs": { + } + }, + "GetProfileOutput": { + "base": null, + "refs": { + } + }, + "GetProfileTemplateInput": { + "base": null, + "refs": { + } + }, + "GetProfileTemplateOutput": { + "base": null, + "refs": { + } + }, "GetWorkloadInput": { "base": "

Input to get a workload.

", "refs": { @@ -1034,6 +1122,42 @@ "refs": { } }, + "ListProfileNotificationsInput": { + "base": null, + "refs": { + } + }, + "ListProfileNotificationsOutput": { + "base": null, + "refs": { + } + }, + "ListProfileSharesInput": { + "base": null, + "refs": { + } + }, + "ListProfileSharesMaxResults": { + "base": null, + "refs": { + "ListProfileSharesInput$MaxResults": "

The maximum number of results to return for this request.

" + } + }, + "ListProfileSharesOutput": { + "base": null, + "refs": { + } + }, + "ListProfilesInput": { + "base": null, + "refs": { + } + }, + "ListProfilesOutput": { + "base": null, + "refs": { + } + }, "ListShareInvitationsInput": { "base": "

Input for List Share Invitations

", "refs": { @@ -1100,7 +1224,16 @@ "ListCheckSummariesInput$MaxResults": null, "ListLensReviewsInput$MaxResults": null, "ListLensesInput$MaxResults": null, - "ListMilestonesInput$MaxResults": null + "ListMilestonesInput$MaxResults": null, + "ListProfileNotificationsInput$MaxResults": null, + "ListProfilesInput$MaxResults": null + } + }, + "MaxSelectedProfileChoices": { + "base": null, + "refs": { + "ProfileQuestion$MaxSelectedChoices": "

The maximum number of selected choices.

", + "ProfileTemplateQuestion$MaxSelectedChoices": "

The maximum number of choices selected.

" } }, "MetricType": { @@ -1121,7 +1254,8 @@ "CreateMilestoneInput$MilestoneName": null, "Milestone$MilestoneName": null, "MilestoneSummary$MilestoneName": null, - "UpgradeLensReviewInput$MilestoneName": null + "UpgradeLensReviewInput$MilestoneName": null, + "UpgradeProfileVersionInput$MilestoneName": null } }, "MilestoneNumber": { @@ -1157,6 +1291,13 @@ "MilestoneSummaries$member": null } }, + "MinSelectedProfileChoices": { + "base": null, + "refs": { + "ProfileQuestion$MinSelectedChoices": "

The minimum number of selected choices.

", + "ProfileTemplateQuestion$MinSelectedChoices": "

The minimum number of choices selected.

" + } + }, "NextToken": { "base": "

The token to use to retrieve the next set of results.

", "refs": { @@ -1181,6 +1322,12 @@ "ListMilestonesOutput$NextToken": null, "ListNotificationsInput$NextToken": null, "ListNotificationsOutput$NextToken": null, + "ListProfileNotificationsInput$NextToken": null, + "ListProfileNotificationsOutput$NextToken": null, + "ListProfileSharesInput$NextToken": null, + "ListProfileSharesOutput$NextToken": null, + "ListProfilesInput$NextToken": null, + "ListProfilesOutput$NextToken": null, "ListShareInvitationsInput$NextToken": null, "ListShareInvitationsOutput$NextToken": null, "ListWorkloadSharesInput$NextToken": null, @@ -1228,7 +1375,7 @@ } }, "PermissionType": { - "base": "

Permission granted on a workload share.

", + "base": "

Permission granted on a share request.

", "refs": { "CreateWorkloadShareInput$PermissionType": null, "ShareInvitationSummary$PermissionType": null, @@ -1305,10 +1452,196 @@ "PillarReviewSummaries$member": null } }, + "Profile": { + "base": "

A profile.

", + "refs": { + "GetProfileOutput$Profile": "

The profile.

", + "UpdateProfileOutput$Profile": "

The profile.

" + } + }, + "ProfileArn": { + "base": null, + "refs": { + "CreateProfileOutput$ProfileArn": "

The profile ARN.

", + "CreateProfileShareInput$ProfileArn": "

The profile ARN.

", + "CreateProfileShareOutput$ProfileArn": "

The profile ARN.

", + "DeleteProfileInput$ProfileArn": "

The profile ARN.

", + "DeleteProfileShareInput$ProfileArn": "

The profile ARN.

", + "GetProfileInput$ProfileArn": "

The profile ARN.

", + "ListProfileSharesInput$ProfileArn": "

The profile ARN.

", + "Profile$ProfileArn": "

The profile ARN.

", + "ProfileArns$member": null, + "ProfileNotificationSummary$ProfileArn": "

The profile ARN.

", + "ProfileSummary$ProfileArn": "

The profile ARN.

", + "ShareInvitation$ProfileArn": "

The profile ARN.

", + "ShareInvitationSummary$ProfileArn": "

The profile ARN.

", + "UpdateProfileInput$ProfileArn": "

The profile ARN.

", + "UpgradeProfileVersionInput$ProfileArn": "

The profile ARN.

", + "WorkloadProfile$ProfileArn": "

The profile ARN.

", + "WorkloadProfileArns$member": null + } + }, + "ProfileArns": { + "base": null, + "refs": { + "AssociateProfilesInput$ProfileArns": "

The list of profile ARNs to associate with the workload.

", + "DisassociateProfilesInput$ProfileArns": "

The list of profile ARNs to disassociate from the workload.

" + } + }, + "ProfileChoice": { + "base": "

The profile choice.

", + "refs": { + "ProfileQuestionChoices$member": null + } + }, + "ProfileDescription": { + "base": null, + "refs": { + "CreateProfileInput$ProfileDescription": "

The profile description.

", + "Profile$ProfileDescription": "

The profile description.

", + "ProfileSummary$ProfileDescription": "

The profile description.

", + "UpdateProfileInput$ProfileDescription": "

The profile description.

" + } + }, + "ProfileName": { + "base": null, + "refs": { + "CreateProfileInput$ProfileName": "

Name of the profile.

", + "Profile$ProfileName": "

The profile name.

", + "ProfileNotificationSummary$ProfileName": "

The profile name.

", + "ProfileSummary$ProfileName": "

The profile name.

", + "ProfileTemplate$TemplateName": "

The name of the profile template.

", + "ShareInvitationSummary$ProfileName": "

The profile name.

" + } + }, + "ProfileNamePrefix": { + "base": null, + "refs": { + "ListProfilesInput$ProfileNamePrefix": "

Prefix for profile name.

", + "ListShareInvitationsInput$ProfileNamePrefix": "

Profile name prefix.

" + } + }, + "ProfileNotificationSummaries": { + "base": null, + "refs": { + "ListProfileNotificationsOutput$NotificationSummaries": "

Notification summaries.

" + } + }, + "ProfileNotificationSummary": { + "base": "

The profile notification summary.

", + "refs": { + "ProfileNotificationSummaries$member": null + } + }, + "ProfileNotificationType": { + "base": null, + "refs": { + "ProfileNotificationSummary$Type": "

Type of notification.

" + } + }, + "ProfileOwnerType": { + "base": null, + "refs": { + "ListProfilesInput$ProfileOwnerType": "

Profile owner type.

" + } + }, + "ProfileQuestion": { + "base": "

A profile question.

", + "refs": { + "ProfileQuestions$member": null + } + }, + "ProfileQuestionChoices": { + "base": null, + "refs": { + "ProfileQuestion$QuestionChoices": "

The question choices.

" + } + }, + "ProfileQuestionUpdate": { + "base": "

An update to a profile question.

", + "refs": { + "ProfileQuestionUpdates$member": null + } + }, + "ProfileQuestionUpdates": { + "base": null, + "refs": { + "CreateProfileInput$ProfileQuestions": "

The profile questions.

", + "UpdateProfileInput$ProfileQuestions": "

Profile questions.

" + } + }, + "ProfileQuestions": { + "base": null, + "refs": { + "Profile$ProfileQuestions": "

Profile questions.

" + } + }, + "ProfileShareSummaries": { + "base": null, + "refs": { + "ListProfileSharesOutput$ProfileShareSummaries": "

Profile share summaries.

" + } + }, + "ProfileShareSummary": { + "base": "

Summary of a profile share.

", + "refs": { + "ProfileShareSummaries$member": null + } + }, + "ProfileSummaries": { + "base": null, + "refs": { + "ListProfilesOutput$ProfileSummaries": "

Profile summaries.

" + } + }, + "ProfileSummary": { + "base": "

Summary of a profile.

", + "refs": { + "ProfileSummaries$member": null + } + }, + "ProfileTemplate": { + "base": "

The profile template.

", + "refs": { + "GetProfileTemplateOutput$ProfileTemplate": "

The profile template.

" + } + }, + "ProfileTemplateChoice": { + "base": "

A profile template choice.

", + "refs": { + "ProfileTemplateQuestionChoices$member": null + } + }, + "ProfileTemplateQuestion": { + "base": "

A profile template question.

", + "refs": { + "TemplateQuestions$member": null + } + }, + "ProfileTemplateQuestionChoices": { + "base": null, + "refs": { + "ProfileTemplateQuestion$QuestionChoices": "

The question choices.

" + } + }, + "ProfileVersion": { + "base": null, + "refs": { + "CreateProfileOutput$ProfileVersion": "

Version of the profile.

", + "GetProfileInput$ProfileVersion": "

The profile version.

", + "Profile$ProfileVersion": "

The profile version.

", + "ProfileNotificationSummary$CurrentProfileVersion": "

The current profile version.

", + "ProfileNotificationSummary$LatestProfileVersion": "

The latest profile version.

", + "ProfileSummary$ProfileVersion": "

The profile version.

", + "WorkloadProfile$ProfileVersion": "

The profile version.

" + } + }, "QuestionDescription": { "base": "

The description of the question.

", "refs": { - "Answer$QuestionDescription": null + "Answer$QuestionDescription": null, + "ProfileQuestion$QuestionDescription": null, + "ProfileTemplateQuestion$QuestionDescription": null } }, "QuestionDifference": { @@ -1334,6 +1667,9 @@ "ImprovementSummary$QuestionId": null, "ListCheckDetailsInput$QuestionId": null, "ListCheckSummariesInput$QuestionId": null, + "ProfileQuestion$QuestionId": null, + "ProfileQuestionUpdate$QuestionId": null, + "ProfileTemplateQuestion$QuestionId": null, "QuestionDifference$QuestionId": null, "QuestionMetric$QuestionId": null, "UpdateAnswerInput$QuestionId": null @@ -1351,15 +1687,30 @@ "PillarMetric$Questions": "

The questions that have been identified as risks in the pillar.

" } }, + "QuestionPriority": { + "base": null, + "refs": { + "ListAnswersInput$QuestionPriority": "

The priority of the question.

", + "ListLensReviewImprovementsInput$QuestionPriority": "

The priority of the question.

" + } + }, "QuestionTitle": { "base": "

The title of the question.

", "refs": { "Answer$QuestionTitle": null, "AnswerSummary$QuestionTitle": null, "ImprovementSummary$QuestionTitle": null, + "ProfileQuestion$QuestionTitle": null, + "ProfileTemplateQuestion$QuestionTitle": null, "QuestionDifference$QuestionTitle": null } }, + "QuestionType": { + "base": null, + "refs": { + "AnswerSummary$QuestionType": "

The type of the question.

" + } + }, "QuotaCode": { "base": "

Service Quotas requirement to identify originating quota.

", "refs": { @@ -1394,11 +1745,22 @@ "ConsolidatedReportMetric$RiskCounts": null, "LensMetric$RiskCounts": null, "LensReview$RiskCounts": null, + "LensReview$PrioritizedRiskCounts": null, "LensReviewSummary$RiskCounts": null, + "LensReviewSummary$PrioritizedRiskCounts": null, "PillarMetric$RiskCounts": null, "PillarReviewSummary$RiskCounts": null, + "PillarReviewSummary$PrioritizedRiskCounts": null, "Workload$RiskCounts": null, - "WorkloadSummary$RiskCounts": null + "Workload$PrioritizedRiskCounts": null, + "WorkloadSummary$RiskCounts": null, + "WorkloadSummary$PrioritizedRiskCounts": null + } + }, + "SelectedChoiceIds": { + "base": null, + "refs": { + "ProfileQuestion$SelectedChoiceIds": "

The selected choices.

" } }, "SelectedChoices": { @@ -1409,6 +1771,12 @@ "UpdateAnswerInput$SelectedChoices": null } }, + "SelectedProfileChoiceIds": { + "base": null, + "refs": { + "ProfileQuestionUpdate$SelectedChoiceIds": "

The selected choices.

" + } + }, "ServiceCode": { "base": "

Service Quotas requirement to identify originating service.

", "refs": { @@ -1422,13 +1790,16 @@ } }, "ShareId": { - "base": "

The ID associated with the workload share.

", + "base": "

The ID associated with the share.

", "refs": { "CreateLensShareOutput$ShareId": null, + "CreateProfileShareOutput$ShareId": null, "CreateWorkloadShareOutput$ShareId": null, "DeleteLensShareInput$ShareId": null, + "DeleteProfileShareInput$ShareId": null, "DeleteWorkloadShareInput$ShareId": null, "LensShareSummary$ShareId": null, + "ProfileShareSummary$ShareId": null, "UpdateWorkloadShareInput$ShareId": null, "WorkloadShare$ShareId": null, "WorkloadShareSummary$ShareId": null @@ -1450,6 +1821,7 @@ "base": null, "refs": { "Lens$ShareInvitationId": "

The ID assigned to the share invitation.

", + "Profile$ShareInvitationId": "

The ID assigned to the share invitation.

", "ShareInvitation$ShareInvitationId": "

The ID assigned to the share invitation.

", "ShareInvitationSummary$ShareInvitationId": "

The ID assigned to the share invitation.

", "UpdateShareInvitationInput$ShareInvitationId": "

The ID assigned to the share invitation.

", @@ -1477,21 +1849,25 @@ } }, "ShareStatus": { - "base": "

The status of a workload share.

", + "base": "

The status of the share request.

", "refs": { "LensShareSummary$Status": null, "ListLensSharesInput$Status": null, + "ListProfileSharesInput$Status": null, "ListWorkloadSharesInput$Status": null, + "ProfileShareSummary$Status": null, "WorkloadShare$Status": null, "WorkloadShareSummary$Status": null } }, "SharedWith": { - "base": "

The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload is shared.

", + "base": "

The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload, lens, or profile is shared.

", "refs": { "CreateLensShareInput$SharedWith": null, + "CreateProfileShareInput$SharedWith": null, "CreateWorkloadShareInput$SharedWith": null, "LensShareSummary$SharedWith": null, + "ProfileShareSummary$SharedWith": null, "ShareInvitationSummary$SharedWith": null, "WorkloadShare$SharedWith": null, "WorkloadShareSummary$SharedWith": null @@ -1501,6 +1877,7 @@ "base": null, "refs": { "ListLensSharesInput$SharedWithPrefix": "

The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the lens is shared.

", + "ListProfileSharesInput$SharedWithPrefix": "

The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the profile is shared.

", "ListWorkloadSharesInput$SharedWithPrefix": "

The Amazon Web Services account ID, IAM role, organization ID, or organizational unit (OU) ID with which the workload is shared.

" } }, @@ -1508,6 +1885,7 @@ "base": null, "refs": { "LensShareSummary$StatusMessage": "

Optional message to compliment the Status field.

", + "ProfileShareSummary$StatusMessage": "

Profile share invitation status message.

", "WorkloadShareSummary$StatusMessage": "

Optional message to compliment the Status field.

" } }, @@ -1527,10 +1905,12 @@ "TagMap": { "base": null, "refs": { + "CreateProfileInput$Tags": "

The tags assigned to the profile.

", "CreateWorkloadInput$Tags": "

The tags to be associated with the workload.

", "ImportLensInput$Tags": "

Tags to associate to a lens.

", "Lens$Tags": "

The tags assigned to the lens.

", "ListTagsForResourceOutput$Tags": "

The tags for the resource.

", + "Profile$Tags": "

The tags assigned to the profile.

", "TagResourceInput$Tags": "

The tags for the resource.

", "Workload$Tags": "

The tags associated with the workload.

" } @@ -1551,6 +1931,12 @@ "TagMap$value": null } }, + "TemplateQuestions": { + "base": null, + "refs": { + "ProfileTemplate$TemplateQuestions": "

Profile template questions.

" + } + }, "ThrottlingException": { "base": "

Request was denied due to request throttling.

", "refs": { @@ -1568,6 +1954,12 @@ "LensSummary$UpdatedAt": null, "Milestone$RecordedAt": null, "MilestoneSummary$RecordedAt": null, + "Profile$CreatedAt": null, + "Profile$UpdatedAt": null, + "ProfileSummary$CreatedAt": null, + "ProfileSummary$UpdatedAt": null, + "ProfileTemplate$CreatedAt": null, + "ProfileTemplate$UpdatedAt": null, "Workload$UpdatedAt": null, "Workload$ReviewRestrictionDate": null, "WorkloadSummary$UpdatedAt": null @@ -1614,6 +2006,16 @@ "refs": { } }, + "UpdateProfileInput": { + "base": null, + "refs": { + } + }, + "UpdateProfileOutput": { + "base": null, + "refs": { + } + }, "UpdateShareInvitationInput": { "base": "

Input for Update Share Invitation

", "refs": { @@ -1649,6 +2051,11 @@ "refs": { } }, + "UpgradeProfileVersionInput": { + "base": null, + "refs": { + } + }, "Urls": { "base": null, "refs": { @@ -1770,6 +2177,7 @@ "base": "

The ID assigned to the workload. This ID is unique within an Amazon Web Services Region.

", "refs": { "AssociateLensesInput$WorkloadId": null, + "AssociateProfilesInput$WorkloadId": null, "ConsolidatedReportMetric$WorkloadId": null, "CreateMilestoneInput$WorkloadId": null, "CreateMilestoneOutput$WorkloadId": null, @@ -1779,6 +2187,7 @@ "DeleteWorkloadInput$WorkloadId": null, "DeleteWorkloadShareInput$WorkloadId": null, "DisassociateLensesInput$WorkloadId": null, + "DisassociateProfilesInput$WorkloadId": null, "GetAnswerInput$WorkloadId": null, "GetAnswerOutput$WorkloadId": null, "GetLensReviewInput$WorkloadId": null, @@ -1800,8 +2209,10 @@ "ListMilestonesInput$WorkloadId": null, "ListMilestonesOutput$WorkloadId": null, "ListNotificationsInput$WorkloadId": null, + "ListProfileNotificationsInput$WorkloadId": null, "ListWorkloadSharesInput$WorkloadId": null, "ListWorkloadSharesOutput$WorkloadId": null, + "ProfileNotificationSummary$WorkloadId": null, "ShareInvitation$WorkloadId": null, "ShareInvitationSummary$WorkloadId": null, "UpdateAnswerInput$WorkloadId": null, @@ -1812,6 +2223,7 @@ "UpdateWorkloadShareInput$WorkloadId": null, "UpdateWorkloadShareOutput$WorkloadId": null, "UpgradeLensReviewInput$WorkloadId": null, + "UpgradeProfileVersionInput$WorkloadId": null, "Workload$WorkloadId": null, "WorkloadShare$WorkloadId": null, "WorkloadSummary$WorkloadId": null @@ -1855,6 +2267,7 @@ "ConsolidatedReportMetric$WorkloadName": null, "CreateWorkloadInput$WorkloadName": null, "LensUpgradeSummary$WorkloadName": null, + "ProfileNotificationSummary$WorkloadName": null, "ShareInvitationSummary$WorkloadName": null, "UpdateWorkloadInput$WorkloadName": null, "Workload$WorkloadName": null, @@ -1891,6 +2304,27 @@ "Workload$PillarPriorities": null } }, + "WorkloadProfile": { + "base": "

The profile associated with a workload.

", + "refs": { + "WorkloadProfiles$member": null + } + }, + "WorkloadProfileArns": { + "base": null, + "refs": { + "CreateWorkloadInput$ProfileArns": "

The list of profile ARNs associated with the workload.

" + } + }, + "WorkloadProfiles": { + "base": null, + "refs": { + "LensReview$Profiles": "

The profiles associated with the workload.

", + "LensReviewSummary$Profiles": "

The profiles associated with the workload.

", + "Workload$Profiles": "

Profile associated with a workload.

", + "WorkloadSummary$Profiles": "

Profile associated with a workload.

" + } + }, "WorkloadResourceDefinition": { "base": null, "refs": { diff --git a/models/apis/wellarchitected/2020-03-31/paginators-1.json b/models/apis/wellarchitected/2020-03-31/paginators-1.json index e2d9e2d6828..fd24c74bd14 100644 --- a/models/apis/wellarchitected/2020-03-31/paginators-1.json +++ b/models/apis/wellarchitected/2020-03-31/paginators-1.json @@ -50,6 +50,21 @@ "output_token": "NextToken", "limit_key": "MaxResults" }, + "ListProfileNotifications": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults" + }, + "ListProfileShares": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults" + }, + "ListProfiles": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults" + }, "ListShareInvitations": { "input_token": "NextToken", "output_token": "NextToken", diff --git a/service/cloudtrail/api.go b/service/cloudtrail/api.go index 50d3a82982a..d3bb5d37ce0 100644 --- a/service/cloudtrail/api.go +++ b/service/cloudtrail/api.go @@ -1440,8 +1440,12 @@ func (c *CloudTrail) DescribeQueryRequest(input *DescribeQueryInput) (req *reque // DescribeQuery API operation for AWS CloudTrail. // // Returns metadata about a query, including query run time in milliseconds, -// number of events scanned and matched, and query status. You must specify -// an ARN for EventDataStore, and a value for QueryID. +// number of events scanned and matched, and query status. If the query results +// were delivered to an S3 bucket, the response also provides the S3 URI and +// the delivery status. +// +// You must specify either a QueryID or a QueryAlias. Specifying the QueryAlias +// parameter returns information about the last query run for the alias. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2189,7 +2193,7 @@ func (c *CloudTrail) GetQueryResultsRequest(input *GetQueryResultsInput) (req *r // GetQueryResults API operation for AWS CloudTrail. // // Gets event data results of a query. You must specify the QueryID value returned -// by the StartQuery operation, and an ARN for EventDataStore. +// by the StartQuery operation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5434,10 +5438,15 @@ func (c *CloudTrail) StartQueryRequest(input *StartQueryInput) (req *request.Req // StartQuery API operation for AWS CloudTrail. // -// Starts a CloudTrail Lake query. The required QueryStatement parameter provides +// Starts a CloudTrail Lake query. Use the QueryStatement parameter to provide // your SQL query, enclosed in single quotation marks. Use the optional DeliveryS3Uri // parameter to deliver the query results to an S3 bucket. // +// StartQuery requires you specify either the QueryStatement parameter, or a +// QueryAlias and any QueryParameters. In the current release, the QueryAlias +// and QueryParameters parameters are used only for the queries that populate +// the CloudTrail Lake dashboards. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6033,7 +6042,7 @@ func (c *CloudTrail) UpdateEventDataStoreRequest(input *UpdateEventDataStoreInpu // // For event data stores for CloudTrail events, AdvancedEventSelectors includes // or excludes management and data events in your event data store. For more -// information about AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors. +// information about AdvancedEventSelectors, see AdvancedEventSelectors (https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html). // // For event data stores for Config configuration items, Audit Manager evidence, // or non-Amazon Web Services events, AdvancedEventSelectors includes events @@ -6048,6 +6057,9 @@ func (c *CloudTrail) UpdateEventDataStoreRequest(input *UpdateEventDataStoreInpu // // Returned Error Types: // +// - EventDataStoreAlreadyExistsException +// An event data store with that name already exists. +// // - EventDataStoreARNInvalidException // The specified event data store ARN is not valid or does not map to an event // data store in your account. @@ -7054,9 +7066,10 @@ type AdvancedFieldSelector struct { // * resources.type - This field is required for CloudTrail data events. // resources.type can only use the Equals operator, and the value can be // one of the following: AWS::DynamoDB::Table AWS::Lambda::Function AWS::S3::Object - // AWS::CloudTrail::Channel AWS::Cognito::IdentityPool AWS::DynamoDB::Stream - // AWS::EC2::Snapshot AWS::FinSpace::Environment AWS::Glue::Table AWS::GuardDuty::Detector - // AWS::KendraRanking::ExecutionPlan AWS::ManagedBlockchain::Node AWS::SageMaker::ExperimentTrialComponent + // AWS::CloudTrail::Channel AWS::CodeWhisperer::Profile AWS::Cognito::IdentityPool + // AWS::DynamoDB::Stream AWS::EC2::Snapshot AWS::EMRWAL::Workspace AWS::FinSpace::Environment + // AWS::Glue::Table AWS::GuardDuty::Detector AWS::KendraRanking::ExecutionPlan + // AWS::ManagedBlockchain::Node AWS::SageMaker::ExperimentTrialComponent // AWS::SageMaker::FeatureGroup AWS::S3::AccessPoint AWS::S3ObjectLambda::AccessPoint // AWS::S3Outposts::Object You can have only one resources.type field per // selector. To log data events on more than one resource type, add another @@ -7079,6 +7092,9 @@ type AdvancedFieldSelector struct { // When resources.type equals AWS::CloudTrail::Channel, and the operator // is set to Equals or NotEquals, the ARN must be in the following format: // arn::cloudtrail:::channel/ + // When resources.type equals AWS::CodeWhisperer::Profile, and the operator + // is set to Equals or NotEquals, the ARN must be in the following format: + // arn::codewhisperer:::profile/ // When resources.type equals AWS::Cognito::IdentityPool, and the operator // is set to Equals or NotEquals, the ARN must be in the following format: // arn::cognito-identity:::identitypool/ @@ -7086,6 +7102,8 @@ type AdvancedFieldSelector struct { // set to Equals or NotEquals, the ARN must be in the following format: arn::dynamodb:::table//stream/ // When resources.type equals AWS::EC2::Snapshot, and the operator is set // to Equals or NotEquals, the ARN must be in the following format: arn::ec2:::snapshot/ + // When resources.type equals AWS::EMRWAL::Workspace, and the operator is + // set to Equals or NotEquals, the ARN must be in the following format: arn::emrwal:::workspace/ // When resources.type equals AWS::FinSpace::Environment, and the operator // is set to Equals or NotEquals, the ARN must be in the following format: // arn::finspace:::environment/ @@ -8928,16 +8946,20 @@ type DataResource struct { // The following resource types are also available through advanced event selectors. // Basic event selector resource types are valid in advanced event selectors, // but advanced event selector resource types are not valid in basic event selectors. - // For more information, see AdvancedFieldSelector$Field. + // For more information, see AdvancedFieldSelector (https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html). // // * AWS::CloudTrail::Channel // + // * AWS::CodeWhisperer::Profile + // // * AWS::Cognito::IdentityPool // // * AWS::DynamoDB::Stream // // * AWS::EC2::Snapshot // + // * AWS::EMRWAL::Workspace + // // * AWS::FinSpace::Environment // // * AWS::Glue::Table @@ -9459,10 +9481,11 @@ type DescribeQueryInput struct { // Deprecated: EventDataStore is no longer required by DescribeQueryRequest EventDataStore *string `min:"3" deprecated:"true" type:"string"` + // The alias that identifies a query template. + QueryAlias *string `min:"1" type:"string"` + // The query ID. - // - // QueryId is a required field - QueryId *string `min:"36" type:"string" required:"true"` + QueryId *string `min:"36" type:"string"` } // String returns the string representation. @@ -9489,8 +9512,8 @@ func (s *DescribeQueryInput) Validate() error { if s.EventDataStore != nil && len(*s.EventDataStore) < 3 { invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3)) } - if s.QueryId == nil { - invalidParams.Add(request.NewErrParamRequired("QueryId")) + if s.QueryAlias != nil && len(*s.QueryAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryAlias", 1)) } if s.QueryId != nil && len(*s.QueryId) < 36 { invalidParams.Add(request.NewErrParamMinLen("QueryId", 36)) @@ -9508,6 +9531,12 @@ func (s *DescribeQueryInput) SetEventDataStore(v string) *DescribeQueryInput { return s } +// SetQueryAlias sets the QueryAlias field's value. +func (s *DescribeQueryInput) SetQueryAlias(v string) *DescribeQueryInput { + s.QueryAlias = &v + return s +} + // SetQueryId sets the QueryId field's value. func (s *DescribeQueryInput) SetQueryId(v string) *DescribeQueryInput { s.QueryId = &v @@ -18159,10 +18188,14 @@ type StartQueryInput struct { // The URI for the S3 bucket where CloudTrail delivers the query results. DeliveryS3Uri *string `type:"string"` + // The alias that identifies a query template. + QueryAlias *string `min:"1" type:"string"` + + // The query parameters for the specified QueryAlias. + QueryParameters []*string `min:"1" type:"list"` + // The SQL code of your query. - // - // QueryStatement is a required field - QueryStatement *string `min:"1" type:"string" required:"true"` + QueryStatement *string `min:"1" type:"string"` } // String returns the string representation. @@ -18186,8 +18219,11 @@ func (s StartQueryInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *StartQueryInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "StartQueryInput"} - if s.QueryStatement == nil { - invalidParams.Add(request.NewErrParamRequired("QueryStatement")) + if s.QueryAlias != nil && len(*s.QueryAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryAlias", 1)) + } + if s.QueryParameters != nil && len(s.QueryParameters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryParameters", 1)) } if s.QueryStatement != nil && len(*s.QueryStatement) < 1 { invalidParams.Add(request.NewErrParamMinLen("QueryStatement", 1)) @@ -18205,6 +18241,18 @@ func (s *StartQueryInput) SetDeliveryS3Uri(v string) *StartQueryInput { return s } +// SetQueryAlias sets the QueryAlias field's value. +func (s *StartQueryInput) SetQueryAlias(v string) *StartQueryInput { + s.QueryAlias = &v + return s +} + +// SetQueryParameters sets the QueryParameters field's value. +func (s *StartQueryInput) SetQueryParameters(v []*string) *StartQueryInput { + s.QueryParameters = v + return s +} + // SetQueryStatement sets the QueryStatement field's value. func (s *StartQueryInput) SetQueryStatement(v string) *StartQueryInput { s.QueryStatement = &v @@ -19851,7 +19899,7 @@ type UpdateTrailOutput struct { // arn:aws:sns:us-east-2:123456789012:MyTopic SnsTopicARN *string `type:"string"` - // This field is no longer in use. Use UpdateTrailResponse$SnsTopicARN. + // This field is no longer in use. Use SnsTopicARN. // // Deprecated: SnsTopicName has been deprecated SnsTopicName *string `deprecated:"true" type:"string"` diff --git a/service/cloudtrail/doc.go b/service/cloudtrail/doc.go index e5f2690ef0b..18f38341d6c 100644 --- a/service/cloudtrail/doc.go +++ b/service/cloudtrail/doc.go @@ -24,116 +24,6 @@ // for information about the data that is included with each Amazon Web Services // API call listed in the log files. // -// # Actions available for CloudTrail trails -// -// The following actions are available for CloudTrail trails. -// -// - AddTags -// -// - CreateTrail -// -// - DeleteTrail -// -// - DescribeTrails -// -// - GetEventSelectors -// -// - GetInsightSelectors -// -// - GetTrail -// -// - GetTrailStatus -// -// - ListTags -// -// - ListTrails -// -// - PutEventSelectors -// -// - PutInsightSelectors -// -// - RemoveTags -// -// - StartLogging -// -// - StopLogging -// -// - UpdateTrail -// -// # Actions available for CloudTrail event data stores -// -// The following actions are available for CloudTrail event data stores. -// -// - AddTags -// -// - CancelQuery -// -// - CreateEventDataStore -// -// - DeleteEventDataStore -// -// - DescribeQuery -// -// - GetEventDataStore -// -// - GetQueryResults -// -// - ListEventDataStores -// -// - ListTags -// -// - ListQueries -// -// - RemoveTags -// -// - RestoreEventDataStore -// -// - StartEventDataStoreIngestion -// -// - StartImport The following additional actions are available for imports. -// GetImport ListImportFailures ListImports StopImport -// -// - StartQuery -// -// - StartEventDataStoreIngestion -// -// - UpdateEventDataStore -// -// # Actions available for CloudTrail channels -// -// The following actions are available for CloudTrail channels. -// -// - AddTags -// -// - CreateChannel -// -// - DeleteChannel -// -// - DeleteResourcePolicy -// -// - GetChannel -// -// - GetResourcePolicy -// -// - ListChannels -// -// - ListTags -// -// - PutResourcePolicy -// -// - RemoveTags -// -// - UpdateChannel -// -// # Actions available for managing delegated administrators -// -// The following actions are available for adding or a removing a delegated -// administrator to manage an Organizations organization’s CloudTrail resources. -// -// - DeregisterOrganizationDelegatedAdmin -// -// - RegisterOrganizationDelegatedAdmin -// // See https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01 for more information on this service. // // See cloudtrail package documentation for more information. diff --git a/service/codegurusecurity/api.go b/service/codegurusecurity/api.go new file mode 100644 index 00000000000..62f2219aff4 --- /dev/null +++ b/service/codegurusecurity/api.go @@ -0,0 +1,4598 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package codegurusecurity + +import ( + "fmt" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +const opBatchGetFindings = "BatchGetFindings" + +// BatchGetFindingsRequest generates a "aws/request.Request" representing the +// client's request for the BatchGetFindings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See BatchGetFindings for more information on using the BatchGetFindings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the BatchGetFindingsRequest method. +// req, resp := client.BatchGetFindingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/BatchGetFindings +func (c *CodeGuruSecurity) BatchGetFindingsRequest(input *BatchGetFindingsInput) (req *request.Request, output *BatchGetFindingsOutput) { + op := &request.Operation{ + Name: opBatchGetFindings, + HTTPMethod: "POST", + HTTPPath: "/batchGetFindings", + } + + if input == nil { + input = &BatchGetFindingsInput{} + } + + output = &BatchGetFindingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// BatchGetFindings API operation for Amazon CodeGuru Security. +// +// Returns a list of all requested findings. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation BatchGetFindings for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/BatchGetFindings +func (c *CodeGuruSecurity) BatchGetFindings(input *BatchGetFindingsInput) (*BatchGetFindingsOutput, error) { + req, out := c.BatchGetFindingsRequest(input) + return out, req.Send() +} + +// BatchGetFindingsWithContext is the same as BatchGetFindings with the addition of +// the ability to pass a context and additional request options. +// +// See BatchGetFindings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) BatchGetFindingsWithContext(ctx aws.Context, input *BatchGetFindingsInput, opts ...request.Option) (*BatchGetFindingsOutput, error) { + req, out := c.BatchGetFindingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateScan = "CreateScan" + +// CreateScanRequest generates a "aws/request.Request" representing the +// client's request for the CreateScan operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateScan for more information on using the CreateScan +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateScanRequest method. +// req, resp := client.CreateScanRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/CreateScan +func (c *CodeGuruSecurity) CreateScanRequest(input *CreateScanInput) (req *request.Request, output *CreateScanOutput) { + op := &request.Operation{ + Name: opCreateScan, + HTTPMethod: "POST", + HTTPPath: "/scans", + } + + if input == nil { + input = &CreateScanInput{} + } + + output = &CreateScanOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateScan API operation for Amazon CodeGuru Security. +// +// Use to create a scan using code uploaded to an S3 bucket. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation CreateScan for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ConflictException +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/CreateScan +func (c *CodeGuruSecurity) CreateScan(input *CreateScanInput) (*CreateScanOutput, error) { + req, out := c.CreateScanRequest(input) + return out, req.Send() +} + +// CreateScanWithContext is the same as CreateScan with the addition of +// the ability to pass a context and additional request options. +// +// See CreateScan for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) CreateScanWithContext(ctx aws.Context, input *CreateScanInput, opts ...request.Option) (*CreateScanOutput, error) { + req, out := c.CreateScanRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateUploadUrl = "CreateUploadUrl" + +// CreateUploadUrlRequest generates a "aws/request.Request" representing the +// client's request for the CreateUploadUrl operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateUploadUrl for more information on using the CreateUploadUrl +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateUploadUrlRequest method. +// req, resp := client.CreateUploadUrlRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/CreateUploadUrl +func (c *CodeGuruSecurity) CreateUploadUrlRequest(input *CreateUploadUrlInput) (req *request.Request, output *CreateUploadUrlOutput) { + op := &request.Operation{ + Name: opCreateUploadUrl, + HTTPMethod: "POST", + HTTPPath: "/uploadUrl", + } + + if input == nil { + input = &CreateUploadUrlInput{} + } + + output = &CreateUploadUrlOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateUploadUrl API operation for Amazon CodeGuru Security. +// +// Generates a pre-signed URL and request headers used to upload a code resource. +// +// You can upload your code resource to the URL and add the request headers +// using any HTTP client. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation CreateUploadUrl for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/CreateUploadUrl +func (c *CodeGuruSecurity) CreateUploadUrl(input *CreateUploadUrlInput) (*CreateUploadUrlOutput, error) { + req, out := c.CreateUploadUrlRequest(input) + return out, req.Send() +} + +// CreateUploadUrlWithContext is the same as CreateUploadUrl with the addition of +// the ability to pass a context and additional request options. +// +// See CreateUploadUrl for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) CreateUploadUrlWithContext(ctx aws.Context, input *CreateUploadUrlInput, opts ...request.Option) (*CreateUploadUrlOutput, error) { + req, out := c.CreateUploadUrlRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetAccountConfiguration = "GetAccountConfiguration" + +// GetAccountConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the GetAccountConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetAccountConfiguration for more information on using the GetAccountConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetAccountConfigurationRequest method. +// req, resp := client.GetAccountConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetAccountConfiguration +func (c *CodeGuruSecurity) GetAccountConfigurationRequest(input *GetAccountConfigurationInput) (req *request.Request, output *GetAccountConfigurationOutput) { + op := &request.Operation{ + Name: opGetAccountConfiguration, + HTTPMethod: "GET", + HTTPPath: "/accountConfiguration/get", + } + + if input == nil { + input = &GetAccountConfigurationInput{} + } + + output = &GetAccountConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetAccountConfiguration API operation for Amazon CodeGuru Security. +// +// Use to get account level configuration. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation GetAccountConfiguration for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetAccountConfiguration +func (c *CodeGuruSecurity) GetAccountConfiguration(input *GetAccountConfigurationInput) (*GetAccountConfigurationOutput, error) { + req, out := c.GetAccountConfigurationRequest(input) + return out, req.Send() +} + +// GetAccountConfigurationWithContext is the same as GetAccountConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See GetAccountConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) GetAccountConfigurationWithContext(ctx aws.Context, input *GetAccountConfigurationInput, opts ...request.Option) (*GetAccountConfigurationOutput, error) { + req, out := c.GetAccountConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetFindings = "GetFindings" + +// GetFindingsRequest generates a "aws/request.Request" representing the +// client's request for the GetFindings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetFindings for more information on using the GetFindings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetFindingsRequest method. +// req, resp := client.GetFindingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetFindings +func (c *CodeGuruSecurity) GetFindingsRequest(input *GetFindingsInput) (req *request.Request, output *GetFindingsOutput) { + op := &request.Operation{ + Name: opGetFindings, + HTTPMethod: "GET", + HTTPPath: "/findings/{scanName}", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetFindingsInput{} + } + + output = &GetFindingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetFindings API operation for Amazon CodeGuru Security. +// +// Returns a list of all findings generated by a particular scan. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation GetFindings for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ConflictException +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetFindings +func (c *CodeGuruSecurity) GetFindings(input *GetFindingsInput) (*GetFindingsOutput, error) { + req, out := c.GetFindingsRequest(input) + return out, req.Send() +} + +// GetFindingsWithContext is the same as GetFindings with the addition of +// the ability to pass a context and additional request options. +// +// See GetFindings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) GetFindingsWithContext(ctx aws.Context, input *GetFindingsInput, opts ...request.Option) (*GetFindingsOutput, error) { + req, out := c.GetFindingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetFindingsPages iterates over the pages of a GetFindings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetFindings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetFindings operation. +// pageNum := 0 +// err := client.GetFindingsPages(params, +// func(page *codegurusecurity.GetFindingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CodeGuruSecurity) GetFindingsPages(input *GetFindingsInput, fn func(*GetFindingsOutput, bool) bool) error { + return c.GetFindingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetFindingsPagesWithContext same as GetFindingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) GetFindingsPagesWithContext(ctx aws.Context, input *GetFindingsInput, fn func(*GetFindingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetFindingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetFindingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetFindingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetMetricsSummary = "GetMetricsSummary" + +// GetMetricsSummaryRequest generates a "aws/request.Request" representing the +// client's request for the GetMetricsSummary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetMetricsSummary for more information on using the GetMetricsSummary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetMetricsSummaryRequest method. +// req, resp := client.GetMetricsSummaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetMetricsSummary +func (c *CodeGuruSecurity) GetMetricsSummaryRequest(input *GetMetricsSummaryInput) (req *request.Request, output *GetMetricsSummaryOutput) { + op := &request.Operation{ + Name: opGetMetricsSummary, + HTTPMethod: "GET", + HTTPPath: "/metrics/summary", + } + + if input == nil { + input = &GetMetricsSummaryInput{} + } + + output = &GetMetricsSummaryOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetMetricsSummary API operation for Amazon CodeGuru Security. +// +// Returns top level metrics about an account from a specified date, including +// number of open findings, the categories with most findings, the scans with +// most open findings, and scans with most open critical findings. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation GetMetricsSummary for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetMetricsSummary +func (c *CodeGuruSecurity) GetMetricsSummary(input *GetMetricsSummaryInput) (*GetMetricsSummaryOutput, error) { + req, out := c.GetMetricsSummaryRequest(input) + return out, req.Send() +} + +// GetMetricsSummaryWithContext is the same as GetMetricsSummary with the addition of +// the ability to pass a context and additional request options. +// +// See GetMetricsSummary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) GetMetricsSummaryWithContext(ctx aws.Context, input *GetMetricsSummaryInput, opts ...request.Option) (*GetMetricsSummaryOutput, error) { + req, out := c.GetMetricsSummaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetScan = "GetScan" + +// GetScanRequest generates a "aws/request.Request" representing the +// client's request for the GetScan operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetScan for more information on using the GetScan +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetScanRequest method. +// req, resp := client.GetScanRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetScan +func (c *CodeGuruSecurity) GetScanRequest(input *GetScanInput) (req *request.Request, output *GetScanOutput) { + op := &request.Operation{ + Name: opGetScan, + HTTPMethod: "GET", + HTTPPath: "/scans/{scanName}", + } + + if input == nil { + input = &GetScanInput{} + } + + output = &GetScanOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetScan API operation for Amazon CodeGuru Security. +// +// Returns details about a scan, including whether or not a scan has completed. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation GetScan for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/GetScan +func (c *CodeGuruSecurity) GetScan(input *GetScanInput) (*GetScanOutput, error) { + req, out := c.GetScanRequest(input) + return out, req.Send() +} + +// GetScanWithContext is the same as GetScan with the addition of +// the ability to pass a context and additional request options. +// +// See GetScan for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) GetScanWithContext(ctx aws.Context, input *GetScanInput, opts ...request.Option) (*GetScanOutput, error) { + req, out := c.GetScanRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opListFindingsMetrics = "ListFindingsMetrics" + +// ListFindingsMetricsRequest generates a "aws/request.Request" representing the +// client's request for the ListFindingsMetrics operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListFindingsMetrics for more information on using the ListFindingsMetrics +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListFindingsMetricsRequest method. +// req, resp := client.ListFindingsMetricsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListFindingsMetrics +func (c *CodeGuruSecurity) ListFindingsMetricsRequest(input *ListFindingsMetricsInput) (req *request.Request, output *ListFindingsMetricsOutput) { + op := &request.Operation{ + Name: opListFindingsMetrics, + HTTPMethod: "GET", + HTTPPath: "/metrics/findings", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListFindingsMetricsInput{} + } + + output = &ListFindingsMetricsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListFindingsMetrics API operation for Amazon CodeGuru Security. +// +// Returns metrics about all findings in an account within a specified time +// range. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation ListFindingsMetrics for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListFindingsMetrics +func (c *CodeGuruSecurity) ListFindingsMetrics(input *ListFindingsMetricsInput) (*ListFindingsMetricsOutput, error) { + req, out := c.ListFindingsMetricsRequest(input) + return out, req.Send() +} + +// ListFindingsMetricsWithContext is the same as ListFindingsMetrics with the addition of +// the ability to pass a context and additional request options. +// +// See ListFindingsMetrics for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) ListFindingsMetricsWithContext(ctx aws.Context, input *ListFindingsMetricsInput, opts ...request.Option) (*ListFindingsMetricsOutput, error) { + req, out := c.ListFindingsMetricsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListFindingsMetricsPages iterates over the pages of a ListFindingsMetrics operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListFindingsMetrics method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListFindingsMetrics operation. +// pageNum := 0 +// err := client.ListFindingsMetricsPages(params, +// func(page *codegurusecurity.ListFindingsMetricsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CodeGuruSecurity) ListFindingsMetricsPages(input *ListFindingsMetricsInput, fn func(*ListFindingsMetricsOutput, bool) bool) error { + return c.ListFindingsMetricsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListFindingsMetricsPagesWithContext same as ListFindingsMetricsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) ListFindingsMetricsPagesWithContext(ctx aws.Context, input *ListFindingsMetricsInput, fn func(*ListFindingsMetricsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListFindingsMetricsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListFindingsMetricsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListFindingsMetricsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListScans = "ListScans" + +// ListScansRequest generates a "aws/request.Request" representing the +// client's request for the ListScans operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListScans for more information on using the ListScans +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListScansRequest method. +// req, resp := client.ListScansRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListScans +func (c *CodeGuruSecurity) ListScansRequest(input *ListScansInput) (req *request.Request, output *ListScansOutput) { + op := &request.Operation{ + Name: opListScans, + HTTPMethod: "GET", + HTTPPath: "/scans", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListScansInput{} + } + + output = &ListScansOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListScans API operation for Amazon CodeGuru Security. +// +// Returns a list of all the scans in an account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation ListScans for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListScans +func (c *CodeGuruSecurity) ListScans(input *ListScansInput) (*ListScansOutput, error) { + req, out := c.ListScansRequest(input) + return out, req.Send() +} + +// ListScansWithContext is the same as ListScans with the addition of +// the ability to pass a context and additional request options. +// +// See ListScans for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) ListScansWithContext(ctx aws.Context, input *ListScansInput, opts ...request.Option) (*ListScansOutput, error) { + req, out := c.ListScansRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListScansPages iterates over the pages of a ListScans operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListScans method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListScans operation. +// pageNum := 0 +// err := client.ListScansPages(params, +// func(page *codegurusecurity.ListScansOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CodeGuruSecurity) ListScansPages(input *ListScansInput, fn func(*ListScansOutput, bool) bool) error { + return c.ListScansPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListScansPagesWithContext same as ListScansPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) ListScansPagesWithContext(ctx aws.Context, input *ListScansInput, fn func(*ListScansOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListScansInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListScansRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListScansOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListTagsForResource = "ListTagsForResource" + +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListTagsForResource for more information on using the ListTagsForResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListTagsForResource +func (c *CodeGuruSecurity) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { + op := &request.Operation{ + Name: opListTagsForResource, + HTTPMethod: "GET", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &ListTagsForResourceInput{} + } + + output = &ListTagsForResourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTagsForResource API operation for Amazon CodeGuru Security. +// +// Returns a list of all tags associated with a scan. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation ListTagsForResource for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ConflictException +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/ListTagsForResource +func (c *CodeGuruSecurity) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + return out, req.Send() +} + +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// the ability to pass a context and additional request options. +// +// See ListTagsForResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagResource for more information on using the TagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/TagResource +func (c *CodeGuruSecurity) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { + op := &request.Operation{ + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &TagResourceInput{} + } + + output = &TagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagResource API operation for Amazon CodeGuru Security. +// +// Use to add one or more tags to an existing scan. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation TagResource for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ConflictException +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/TagResource +func (c *CodeGuruSecurity) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + return out, req.Send() +} + +// TagResourceWithContext is the same as TagResource with the addition of +// the ability to pass a context and additional request options. +// +// See TagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagResource = "UntagResource" + +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/UntagResource +func (c *CodeGuruSecurity) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "DELETE", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &UntagResourceInput{} + } + + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagResource API operation for Amazon CodeGuru Security. +// +// Use to remove one or more tags from an existing scan. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation UntagResource for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ConflictException +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/UntagResource +func (c *CodeGuruSecurity) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() +} + +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateAccountConfiguration = "UpdateAccountConfiguration" + +// UpdateAccountConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateAccountConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateAccountConfiguration for more information on using the UpdateAccountConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateAccountConfigurationRequest method. +// req, resp := client.UpdateAccountConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/UpdateAccountConfiguration +func (c *CodeGuruSecurity) UpdateAccountConfigurationRequest(input *UpdateAccountConfigurationInput) (req *request.Request, output *UpdateAccountConfigurationOutput) { + op := &request.Operation{ + Name: opUpdateAccountConfiguration, + HTTPMethod: "PUT", + HTTPPath: "/updateAccountConfiguration", + } + + if input == nil { + input = &UpdateAccountConfigurationInput{} + } + + output = &UpdateAccountConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateAccountConfiguration API operation for Amazon CodeGuru Security. +// +// Use to update account-level configuration with an encryption key. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CodeGuru Security's +// API operation UpdateAccountConfiguration for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The server encountered an internal error and is unable to complete the request. +// +// - ResourceNotFoundException +// The resource specified in the request was not found. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the specified constraints. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10/UpdateAccountConfiguration +func (c *CodeGuruSecurity) UpdateAccountConfiguration(input *UpdateAccountConfigurationInput) (*UpdateAccountConfigurationOutput, error) { + req, out := c.UpdateAccountConfigurationRequest(input) + return out, req.Send() +} + +// UpdateAccountConfigurationWithContext is the same as UpdateAccountConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateAccountConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeGuruSecurity) UpdateAccountConfigurationWithContext(ctx aws.Context, input *UpdateAccountConfigurationInput, opts ...request.Option) (*UpdateAccountConfigurationOutput, error) { + req, out := c.UpdateAccountConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The identifier for the error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The identifier for the resource you don't have access to. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The type of resource you don't have access to. + ResourceType *string `locationName:"resourceType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A summary of findings metrics in an account. +type AccountFindingsMetric struct { + _ struct{} `type:"structure"` + + // The number of closed findings of each severity in an account on the specified + // date. + ClosedFindings *FindingMetricsValuePerSeverity `locationName:"closedFindings" type:"structure"` + + // The date from which the finding metrics were retrieved. + Date *time.Time `locationName:"date" type:"timestamp"` + + // The average time it takes to close findings of each severity in days. + MeanTimeToClose *FindingMetricsValuePerSeverity `locationName:"meanTimeToClose" type:"structure"` + + // The number of new findings of each severity in account on the specified date. + NewFindings *FindingMetricsValuePerSeverity `locationName:"newFindings" type:"structure"` + + // The number of open findings of each severity in an account as of the specified + // date. + OpenFindings *FindingMetricsValuePerSeverity `locationName:"openFindings" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountFindingsMetric) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountFindingsMetric) GoString() string { + return s.String() +} + +// SetClosedFindings sets the ClosedFindings field's value. +func (s *AccountFindingsMetric) SetClosedFindings(v *FindingMetricsValuePerSeverity) *AccountFindingsMetric { + s.ClosedFindings = v + return s +} + +// SetDate sets the Date field's value. +func (s *AccountFindingsMetric) SetDate(v time.Time) *AccountFindingsMetric { + s.Date = &v + return s +} + +// SetMeanTimeToClose sets the MeanTimeToClose field's value. +func (s *AccountFindingsMetric) SetMeanTimeToClose(v *FindingMetricsValuePerSeverity) *AccountFindingsMetric { + s.MeanTimeToClose = v + return s +} + +// SetNewFindings sets the NewFindings field's value. +func (s *AccountFindingsMetric) SetNewFindings(v *FindingMetricsValuePerSeverity) *AccountFindingsMetric { + s.NewFindings = v + return s +} + +// SetOpenFindings sets the OpenFindings field's value. +func (s *AccountFindingsMetric) SetOpenFindings(v *FindingMetricsValuePerSeverity) *AccountFindingsMetric { + s.OpenFindings = v + return s +} + +// Contains information about the error that caused a finding to fail to be +// retrieved. +type BatchGetFindingsError struct { + _ struct{} `type:"structure"` + + // A code associated with the type of error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true" enum:"ErrorCode"` + + // The finding ID of the finding that was not fetched. + // + // FindingId is a required field + FindingId *string `locationName:"findingId" type:"string" required:"true"` + + // Describes the error. + // + // Message is a required field + Message *string `locationName:"message" type:"string" required:"true"` + + // The name of the scan that generated the finding. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsError) GoString() string { + return s.String() +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *BatchGetFindingsError) SetErrorCode(v string) *BatchGetFindingsError { + s.ErrorCode = &v + return s +} + +// SetFindingId sets the FindingId field's value. +func (s *BatchGetFindingsError) SetFindingId(v string) *BatchGetFindingsError { + s.FindingId = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *BatchGetFindingsError) SetMessage(v string) *BatchGetFindingsError { + s.Message = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *BatchGetFindingsError) SetScanName(v string) *BatchGetFindingsError { + s.ScanName = &v + return s +} + +type BatchGetFindingsInput struct { + _ struct{} `type:"structure"` + + // A list of finding identifiers. Each identifier consists of a scanName and + // a findingId. You retrieve the findingId when you call GetFindings. + // + // FindingIdentifiers is a required field + FindingIdentifiers []*FindingIdentifier `locationName:"findingIdentifiers" min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchGetFindingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchGetFindingsInput"} + if s.FindingIdentifiers == nil { + invalidParams.Add(request.NewErrParamRequired("FindingIdentifiers")) + } + if s.FindingIdentifiers != nil && len(s.FindingIdentifiers) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FindingIdentifiers", 1)) + } + if s.FindingIdentifiers != nil { + for i, v := range s.FindingIdentifiers { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "FindingIdentifiers", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFindingIdentifiers sets the FindingIdentifiers field's value. +func (s *BatchGetFindingsInput) SetFindingIdentifiers(v []*FindingIdentifier) *BatchGetFindingsInput { + s.FindingIdentifiers = v + return s +} + +type BatchGetFindingsOutput struct { + _ struct{} `type:"structure"` + + // A list of errors for individual findings which were not fetched. Each BatchGetFindingsError + // contains the scanName, findingId, errorCode and error message. + // + // FailedFindings is a required field + FailedFindings []*BatchGetFindingsError `locationName:"failedFindings" type:"list" required:"true"` + + // A list of all requested findings. + // + // Findings is a required field + Findings []*Finding `locationName:"findings" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetFindingsOutput) GoString() string { + return s.String() +} + +// SetFailedFindings sets the FailedFindings field's value. +func (s *BatchGetFindingsOutput) SetFailedFindings(v []*BatchGetFindingsError) *BatchGetFindingsOutput { + s.FailedFindings = v + return s +} + +// SetFindings sets the Findings field's value. +func (s *BatchGetFindingsOutput) SetFindings(v []*Finding) *BatchGetFindingsOutput { + s.Findings = v + return s +} + +// Information about a finding category with open findings. +type CategoryWithFindingNum struct { + _ struct{} `type:"structure"` + + // The name of the finding category. A finding category is determined by the + // detector that detected the finding. + CategoryName *string `locationName:"categoryName" type:"string"` + + // The number of open findings in the category. + FindingNumber *int64 `locationName:"findingNumber" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CategoryWithFindingNum) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CategoryWithFindingNum) GoString() string { + return s.String() +} + +// SetCategoryName sets the CategoryName field's value. +func (s *CategoryWithFindingNum) SetCategoryName(v string) *CategoryWithFindingNum { + s.CategoryName = &v + return s +} + +// SetFindingNumber sets the FindingNumber field's value. +func (s *CategoryWithFindingNum) SetFindingNumber(v int64) *CategoryWithFindingNum { + s.FindingNumber = &v + return s +} + +// The line of code where a finding was detected. +type CodeLine struct { + _ struct{} `type:"structure"` + + // The code that contains a vulnerability. + Content *string `locationName:"content" type:"string"` + + // The code line number. + Number *int64 `locationName:"number" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CodeLine) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CodeLine) GoString() string { + return s.String() +} + +// SetContent sets the Content field's value. +func (s *CodeLine) SetContent(v string) *CodeLine { + s.Content = &v + return s +} + +// SetNumber sets the Number field's value. +func (s *CodeLine) SetNumber(v int64) *CodeLine { + s.Number = &v + return s +} + +// The requested operation would cause a conflict with the current state of +// a service resource associated with the request. Resolve the conflict before +// retrying this request. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The identifier for the error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The identifier for the service resource associated with the request. + // + // ResourceId is a required field + ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + + // The type of resource associated with the request. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateScanInput struct { + _ struct{} `type:"structure"` + + // The type of analysis you want CodeGuru Security to perform in the scan, either + // Security or All. The Secuirty type only generates findings related to security. + // The All type generates both security findings and quality findings. Defaults + // to Security type if missing. + AnalysisType *string `locationName:"analysisType" type:"string" enum:"AnalysisType"` + + // The idempotency token for the request. Amazon CodeGuru Security uses this + // value to prevent the accidental creation of duplicate scans if there are + // failures and retries. + ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + + // The identifier for an input resource used to create a scan. + // + // ResourceId is a required field + ResourceId *ResourceId `locationName:"resourceId" type:"structure" required:"true"` + + // The unique name that CodeGuru Security uses to track revisions across multiple + // scans of the same resource. Only allowed for a STANDARD scan type. If not + // specified, it will be auto generated. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` + + // The type of scan, either Standard or Express. Defaults to Standard type if + // missing. + // + // Express scans run on limited resources and use a limited set of detectors + // to analyze your code in near-real time. Standard scans have standard resource + // limits and use the full set of detectors to analyze your code. + ScanType *string `locationName:"scanType" type:"string" enum:"ScanType"` + + // An array of key-value pairs used to tag a scan. A tag is a custom attribute + // label with two parts: + // + // * A tag key. For example, CostCenter, Environment, or Secret. Tag keys + // are case sensitive. + // + // * An optional tag value field. For example, 111122223333, Production, + // or a team name. Omitting the tag value is the same as using an empty string. + // Tag values are case sensitive. + Tags map[string]*string `locationName:"tags" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateScanInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateScanInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateScanInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateScanInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) + } + if s.ResourceId == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceId")) + } + if s.ScanName == nil { + invalidParams.Add(request.NewErrParamRequired("ScanName")) + } + if s.ScanName != nil && len(*s.ScanName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ScanName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAnalysisType sets the AnalysisType field's value. +func (s *CreateScanInput) SetAnalysisType(v string) *CreateScanInput { + s.AnalysisType = &v + return s +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateScanInput) SetClientToken(v string) *CreateScanInput { + s.ClientToken = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *CreateScanInput) SetResourceId(v *ResourceId) *CreateScanInput { + s.ResourceId = v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *CreateScanInput) SetScanName(v string) *CreateScanInput { + s.ScanName = &v + return s +} + +// SetScanType sets the ScanType field's value. +func (s *CreateScanInput) SetScanType(v string) *CreateScanInput { + s.ScanType = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateScanInput) SetTags(v map[string]*string) *CreateScanInput { + s.Tags = v + return s +} + +type CreateScanOutput struct { + _ struct{} `type:"structure"` + + // The identifier for the resource object that contains resources that were + // scanned. + // + // ResourceId is a required field + ResourceId *ResourceId `locationName:"resourceId" type:"structure" required:"true"` + + // UUID that identifies the individual scan run. + // + // RunId is a required field + RunId *string `locationName:"runId" type:"string" required:"true"` + + // The name of the scan. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` + + // The ARN for the scan name. + ScanNameArn *string `locationName:"scanNameArn" min:"1" type:"string"` + + // The current state of the scan. Returns either InProgress, Successful, or + // Failed. + // + // ScanState is a required field + ScanState *string `locationName:"scanState" type:"string" required:"true" enum:"ScanState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateScanOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateScanOutput) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *CreateScanOutput) SetResourceId(v *ResourceId) *CreateScanOutput { + s.ResourceId = v + return s +} + +// SetRunId sets the RunId field's value. +func (s *CreateScanOutput) SetRunId(v string) *CreateScanOutput { + s.RunId = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *CreateScanOutput) SetScanName(v string) *CreateScanOutput { + s.ScanName = &v + return s +} + +// SetScanNameArn sets the ScanNameArn field's value. +func (s *CreateScanOutput) SetScanNameArn(v string) *CreateScanOutput { + s.ScanNameArn = &v + return s +} + +// SetScanState sets the ScanState field's value. +func (s *CreateScanOutput) SetScanState(v string) *CreateScanOutput { + s.ScanState = &v + return s +} + +type CreateUploadUrlInput struct { + _ struct{} `type:"structure"` + + // The name of the scan that will use the uploaded resource. CodeGuru Security + // uses the unique scan name to track revisions across multiple scans of the + // same resource. Use this scanName when you call CreateScan on the code resource + // you upload to this URL. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateUploadUrlInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateUploadUrlInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateUploadUrlInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateUploadUrlInput"} + if s.ScanName == nil { + invalidParams.Add(request.NewErrParamRequired("ScanName")) + } + if s.ScanName != nil && len(*s.ScanName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ScanName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetScanName sets the ScanName field's value. +func (s *CreateUploadUrlInput) SetScanName(v string) *CreateUploadUrlInput { + s.ScanName = &v + return s +} + +type CreateUploadUrlOutput struct { + _ struct{} `type:"structure"` + + // The identifier for the uploaded code resource. + // + // CodeArtifactId is a required field + CodeArtifactId *string `locationName:"codeArtifactId" type:"string" required:"true"` + + // A set of key-value pairs that contain the required headers when uploading + // your resource. + // + // RequestHeaders is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateUploadUrlOutput's + // String and GoString methods. + // + // RequestHeaders is a required field + RequestHeaders map[string]*string `locationName:"requestHeaders" type:"map" required:"true" sensitive:"true"` + + // A pre-signed S3 URL. You can upload the code file you want to scan and add + // the required requestHeaders using any HTTP client. + // + // S3Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateUploadUrlOutput's + // String and GoString methods. + // + // S3Url is a required field + S3Url *string `locationName:"s3Url" min:"1" type:"string" required:"true" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateUploadUrlOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateUploadUrlOutput) GoString() string { + return s.String() +} + +// SetCodeArtifactId sets the CodeArtifactId field's value. +func (s *CreateUploadUrlOutput) SetCodeArtifactId(v string) *CreateUploadUrlOutput { + s.CodeArtifactId = &v + return s +} + +// SetRequestHeaders sets the RequestHeaders field's value. +func (s *CreateUploadUrlOutput) SetRequestHeaders(v map[string]*string) *CreateUploadUrlOutput { + s.RequestHeaders = v + return s +} + +// SetS3Url sets the S3Url field's value. +func (s *CreateUploadUrlOutput) SetS3Url(v string) *CreateUploadUrlOutput { + s.S3Url = &v + return s +} + +// Information about account-level configuration. +type EncryptionConfig struct { + _ struct{} `type:"structure"` + + // The KMS key ARN to use for encryption. This must be provided as a header + // when uploading your code resource. + KmsKeyArn *string `locationName:"kmsKeyArn" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EncryptionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EncryptionConfig) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EncryptionConfig) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EncryptionConfig"} + if s.KmsKeyArn != nil && len(*s.KmsKeyArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KmsKeyArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKmsKeyArn sets the KmsKeyArn field's value. +func (s *EncryptionConfig) SetKmsKeyArn(v string) *EncryptionConfig { + s.KmsKeyArn = &v + return s +} + +// Information about the location of security vulnerabilities that Amazon CodeGuru +// Security detected in your code. +type FilePath struct { + _ struct{} `type:"structure"` + + // A list of CodeLine objects that describe where the security vulnerability + // appears in your code. + CodeSnippet []*CodeLine `locationName:"codeSnippet" type:"list"` + + // The last line number of the code snippet where the security vulnerability + // appears in your code. + EndLine *int64 `locationName:"endLine" type:"integer"` + + // The name of the file. + Name *string `locationName:"name" type:"string"` + + // The path to the resource with the security vulnerability. + Path *string `locationName:"path" type:"string"` + + // The first line number of the code snippet where the security vulnerability + // appears in your code. + StartLine *int64 `locationName:"startLine" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilePath) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilePath) GoString() string { + return s.String() +} + +// SetCodeSnippet sets the CodeSnippet field's value. +func (s *FilePath) SetCodeSnippet(v []*CodeLine) *FilePath { + s.CodeSnippet = v + return s +} + +// SetEndLine sets the EndLine field's value. +func (s *FilePath) SetEndLine(v int64) *FilePath { + s.EndLine = &v + return s +} + +// SetName sets the Name field's value. +func (s *FilePath) SetName(v string) *FilePath { + s.Name = &v + return s +} + +// SetPath sets the Path field's value. +func (s *FilePath) SetPath(v string) *FilePath { + s.Path = &v + return s +} + +// SetStartLine sets the StartLine field's value. +func (s *FilePath) SetStartLine(v int64) *FilePath { + s.StartLine = &v + return s +} + +// Information about a finding that was detected in your code. +type Finding struct { + _ struct{} `type:"structure"` + + // The time when the finding was created. + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + + // A description of the finding. + Description *string `locationName:"description" type:"string"` + + // The identifier for the detector that detected the finding in your code. A + // detector is a defined rule based on industry standards and AWS best practices. + DetectorId *string `locationName:"detectorId" type:"string"` + + // The name of the detector that identified the security vulnerability in your + // code. + DetectorName *string `locationName:"detectorName" type:"string"` + + // One or more tags or categorizations that are associated with a detector. + // These tags are defined by type, programming language, or other classification + // such as maintainability or consistency. + DetectorTags []*string `locationName:"detectorTags" type:"list"` + + // The identifier for the component that generated a finding such as AWSCodeGuruSecurity + // or AWSInspector. + GeneratorId *string `locationName:"generatorId" type:"string"` + + // The identifier for a finding. + Id *string `locationName:"id" type:"string"` + + // An object that contains the details about how to remediate a finding. + Remediation *Remediation `locationName:"remediation" type:"structure"` + + // The resource where Amazon CodeGuru Security detected a finding. + Resource *Resource `locationName:"resource" type:"structure"` + + // The identifier for the rule that generated the finding. + RuleId *string `locationName:"ruleId" type:"string"` + + // The severity of the finding. + Severity *string `locationName:"severity" type:"string" enum:"Severity"` + + // The status of the finding. A finding status can be open or closed. + Status *string `locationName:"status" type:"string" enum:"Status"` + + // The title of the finding. + Title *string `locationName:"title" type:"string"` + + // The type of finding. + Type *string `locationName:"type" type:"string"` + + // The time when the finding was last updated. Findings are updated when you + // remediate them or when the finding code location changes. + UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp"` + + // An object that describes the detected security vulnerability. + Vulnerability *Vulnerability `locationName:"vulnerability" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Finding) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Finding) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Finding) SetCreatedAt(v time.Time) *Finding { + s.CreatedAt = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Finding) SetDescription(v string) *Finding { + s.Description = &v + return s +} + +// SetDetectorId sets the DetectorId field's value. +func (s *Finding) SetDetectorId(v string) *Finding { + s.DetectorId = &v + return s +} + +// SetDetectorName sets the DetectorName field's value. +func (s *Finding) SetDetectorName(v string) *Finding { + s.DetectorName = &v + return s +} + +// SetDetectorTags sets the DetectorTags field's value. +func (s *Finding) SetDetectorTags(v []*string) *Finding { + s.DetectorTags = v + return s +} + +// SetGeneratorId sets the GeneratorId field's value. +func (s *Finding) SetGeneratorId(v string) *Finding { + s.GeneratorId = &v + return s +} + +// SetId sets the Id field's value. +func (s *Finding) SetId(v string) *Finding { + s.Id = &v + return s +} + +// SetRemediation sets the Remediation field's value. +func (s *Finding) SetRemediation(v *Remediation) *Finding { + s.Remediation = v + return s +} + +// SetResource sets the Resource field's value. +func (s *Finding) SetResource(v *Resource) *Finding { + s.Resource = v + return s +} + +// SetRuleId sets the RuleId field's value. +func (s *Finding) SetRuleId(v string) *Finding { + s.RuleId = &v + return s +} + +// SetSeverity sets the Severity field's value. +func (s *Finding) SetSeverity(v string) *Finding { + s.Severity = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *Finding) SetStatus(v string) *Finding { + s.Status = &v + return s +} + +// SetTitle sets the Title field's value. +func (s *Finding) SetTitle(v string) *Finding { + s.Title = &v + return s +} + +// SetType sets the Type field's value. +func (s *Finding) SetType(v string) *Finding { + s.Type = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *Finding) SetUpdatedAt(v time.Time) *Finding { + s.UpdatedAt = &v + return s +} + +// SetVulnerability sets the Vulnerability field's value. +func (s *Finding) SetVulnerability(v *Vulnerability) *Finding { + s.Vulnerability = v + return s +} + +// An object that contains information about a finding and the scan that generated +// it. +type FindingIdentifier struct { + _ struct{} `type:"structure"` + + // The identifier for a finding. + // + // FindingId is a required field + FindingId *string `locationName:"findingId" type:"string" required:"true"` + + // The name of the scan that generated the finding. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FindingIdentifier) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FindingIdentifier) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *FindingIdentifier) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "FindingIdentifier"} + if s.FindingId == nil { + invalidParams.Add(request.NewErrParamRequired("FindingId")) + } + if s.ScanName == nil { + invalidParams.Add(request.NewErrParamRequired("ScanName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFindingId sets the FindingId field's value. +func (s *FindingIdentifier) SetFindingId(v string) *FindingIdentifier { + s.FindingId = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *FindingIdentifier) SetScanName(v string) *FindingIdentifier { + s.ScanName = &v + return s +} + +// The severity of the issue in the code that generated a finding. +type FindingMetricsValuePerSeverity struct { + _ struct{} `type:"structure"` + + // The severity of the finding is critical and should be addressed immediately. + Critical *float64 `locationName:"critical" type:"double"` + + // The severity of the finding is high and should be addressed as a near-term + // priority. + High *float64 `locationName:"high" type:"double"` + + // The finding is related to quality or readability improvements and not considered + // actionable. + Info *float64 `locationName:"info" type:"double"` + + // The severity of the finding is low and does require action on its own. + Low *float64 `locationName:"low" type:"double"` + + // The severity of the finding is medium and should be addressed as a mid-term + // priority. + Medium *float64 `locationName:"medium" type:"double"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FindingMetricsValuePerSeverity) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FindingMetricsValuePerSeverity) GoString() string { + return s.String() +} + +// SetCritical sets the Critical field's value. +func (s *FindingMetricsValuePerSeverity) SetCritical(v float64) *FindingMetricsValuePerSeverity { + s.Critical = &v + return s +} + +// SetHigh sets the High field's value. +func (s *FindingMetricsValuePerSeverity) SetHigh(v float64) *FindingMetricsValuePerSeverity { + s.High = &v + return s +} + +// SetInfo sets the Info field's value. +func (s *FindingMetricsValuePerSeverity) SetInfo(v float64) *FindingMetricsValuePerSeverity { + s.Info = &v + return s +} + +// SetLow sets the Low field's value. +func (s *FindingMetricsValuePerSeverity) SetLow(v float64) *FindingMetricsValuePerSeverity { + s.Low = &v + return s +} + +// SetMedium sets the Medium field's value. +func (s *FindingMetricsValuePerSeverity) SetMedium(v float64) *FindingMetricsValuePerSeverity { + s.Medium = &v + return s +} + +type GetAccountConfigurationInput struct { + _ struct{} `type:"structure" nopayload:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAccountConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAccountConfigurationInput) GoString() string { + return s.String() +} + +type GetAccountConfigurationOutput struct { + _ struct{} `type:"structure"` + + // An EncryptionConfig object that contains the KMS key ARN to use for encryption. + // By default, CodeGuru Security uses an AWS-managed key for encryption. To + // specify your own key, call UpdateAccountConfiguration. + // + // EncryptionConfig is a required field + EncryptionConfig *EncryptionConfig `locationName:"encryptionConfig" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAccountConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAccountConfigurationOutput) GoString() string { + return s.String() +} + +// SetEncryptionConfig sets the EncryptionConfig field's value. +func (s *GetAccountConfigurationOutput) SetEncryptionConfig(v *EncryptionConfig) *GetAccountConfigurationOutput { + s.EncryptionConfig = v + return s +} + +type GetFindingsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of results to return in the response. Use this parameter + // when paginating results. If additional results exist beyond the number you + // specify, the nextToken element is returned in the response. Use nextToken + // in a subsequent request to retrieve additional results. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // A token to use for paginating results that are returned in the response. + // Set the value of this parameter to null for the first request. For subsequent + // calls, use the nextToken value returned from the previous request to continue + // listing results after the first page. + NextToken *string `location:"querystring" locationName:"nextToken" min:"1" type:"string"` + + // The name of the scan you want to retrieve findings from. + // + // ScanName is a required field + ScanName *string `location:"uri" locationName:"scanName" min:"1" type:"string" required:"true"` + + // The status of the findings you want to get. Pass either Open, Closed, or + // All. + Status *string `location:"querystring" locationName:"status" type:"string" enum:"Status"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetFindingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetFindingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetFindingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetFindingsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.ScanName == nil { + invalidParams.Add(request.NewErrParamRequired("ScanName")) + } + if s.ScanName != nil && len(*s.ScanName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ScanName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetFindingsInput) SetMaxResults(v int64) *GetFindingsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetFindingsInput) SetNextToken(v string) *GetFindingsInput { + s.NextToken = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *GetFindingsInput) SetScanName(v string) *GetFindingsInput { + s.ScanName = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *GetFindingsInput) SetStatus(v string) *GetFindingsInput { + s.Status = &v + return s +} + +type GetFindingsOutput struct { + _ struct{} `type:"structure"` + + // A list of findings generated by the specified scan. + Findings []*Finding `locationName:"findings" type:"list"` + + // A pagination token. You can use this in future calls to GetFindings to continue + // listing results after the current page. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetFindingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetFindingsOutput) GoString() string { + return s.String() +} + +// SetFindings sets the Findings field's value. +func (s *GetFindingsOutput) SetFindings(v []*Finding) *GetFindingsOutput { + s.Findings = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetFindingsOutput) SetNextToken(v string) *GetFindingsOutput { + s.NextToken = &v + return s +} + +type GetMetricsSummaryInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The date you want to retrieve summary metrics from, rounded to the nearest + // day. The date must be within the past two years since metrics data is only + // stored for two years. If a date outside of this range is passed, the response + // will be empty. + // + // Date is a required field + Date *time.Time `location:"querystring" locationName:"date" type:"timestamp" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMetricsSummaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMetricsSummaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetMetricsSummaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetMetricsSummaryInput"} + if s.Date == nil { + invalidParams.Add(request.NewErrParamRequired("Date")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDate sets the Date field's value. +func (s *GetMetricsSummaryInput) SetDate(v time.Time) *GetMetricsSummaryInput { + s.Date = &v + return s +} + +type GetMetricsSummaryOutput struct { + _ struct{} `type:"structure"` + + // The summary metrics from the specified date. + MetricsSummary *MetricsSummary `locationName:"metricsSummary" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMetricsSummaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMetricsSummaryOutput) GoString() string { + return s.String() +} + +// SetMetricsSummary sets the MetricsSummary field's value. +func (s *GetMetricsSummaryOutput) SetMetricsSummary(v *MetricsSummary) *GetMetricsSummaryOutput { + s.MetricsSummary = v + return s +} + +type GetScanInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // UUID that identifies the individual scan run you want to view details about. + // You retrieve this when you call the CreateScan operation. Defaults to the + // latest scan run if missing. + RunId *string `location:"querystring" locationName:"runId" type:"string"` + + // The name of the scan you want to view details about. + // + // ScanName is a required field + ScanName *string `location:"uri" locationName:"scanName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetScanInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetScanInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetScanInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetScanInput"} + if s.ScanName == nil { + invalidParams.Add(request.NewErrParamRequired("ScanName")) + } + if s.ScanName != nil && len(*s.ScanName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ScanName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetRunId sets the RunId field's value. +func (s *GetScanInput) SetRunId(v string) *GetScanInput { + s.RunId = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *GetScanInput) SetScanName(v string) *GetScanInput { + s.ScanName = &v + return s +} + +type GetScanOutput struct { + _ struct{} `type:"structure"` + + // The type of analysis CodeGuru Security performed in the scan, either Security + // or All. The Security type only generates findings related to security. The + // All type generates both security findings and quality findings. + // + // AnalysisType is a required field + AnalysisType *string `locationName:"analysisType" type:"string" required:"true" enum:"AnalysisType"` + + // The time the scan was created. + // + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // The number of times a scan has been re-run on a revised resource. + NumberOfRevisions *int64 `locationName:"numberOfRevisions" type:"long"` + + // UUID that identifies the individual scan run. + // + // RunId is a required field + RunId *string `locationName:"runId" type:"string" required:"true"` + + // The name of the scan. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` + + // The ARN for the scan name. + ScanNameArn *string `locationName:"scanNameArn" min:"1" type:"string"` + + // The current state of the scan. Pass either InProgress, Successful, or Failed. + // + // ScanState is a required field + ScanState *string `locationName:"scanState" type:"string" required:"true" enum:"ScanState"` + + // The time when the scan was last updated. Only available for STANDARD scan + // types. + UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetScanOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetScanOutput) GoString() string { + return s.String() +} + +// SetAnalysisType sets the AnalysisType field's value. +func (s *GetScanOutput) SetAnalysisType(v string) *GetScanOutput { + s.AnalysisType = &v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *GetScanOutput) SetCreatedAt(v time.Time) *GetScanOutput { + s.CreatedAt = &v + return s +} + +// SetNumberOfRevisions sets the NumberOfRevisions field's value. +func (s *GetScanOutput) SetNumberOfRevisions(v int64) *GetScanOutput { + s.NumberOfRevisions = &v + return s +} + +// SetRunId sets the RunId field's value. +func (s *GetScanOutput) SetRunId(v string) *GetScanOutput { + s.RunId = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *GetScanOutput) SetScanName(v string) *GetScanOutput { + s.ScanName = &v + return s +} + +// SetScanNameArn sets the ScanNameArn field's value. +func (s *GetScanOutput) SetScanNameArn(v string) *GetScanOutput { + s.ScanNameArn = &v + return s +} + +// SetScanState sets the ScanState field's value. +func (s *GetScanOutput) SetScanState(v string) *GetScanOutput { + s.ScanState = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *GetScanOutput) SetUpdatedAt(v time.Time) *GetScanOutput { + s.UpdatedAt = &v + return s +} + +// The server encountered an internal error and is unable to complete the request. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The internal error encountered by the server. + Error_ *string `locationName:"error" type:"string"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +type ListFindingsMetricsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The end date of the interval which you want to retrieve metrics from. + // + // EndDate is a required field + EndDate *time.Time `location:"querystring" locationName:"endDate" type:"timestamp" required:"true"` + + // The maximum number of results to return in the response. Use this parameter + // when paginating results. If additional results exist beyond the number you + // specify, the nextToken element is returned in the response. Use nextToken + // in a subsequent request to retrieve additional results. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // A token to use for paginating results that are returned in the response. + // Set the value of this parameter to null for the first request. For subsequent + // calls, use the nextToken value returned from the previous request to continue + // listing results after the first page. + NextToken *string `location:"querystring" locationName:"nextToken" min:"1" type:"string"` + + // The start date of the interval which you want to retrieve metrics from. + // + // StartDate is a required field + StartDate *time.Time `location:"querystring" locationName:"startDate" type:"timestamp" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListFindingsMetricsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListFindingsMetricsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListFindingsMetricsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListFindingsMetricsInput"} + if s.EndDate == nil { + invalidParams.Add(request.NewErrParamRequired("EndDate")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.StartDate == nil { + invalidParams.Add(request.NewErrParamRequired("StartDate")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEndDate sets the EndDate field's value. +func (s *ListFindingsMetricsInput) SetEndDate(v time.Time) *ListFindingsMetricsInput { + s.EndDate = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListFindingsMetricsInput) SetMaxResults(v int64) *ListFindingsMetricsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListFindingsMetricsInput) SetNextToken(v string) *ListFindingsMetricsInput { + s.NextToken = &v + return s +} + +// SetStartDate sets the StartDate field's value. +func (s *ListFindingsMetricsInput) SetStartDate(v time.Time) *ListFindingsMetricsInput { + s.StartDate = &v + return s +} + +type ListFindingsMetricsOutput struct { + _ struct{} `type:"structure"` + + // A list of AccountFindingsMetric objects retrieved from the specified time + // interval. + FindingsMetrics []*AccountFindingsMetric `locationName:"findingsMetrics" type:"list"` + + // A pagination token. You can use this in future calls to ListFindingMetrics + // to continue listing results after the current page. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListFindingsMetricsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListFindingsMetricsOutput) GoString() string { + return s.String() +} + +// SetFindingsMetrics sets the FindingsMetrics field's value. +func (s *ListFindingsMetricsOutput) SetFindingsMetrics(v []*AccountFindingsMetric) *ListFindingsMetricsOutput { + s.FindingsMetrics = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListFindingsMetricsOutput) SetNextToken(v string) *ListFindingsMetricsOutput { + s.NextToken = &v + return s +} + +type ListScansInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of results to return in the response. Use this parameter + // when paginating results. If additional results exist beyond the number you + // specify, the nextToken element is returned in the response. Use nextToken + // in a subsequent request to retrieve additional results. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // A token to use for paginating results that are returned in the response. + // Set the value of this parameter to null for the first request. For subsequent + // calls, use the nextToken value returned from the previous request to continue + // listing results after the first page. + NextToken *string `location:"querystring" locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListScansInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListScansInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListScansInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListScansInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListScansInput) SetMaxResults(v int64) *ListScansInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListScansInput) SetNextToken(v string) *ListScansInput { + s.NextToken = &v + return s +} + +type ListScansOutput struct { + _ struct{} `type:"structure"` + + // A pagination token. You can use this in future calls to ListScans to continue + // listing results after the current page. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // A list of ScanSummary objects with information about all scans in an account. + Summaries []*ScanSummary `locationName:"summaries" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListScansOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListScansOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListScansOutput) SetNextToken(v string) *ListScansOutput { + s.NextToken = &v + return s +} + +// SetSummaries sets the Summaries field's value. +func (s *ListScansOutput) SetSummaries(v []*ScanSummary) *ListScansOutput { + s.Summaries = v + return s +} + +type ListTagsForResourceInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The ARN of the ScanName object. You can retrieve this ARN by calling ListScans + // or GetScan. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTagsForResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { + s.ResourceArn = &v + return s +} + +type ListTagsForResourceOutput struct { + _ struct{} `type:"structure"` + + // An array of key-value pairs used to tag an existing scan. A tag is a custom + // attribute label with two parts: + // + // * A tag key. For example, CostCenter, Environment, or Secret. Tag keys + // are case sensitive. + // + // * An optional tag value field. For example, 111122223333, Production, + // or a team name. Omitting the tag value is the same as using an empty string. + // Tag values are case sensitive. + Tags map[string]*string `locationName:"tags" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceOutput) GoString() string { + return s.String() +} + +// SetTags sets the Tags field's value. +func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { + s.Tags = v + return s +} + +// Information about summary metrics in an account. +type MetricsSummary struct { + _ struct{} `type:"structure"` + + // A list of CategoryWithFindingNum objects for the top 5 finding categories + // with the most open findings in an account. + CategoriesWithMostFindings []*CategoryWithFindingNum `locationName:"categoriesWithMostFindings" type:"list"` + + // The date from which the metrics summary information was retrieved. + Date *time.Time `locationName:"date" type:"timestamp"` + + // The number of open findings of each severity in an account. + OpenFindings *FindingMetricsValuePerSeverity `locationName:"openFindings" type:"structure"` + + // A list of ScanNameWithFindingNum objects for the top 3 scans with the most + // number of open findings in an account. + ScansWithMostOpenCriticalFindings []*ScanNameWithFindingNum `locationName:"scansWithMostOpenCriticalFindings" type:"list"` + + // A list of ScanNameWithFindingNum objects for the top 3 scans with the most + // number of open critical findings in an account. + ScansWithMostOpenFindings []*ScanNameWithFindingNum `locationName:"scansWithMostOpenFindings" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricsSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricsSummary) GoString() string { + return s.String() +} + +// SetCategoriesWithMostFindings sets the CategoriesWithMostFindings field's value. +func (s *MetricsSummary) SetCategoriesWithMostFindings(v []*CategoryWithFindingNum) *MetricsSummary { + s.CategoriesWithMostFindings = v + return s +} + +// SetDate sets the Date field's value. +func (s *MetricsSummary) SetDate(v time.Time) *MetricsSummary { + s.Date = &v + return s +} + +// SetOpenFindings sets the OpenFindings field's value. +func (s *MetricsSummary) SetOpenFindings(v *FindingMetricsValuePerSeverity) *MetricsSummary { + s.OpenFindings = v + return s +} + +// SetScansWithMostOpenCriticalFindings sets the ScansWithMostOpenCriticalFindings field's value. +func (s *MetricsSummary) SetScansWithMostOpenCriticalFindings(v []*ScanNameWithFindingNum) *MetricsSummary { + s.ScansWithMostOpenCriticalFindings = v + return s +} + +// SetScansWithMostOpenFindings sets the ScansWithMostOpenFindings field's value. +func (s *MetricsSummary) SetScansWithMostOpenFindings(v []*ScanNameWithFindingNum) *MetricsSummary { + s.ScansWithMostOpenFindings = v + return s +} + +// Information about the recommended course of action to remediate a finding. +type Recommendation struct { + _ struct{} `type:"structure"` + + // The recommended course of action to remediate the finding. + Text *string `locationName:"text" type:"string"` + + // The URL address to the recommendation for remediating the finding. + Url *string `locationName:"url" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Recommendation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Recommendation) GoString() string { + return s.String() +} + +// SetText sets the Text field's value. +func (s *Recommendation) SetText(v string) *Recommendation { + s.Text = &v + return s +} + +// SetUrl sets the Url field's value. +func (s *Recommendation) SetUrl(v string) *Recommendation { + s.Url = &v + return s +} + +// Information about how to remediate a finding. +type Remediation struct { + _ struct{} `type:"structure"` + + // An object that contains information about the recommended course of action + // to remediate a finding. + Recommendation *Recommendation `locationName:"recommendation" type:"structure"` + + // A list of SuggestedFix objects. Each object contains information about a + // suggested code fix to remediate the finding. + SuggestedFixes []*SuggestedFix `locationName:"suggestedFixes" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Remediation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Remediation) GoString() string { + return s.String() +} + +// SetRecommendation sets the Recommendation field's value. +func (s *Remediation) SetRecommendation(v *Recommendation) *Remediation { + s.Recommendation = v + return s +} + +// SetSuggestedFixes sets the SuggestedFixes field's value. +func (s *Remediation) SetSuggestedFixes(v []*SuggestedFix) *Remediation { + s.SuggestedFixes = v + return s +} + +// Information about a resource, such as an Amazon S3 bucket or AWS Lambda function, +// that contains a finding. +type Resource struct { + _ struct{} `type:"structure"` + + // The identifier for the resource. + Id *string `locationName:"id" type:"string"` + + // The identifier for a section of the resource, such as an AWS Lambda layer. + SubResourceId *string `locationName:"subResourceId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Resource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Resource) GoString() string { + return s.String() +} + +// SetId sets the Id field's value. +func (s *Resource) SetId(v string) *Resource { + s.Id = &v + return s +} + +// SetSubResourceId sets the SubResourceId field's value. +func (s *Resource) SetSubResourceId(v string) *Resource { + s.SubResourceId = &v + return s +} + +// The identifier for a resource object that contains resources where a finding +// was detected. +type ResourceId struct { + _ struct{} `type:"structure"` + + // The identifier for the code file uploaded to the resource where a finding + // was detected. + CodeArtifactId *string `locationName:"codeArtifactId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceId) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceId) GoString() string { + return s.String() +} + +// SetCodeArtifactId sets the CodeArtifactId field's value. +func (s *ResourceId) SetCodeArtifactId(v string) *ResourceId { + s.CodeArtifactId = &v + return s +} + +// The resource specified in the request was not found. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The identifier for the error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The identifier for the resource that was not found. + // + // ResourceId is a required field + ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + + // The type of resource that was not found. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Information about a scan with open findings. +type ScanNameWithFindingNum struct { + _ struct{} `type:"structure"` + + // The number of open findings generated by a scan. + FindingNumber *int64 `locationName:"findingNumber" type:"integer"` + + // The name of the scan. + ScanName *string `locationName:"scanName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ScanNameWithFindingNum) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ScanNameWithFindingNum) GoString() string { + return s.String() +} + +// SetFindingNumber sets the FindingNumber field's value. +func (s *ScanNameWithFindingNum) SetFindingNumber(v int64) *ScanNameWithFindingNum { + s.FindingNumber = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *ScanNameWithFindingNum) SetScanName(v string) *ScanNameWithFindingNum { + s.ScanName = &v + return s +} + +// Information about a scan. +type ScanSummary struct { + _ struct{} `type:"structure"` + + // The time when the scan was created. + // + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // The identifier for the scan run. + // + // RunId is a required field + RunId *string `locationName:"runId" type:"string" required:"true"` + + // The name of the scan. + // + // ScanName is a required field + ScanName *string `locationName:"scanName" min:"1" type:"string" required:"true"` + + // The ARN for the scan name. + ScanNameArn *string `locationName:"scanNameArn" min:"1" type:"string"` + + // The state of the scan. A scan can be In Progress, Complete, or Failed. + // + // ScanState is a required field + ScanState *string `locationName:"scanState" type:"string" required:"true" enum:"ScanState"` + + // The time the scan was last updated. A scan is updated when it is re-run. + UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ScanSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ScanSummary) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *ScanSummary) SetCreatedAt(v time.Time) *ScanSummary { + s.CreatedAt = &v + return s +} + +// SetRunId sets the RunId field's value. +func (s *ScanSummary) SetRunId(v string) *ScanSummary { + s.RunId = &v + return s +} + +// SetScanName sets the ScanName field's value. +func (s *ScanSummary) SetScanName(v string) *ScanSummary { + s.ScanName = &v + return s +} + +// SetScanNameArn sets the ScanNameArn field's value. +func (s *ScanSummary) SetScanNameArn(v string) *ScanSummary { + s.ScanNameArn = &v + return s +} + +// SetScanState sets the ScanState field's value. +func (s *ScanSummary) SetScanState(v string) *ScanSummary { + s.ScanState = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *ScanSummary) SetUpdatedAt(v time.Time) *ScanSummary { + s.UpdatedAt = &v + return s +} + +// Information about the suggested code fix to remediate a finding. +type SuggestedFix struct { + _ struct{} `type:"structure"` + + // The suggested code to add to your file. + Code *string `locationName:"code" type:"string"` + + // A description of the suggested code fix and why it is being suggested. + Description *string `locationName:"description" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SuggestedFix) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SuggestedFix) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *SuggestedFix) SetCode(v string) *SuggestedFix { + s.Code = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *SuggestedFix) SetDescription(v string) *SuggestedFix { + s.Description = &v + return s +} + +type TagResourceInput struct { + _ struct{} `type:"structure"` + + // The ARN of the ScanName object. You can retrieve this ARN by calling ListScans + // or GetScan. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" min:"1" type:"string" required:"true"` + + // An array of key-value pairs used to tag an existing scan. A tag is a custom + // attribute label with two parts: + // + // * A tag key. For example, CostCenter, Environment, or Secret. Tag keys + // are case sensitive. + // + // * An optional tag value field. For example, 111122223333, Production, + // or a team name. Omitting the tag value is the same as using an empty string. + // Tag values are case sensitive. + // + // Tags is a required field + Tags map[string]*string `locationName:"tags" type:"map" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput { + s.Tags = v + return s +} + +type TagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TagResourceOutput) GoString() string { + return s.String() +} + +// The request was denied due to request throttling. +type ThrottlingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The identifier for the error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The identifier for the originating quota. + QuotaCode *string `locationName:"quotaCode" type:"string"` + + // The identifier for the originating service. + ServiceCode *string `locationName:"serviceCode" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) GoString() string { + return s.String() +} + +func newErrorThrottlingException(v protocol.ResponseMetadata) error { + return &ThrottlingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ThrottlingException) Code() string { + return "ThrottlingException" +} + +// Message returns the exception's message. +func (s *ThrottlingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ThrottlingException) OrigErr() error { + return nil +} + +func (s *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ThrottlingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ThrottlingException) RequestID() string { + return s.RespMetadata.RequestID +} + +type UntagResourceInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The ARN of the ScanName object. You can retrieve this ARN by calling ListScans + // or GetScan. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" min:"1" type:"string" required:"true"` + + // A list of keys for each tag you want to remove from a scan. + // + // TagKeys is a required field + TagKeys []*string `location:"querystring" locationName:"tagKeys" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { + s.TagKeys = v + return s +} + +type UntagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceOutput) GoString() string { + return s.String() +} + +type UpdateAccountConfigurationInput struct { + _ struct{} `type:"structure"` + + // The KMS key ARN you want to use for encryption. Defaults to service-side + // encryption if missing. + // + // EncryptionConfig is a required field + EncryptionConfig *EncryptionConfig `locationName:"encryptionConfig" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAccountConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAccountConfigurationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateAccountConfigurationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateAccountConfigurationInput"} + if s.EncryptionConfig == nil { + invalidParams.Add(request.NewErrParamRequired("EncryptionConfig")) + } + if s.EncryptionConfig != nil { + if err := s.EncryptionConfig.Validate(); err != nil { + invalidParams.AddNested("EncryptionConfig", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEncryptionConfig sets the EncryptionConfig field's value. +func (s *UpdateAccountConfigurationInput) SetEncryptionConfig(v *EncryptionConfig) *UpdateAccountConfigurationInput { + s.EncryptionConfig = v + return s +} + +type UpdateAccountConfigurationOutput struct { + _ struct{} `type:"structure"` + + // An EncryptionConfig object that contains the KMS key ARN to use for encryption. + // + // EncryptionConfig is a required field + EncryptionConfig *EncryptionConfig `locationName:"encryptionConfig" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAccountConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAccountConfigurationOutput) GoString() string { + return s.String() +} + +// SetEncryptionConfig sets the EncryptionConfig field's value. +func (s *UpdateAccountConfigurationOutput) SetEncryptionConfig(v *EncryptionConfig) *UpdateAccountConfigurationOutput { + s.EncryptionConfig = v + return s +} + +// The input fails to satisfy the specified constraints. +type ValidationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The identifier for the error. + // + // ErrorCode is a required field + ErrorCode *string `locationName:"errorCode" type:"string" required:"true"` + + // The field that caused the error, if applicable. + FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"` + + // Description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The reason the request failed validation. + // + // Reason is a required field + Reason *string `locationName:"reason" type:"string" required:"true" enum:"ValidationExceptionReason"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) GoString() string { + return s.String() +} + +func newErrorValidationException(v protocol.ResponseMetadata) error { + return &ValidationException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ValidationException) Code() string { + return "ValidationException" +} + +// Message returns the exception's message. +func (s *ValidationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ValidationException) OrigErr() error { + return nil +} + +func (s *ValidationException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ValidationException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ValidationException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Information about a validation exception. +type ValidationExceptionField struct { + _ struct{} `type:"structure"` + + // Describes the exception. + // + // Message is a required field + Message *string `locationName:"message" type:"string" required:"true"` + + // The name of the exception. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationExceptionField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationExceptionField) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField { + s.Message = &v + return s +} + +// SetName sets the Name field's value. +func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField { + s.Name = &v + return s +} + +// Information about a security vulnerability that Amazon CodeGuru Security +// detected. +type Vulnerability struct { + _ struct{} `type:"structure"` + + // An object that describes the location of the detected security vulnerability + // in your code. + FilePath *FilePath `locationName:"filePath" type:"structure"` + + // The identifier for the vulnerability. + Id *string `locationName:"id" type:"string"` + + // The number of times the vulnerability appears in your code. + ItemCount *int64 `locationName:"itemCount" type:"integer"` + + // One or more URL addresses that contain details about a vulnerability. + ReferenceUrls []*string `locationName:"referenceUrls" type:"list"` + + // One or more vulnerabilities that are related to the vulnerability being described. + RelatedVulnerabilities []*string `locationName:"relatedVulnerabilities" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Vulnerability) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Vulnerability) GoString() string { + return s.String() +} + +// SetFilePath sets the FilePath field's value. +func (s *Vulnerability) SetFilePath(v *FilePath) *Vulnerability { + s.FilePath = v + return s +} + +// SetId sets the Id field's value. +func (s *Vulnerability) SetId(v string) *Vulnerability { + s.Id = &v + return s +} + +// SetItemCount sets the ItemCount field's value. +func (s *Vulnerability) SetItemCount(v int64) *Vulnerability { + s.ItemCount = &v + return s +} + +// SetReferenceUrls sets the ReferenceUrls field's value. +func (s *Vulnerability) SetReferenceUrls(v []*string) *Vulnerability { + s.ReferenceUrls = v + return s +} + +// SetRelatedVulnerabilities sets the RelatedVulnerabilities field's value. +func (s *Vulnerability) SetRelatedVulnerabilities(v []*string) *Vulnerability { + s.RelatedVulnerabilities = v + return s +} + +const ( + // AnalysisTypeSecurity is a AnalysisType enum value + AnalysisTypeSecurity = "Security" + + // AnalysisTypeAll is a AnalysisType enum value + AnalysisTypeAll = "All" +) + +// AnalysisType_Values returns all elements of the AnalysisType enum +func AnalysisType_Values() []string { + return []string{ + AnalysisTypeSecurity, + AnalysisTypeAll, + } +} + +const ( + // ErrorCodeDuplicateIdentifier is a ErrorCode enum value + ErrorCodeDuplicateIdentifier = "DUPLICATE_IDENTIFIER" + + // ErrorCodeItemDoesNotExist is a ErrorCode enum value + ErrorCodeItemDoesNotExist = "ITEM_DOES_NOT_EXIST" + + // ErrorCodeInternalError is a ErrorCode enum value + ErrorCodeInternalError = "INTERNAL_ERROR" + + // ErrorCodeInvalidFindingId is a ErrorCode enum value + ErrorCodeInvalidFindingId = "INVALID_FINDING_ID" + + // ErrorCodeInvalidScanName is a ErrorCode enum value + ErrorCodeInvalidScanName = "INVALID_SCAN_NAME" +) + +// ErrorCode_Values returns all elements of the ErrorCode enum +func ErrorCode_Values() []string { + return []string{ + ErrorCodeDuplicateIdentifier, + ErrorCodeItemDoesNotExist, + ErrorCodeInternalError, + ErrorCodeInvalidFindingId, + ErrorCodeInvalidScanName, + } +} + +const ( + // ScanStateInProgress is a ScanState enum value + ScanStateInProgress = "InProgress" + + // ScanStateSuccessful is a ScanState enum value + ScanStateSuccessful = "Successful" + + // ScanStateFailed is a ScanState enum value + ScanStateFailed = "Failed" +) + +// ScanState_Values returns all elements of the ScanState enum +func ScanState_Values() []string { + return []string{ + ScanStateInProgress, + ScanStateSuccessful, + ScanStateFailed, + } +} + +const ( + // ScanTypeStandard is a ScanType enum value + ScanTypeStandard = "Standard" + + // ScanTypeExpress is a ScanType enum value + ScanTypeExpress = "Express" +) + +// ScanType_Values returns all elements of the ScanType enum +func ScanType_Values() []string { + return []string{ + ScanTypeStandard, + ScanTypeExpress, + } +} + +const ( + // SeverityCritical is a Severity enum value + SeverityCritical = "Critical" + + // SeverityHigh is a Severity enum value + SeverityHigh = "High" + + // SeverityMedium is a Severity enum value + SeverityMedium = "Medium" + + // SeverityLow is a Severity enum value + SeverityLow = "Low" + + // SeverityInfo is a Severity enum value + SeverityInfo = "Info" +) + +// Severity_Values returns all elements of the Severity enum +func Severity_Values() []string { + return []string{ + SeverityCritical, + SeverityHigh, + SeverityMedium, + SeverityLow, + SeverityInfo, + } +} + +const ( + // StatusClosed is a Status enum value + StatusClosed = "Closed" + + // StatusOpen is a Status enum value + StatusOpen = "Open" + + // StatusAll is a Status enum value + StatusAll = "All" +) + +// Status_Values returns all elements of the Status enum +func Status_Values() []string { + return []string{ + StatusClosed, + StatusOpen, + StatusAll, + } +} + +const ( + // ValidationExceptionReasonUnknownOperation is a ValidationExceptionReason enum value + ValidationExceptionReasonUnknownOperation = "unknownOperation" + + // ValidationExceptionReasonCannotParse is a ValidationExceptionReason enum value + ValidationExceptionReasonCannotParse = "cannotParse" + + // ValidationExceptionReasonFieldValidationFailed is a ValidationExceptionReason enum value + ValidationExceptionReasonFieldValidationFailed = "fieldValidationFailed" + + // ValidationExceptionReasonOther is a ValidationExceptionReason enum value + ValidationExceptionReasonOther = "other" + + // ValidationExceptionReasonLambdaCodeShaMisMatch is a ValidationExceptionReason enum value + ValidationExceptionReasonLambdaCodeShaMisMatch = "lambdaCodeShaMisMatch" +) + +// ValidationExceptionReason_Values returns all elements of the ValidationExceptionReason enum +func ValidationExceptionReason_Values() []string { + return []string{ + ValidationExceptionReasonUnknownOperation, + ValidationExceptionReasonCannotParse, + ValidationExceptionReasonFieldValidationFailed, + ValidationExceptionReasonOther, + ValidationExceptionReasonLambdaCodeShaMisMatch, + } +} diff --git a/service/codegurusecurity/codegurusecurityiface/interface.go b/service/codegurusecurity/codegurusecurityiface/interface.go new file mode 100644 index 00000000000..491fbeca362 --- /dev/null +++ b/service/codegurusecurity/codegurusecurityiface/interface.go @@ -0,0 +1,125 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package codegurusecurityiface provides an interface to enable mocking the Amazon CodeGuru Security service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package codegurusecurityiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/codegurusecurity" +) + +// CodeGuruSecurityAPI provides an interface to enable mocking the +// codegurusecurity.CodeGuruSecurity service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // Amazon CodeGuru Security. +// func myFunc(svc codegurusecurityiface.CodeGuruSecurityAPI) bool { +// // Make svc.BatchGetFindings request +// } +// +// func main() { +// sess := session.New() +// svc := codegurusecurity.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockCodeGuruSecurityClient struct { +// codegurusecurityiface.CodeGuruSecurityAPI +// } +// func (m *mockCodeGuruSecurityClient) BatchGetFindings(input *codegurusecurity.BatchGetFindingsInput) (*codegurusecurity.BatchGetFindingsOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockCodeGuruSecurityClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type CodeGuruSecurityAPI interface { + BatchGetFindings(*codegurusecurity.BatchGetFindingsInput) (*codegurusecurity.BatchGetFindingsOutput, error) + BatchGetFindingsWithContext(aws.Context, *codegurusecurity.BatchGetFindingsInput, ...request.Option) (*codegurusecurity.BatchGetFindingsOutput, error) + BatchGetFindingsRequest(*codegurusecurity.BatchGetFindingsInput) (*request.Request, *codegurusecurity.BatchGetFindingsOutput) + + CreateScan(*codegurusecurity.CreateScanInput) (*codegurusecurity.CreateScanOutput, error) + CreateScanWithContext(aws.Context, *codegurusecurity.CreateScanInput, ...request.Option) (*codegurusecurity.CreateScanOutput, error) + CreateScanRequest(*codegurusecurity.CreateScanInput) (*request.Request, *codegurusecurity.CreateScanOutput) + + CreateUploadUrl(*codegurusecurity.CreateUploadUrlInput) (*codegurusecurity.CreateUploadUrlOutput, error) + CreateUploadUrlWithContext(aws.Context, *codegurusecurity.CreateUploadUrlInput, ...request.Option) (*codegurusecurity.CreateUploadUrlOutput, error) + CreateUploadUrlRequest(*codegurusecurity.CreateUploadUrlInput) (*request.Request, *codegurusecurity.CreateUploadUrlOutput) + + GetAccountConfiguration(*codegurusecurity.GetAccountConfigurationInput) (*codegurusecurity.GetAccountConfigurationOutput, error) + GetAccountConfigurationWithContext(aws.Context, *codegurusecurity.GetAccountConfigurationInput, ...request.Option) (*codegurusecurity.GetAccountConfigurationOutput, error) + GetAccountConfigurationRequest(*codegurusecurity.GetAccountConfigurationInput) (*request.Request, *codegurusecurity.GetAccountConfigurationOutput) + + GetFindings(*codegurusecurity.GetFindingsInput) (*codegurusecurity.GetFindingsOutput, error) + GetFindingsWithContext(aws.Context, *codegurusecurity.GetFindingsInput, ...request.Option) (*codegurusecurity.GetFindingsOutput, error) + GetFindingsRequest(*codegurusecurity.GetFindingsInput) (*request.Request, *codegurusecurity.GetFindingsOutput) + + GetFindingsPages(*codegurusecurity.GetFindingsInput, func(*codegurusecurity.GetFindingsOutput, bool) bool) error + GetFindingsPagesWithContext(aws.Context, *codegurusecurity.GetFindingsInput, func(*codegurusecurity.GetFindingsOutput, bool) bool, ...request.Option) error + + GetMetricsSummary(*codegurusecurity.GetMetricsSummaryInput) (*codegurusecurity.GetMetricsSummaryOutput, error) + GetMetricsSummaryWithContext(aws.Context, *codegurusecurity.GetMetricsSummaryInput, ...request.Option) (*codegurusecurity.GetMetricsSummaryOutput, error) + GetMetricsSummaryRequest(*codegurusecurity.GetMetricsSummaryInput) (*request.Request, *codegurusecurity.GetMetricsSummaryOutput) + + GetScan(*codegurusecurity.GetScanInput) (*codegurusecurity.GetScanOutput, error) + GetScanWithContext(aws.Context, *codegurusecurity.GetScanInput, ...request.Option) (*codegurusecurity.GetScanOutput, error) + GetScanRequest(*codegurusecurity.GetScanInput) (*request.Request, *codegurusecurity.GetScanOutput) + + ListFindingsMetrics(*codegurusecurity.ListFindingsMetricsInput) (*codegurusecurity.ListFindingsMetricsOutput, error) + ListFindingsMetricsWithContext(aws.Context, *codegurusecurity.ListFindingsMetricsInput, ...request.Option) (*codegurusecurity.ListFindingsMetricsOutput, error) + ListFindingsMetricsRequest(*codegurusecurity.ListFindingsMetricsInput) (*request.Request, *codegurusecurity.ListFindingsMetricsOutput) + + ListFindingsMetricsPages(*codegurusecurity.ListFindingsMetricsInput, func(*codegurusecurity.ListFindingsMetricsOutput, bool) bool) error + ListFindingsMetricsPagesWithContext(aws.Context, *codegurusecurity.ListFindingsMetricsInput, func(*codegurusecurity.ListFindingsMetricsOutput, bool) bool, ...request.Option) error + + ListScans(*codegurusecurity.ListScansInput) (*codegurusecurity.ListScansOutput, error) + ListScansWithContext(aws.Context, *codegurusecurity.ListScansInput, ...request.Option) (*codegurusecurity.ListScansOutput, error) + ListScansRequest(*codegurusecurity.ListScansInput) (*request.Request, *codegurusecurity.ListScansOutput) + + ListScansPages(*codegurusecurity.ListScansInput, func(*codegurusecurity.ListScansOutput, bool) bool) error + ListScansPagesWithContext(aws.Context, *codegurusecurity.ListScansInput, func(*codegurusecurity.ListScansOutput, bool) bool, ...request.Option) error + + ListTagsForResource(*codegurusecurity.ListTagsForResourceInput) (*codegurusecurity.ListTagsForResourceOutput, error) + ListTagsForResourceWithContext(aws.Context, *codegurusecurity.ListTagsForResourceInput, ...request.Option) (*codegurusecurity.ListTagsForResourceOutput, error) + ListTagsForResourceRequest(*codegurusecurity.ListTagsForResourceInput) (*request.Request, *codegurusecurity.ListTagsForResourceOutput) + + TagResource(*codegurusecurity.TagResourceInput) (*codegurusecurity.TagResourceOutput, error) + TagResourceWithContext(aws.Context, *codegurusecurity.TagResourceInput, ...request.Option) (*codegurusecurity.TagResourceOutput, error) + TagResourceRequest(*codegurusecurity.TagResourceInput) (*request.Request, *codegurusecurity.TagResourceOutput) + + UntagResource(*codegurusecurity.UntagResourceInput) (*codegurusecurity.UntagResourceOutput, error) + UntagResourceWithContext(aws.Context, *codegurusecurity.UntagResourceInput, ...request.Option) (*codegurusecurity.UntagResourceOutput, error) + UntagResourceRequest(*codegurusecurity.UntagResourceInput) (*request.Request, *codegurusecurity.UntagResourceOutput) + + UpdateAccountConfiguration(*codegurusecurity.UpdateAccountConfigurationInput) (*codegurusecurity.UpdateAccountConfigurationOutput, error) + UpdateAccountConfigurationWithContext(aws.Context, *codegurusecurity.UpdateAccountConfigurationInput, ...request.Option) (*codegurusecurity.UpdateAccountConfigurationOutput, error) + UpdateAccountConfigurationRequest(*codegurusecurity.UpdateAccountConfigurationInput) (*request.Request, *codegurusecurity.UpdateAccountConfigurationOutput) +} + +var _ CodeGuruSecurityAPI = (*codegurusecurity.CodeGuruSecurity)(nil) diff --git a/service/codegurusecurity/doc.go b/service/codegurusecurity/doc.go new file mode 100644 index 00000000000..045438cc83c --- /dev/null +++ b/service/codegurusecurity/doc.go @@ -0,0 +1,36 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package codegurusecurity provides the client and types for making API +// requests to Amazon CodeGuru Security. +// +// This section provides documentation for the Amazon CodeGuru Security (https://docs.aws.amazon.com/https:/docs.aws.amazon.com/codeguru/latest/security-ug/what-is-codeguru-security.html) +// API operations. CodeGuru Security is a service that uses program analysis +// and machine learning to detect security policy violations and vulnerabilities, +// and recommends ways to address these security risks. +// +// By proactively detecting and providing recommendations for addressing security +// risks, CodeGuru Security improves the overall security of your application +// code. For more information about CodeGuru Security, see the Amazon CodeGuru +// Security User Guide (https://docs.aws.amazon.com/codeguru/latest/security-ug/what-is-codeguru-security.html). +// +// See https://docs.aws.amazon.com/goto/WebAPI/codeguru-security-2018-05-10 for more information on this service. +// +// See codegurusecurity package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/codegurusecurity/ +// +// # Using the Client +// +// To contact Amazon CodeGuru Security with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the Amazon CodeGuru Security client CodeGuruSecurity for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/codegurusecurity/#New +package codegurusecurity diff --git a/service/codegurusecurity/errors.go b/service/codegurusecurity/errors.go new file mode 100644 index 00000000000..5c2df0ad99a --- /dev/null +++ b/service/codegurusecurity/errors.go @@ -0,0 +1,57 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package codegurusecurity + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You do not have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeConflictException for service response error code + // "ConflictException". + // + // The requested operation would cause a conflict with the current state of + // a service resource associated with the request. Resolve the conflict before + // retrying this request. + ErrCodeConflictException = "ConflictException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // The server encountered an internal error and is unable to complete the request. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The resource specified in the request was not found. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeThrottlingException for service response error code + // "ThrottlingException". + // + // The request was denied due to request throttling. + ErrCodeThrottlingException = "ThrottlingException" + + // ErrCodeValidationException for service response error code + // "ValidationException". + // + // The input fails to satisfy the specified constraints. + ErrCodeValidationException = "ValidationException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "ConflictException": newErrorConflictException, + "InternalServerException": newErrorInternalServerException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "ThrottlingException": newErrorThrottlingException, + "ValidationException": newErrorValidationException, +} diff --git a/service/codegurusecurity/service.go b/service/codegurusecurity/service.go new file mode 100644 index 00000000000..a2d7051de6e --- /dev/null +++ b/service/codegurusecurity/service.go @@ -0,0 +1,106 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package codegurusecurity + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// CodeGuruSecurity provides the API operation methods for making requests to +// Amazon CodeGuru Security. See this package's package overview docs +// for details on the service. +// +// CodeGuruSecurity methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type CodeGuruSecurity struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "CodeGuru Security" // Name of service. + EndpointsID = "codeguru-security" // ID to lookup a service endpoint with. + ServiceID = "CodeGuru Security" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the CodeGuruSecurity client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a CodeGuruSecurity client from just a session. +// svc := codegurusecurity.New(mySession) +// +// // Create a CodeGuruSecurity client with additional configuration +// svc := codegurusecurity.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *CodeGuruSecurity { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "codeguru-security" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *CodeGuruSecurity { + svc := &CodeGuruSecurity{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2018-05-10", + ResolvedRegion: resolvedRegion, + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a CodeGuruSecurity operation and runs any +// custom request initialization. +func (c *CodeGuruSecurity) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/service/drs/api.go b/service/drs/api.go index c0d07f2b7cf..30d756e6600 100644 --- a/service/drs/api.go +++ b/service/drs/api.go @@ -4,6 +4,7 @@ package drs import ( "fmt" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awsutil" @@ -12,6 +13,107 @@ import ( "github.com/aws/aws-sdk-go/private/protocol/restjson" ) +const opAssociateSourceNetworkStack = "AssociateSourceNetworkStack" + +// AssociateSourceNetworkStackRequest generates a "aws/request.Request" representing the +// client's request for the AssociateSourceNetworkStack operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateSourceNetworkStack for more information on using the AssociateSourceNetworkStack +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateSourceNetworkStackRequest method. +// req, resp := client.AssociateSourceNetworkStackRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/AssociateSourceNetworkStack +func (c *Drs) AssociateSourceNetworkStackRequest(input *AssociateSourceNetworkStackInput) (req *request.Request, output *AssociateSourceNetworkStackOutput) { + op := &request.Operation{ + Name: opAssociateSourceNetworkStack, + HTTPMethod: "POST", + HTTPPath: "/AssociateSourceNetworkStack", + } + + if input == nil { + input = &AssociateSourceNetworkStackInput{} + } + + output = &AssociateSourceNetworkStackOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateSourceNetworkStack API operation for Elastic Disaster Recovery Service. +// +// Associate a Source Network to an existing CloudFormation Stack and modify +// launch templates to use this network. Can be used for reverting to previously +// deployed CloudFormation stacks. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation AssociateSourceNetworkStack for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ServiceQuotaExceededException +// The request could not be completed because its exceeded the service quota. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/AssociateSourceNetworkStack +func (c *Drs) AssociateSourceNetworkStack(input *AssociateSourceNetworkStackInput) (*AssociateSourceNetworkStackOutput, error) { + req, out := c.AssociateSourceNetworkStackRequest(input) + return out, req.Send() +} + +// AssociateSourceNetworkStackWithContext is the same as AssociateSourceNetworkStack with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateSourceNetworkStack for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) AssociateSourceNetworkStackWithContext(ctx aws.Context, input *AssociateSourceNetworkStackInput, opts ...request.Option) (*AssociateSourceNetworkStackOutput, error) { + req, out := c.AssociateSourceNetworkStackRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateExtendedSourceServer = "CreateExtendedSourceServer" // CreateExtendedSourceServerRequest generates a "aws/request.Request" representing the @@ -301,6 +403,105 @@ func (c *Drs) CreateReplicationConfigurationTemplateWithContext(ctx aws.Context, return out, req.Send() } +const opCreateSourceNetwork = "CreateSourceNetwork" + +// CreateSourceNetworkRequest generates a "aws/request.Request" representing the +// client's request for the CreateSourceNetwork operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateSourceNetwork for more information on using the CreateSourceNetwork +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateSourceNetworkRequest method. +// req, resp := client.CreateSourceNetworkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/CreateSourceNetwork +func (c *Drs) CreateSourceNetworkRequest(input *CreateSourceNetworkInput) (req *request.Request, output *CreateSourceNetworkOutput) { + op := &request.Operation{ + Name: opCreateSourceNetwork, + HTTPMethod: "POST", + HTTPPath: "/CreateSourceNetwork", + } + + if input == nil { + input = &CreateSourceNetworkInput{} + } + + output = &CreateSourceNetworkOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateSourceNetwork API operation for Elastic Disaster Recovery Service. +// +// Create a new Source Network resource for a provided VPC ID. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation CreateSourceNetwork for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ServiceQuotaExceededException +// The request could not be completed because its exceeded the service quota. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/CreateSourceNetwork +func (c *Drs) CreateSourceNetwork(input *CreateSourceNetworkInput) (*CreateSourceNetworkOutput, error) { + req, out := c.CreateSourceNetworkRequest(input) + return out, req.Send() +} + +// CreateSourceNetworkWithContext is the same as CreateSourceNetwork with the addition of +// the ability to pass a context and additional request options. +// +// See CreateSourceNetwork for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) CreateSourceNetworkWithContext(ctx aws.Context, input *CreateSourceNetworkInput, opts ...request.Option) (*CreateSourceNetworkOutput, error) { + req, out := c.CreateSourceNetworkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteJob = "DeleteJob" // DeleteJobRequest generates a "aws/request.Request" representing the @@ -679,6 +880,100 @@ func (c *Drs) DeleteReplicationConfigurationTemplateWithContext(ctx aws.Context, return out, req.Send() } +const opDeleteSourceNetwork = "DeleteSourceNetwork" + +// DeleteSourceNetworkRequest generates a "aws/request.Request" representing the +// client's request for the DeleteSourceNetwork operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteSourceNetwork for more information on using the DeleteSourceNetwork +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteSourceNetworkRequest method. +// req, resp := client.DeleteSourceNetworkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DeleteSourceNetwork +func (c *Drs) DeleteSourceNetworkRequest(input *DeleteSourceNetworkInput) (req *request.Request, output *DeleteSourceNetworkOutput) { + op := &request.Operation{ + Name: opDeleteSourceNetwork, + HTTPMethod: "POST", + HTTPPath: "/DeleteSourceNetwork", + } + + if input == nil { + input = &DeleteSourceNetworkInput{} + } + + output = &DeleteSourceNetworkOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteSourceNetwork API operation for Elastic Disaster Recovery Service. +// +// Delete Source Network resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation DeleteSourceNetwork for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DeleteSourceNetwork +func (c *Drs) DeleteSourceNetwork(input *DeleteSourceNetworkInput) (*DeleteSourceNetworkOutput, error) { + req, out := c.DeleteSourceNetworkRequest(input) + return out, req.Send() +} + +// DeleteSourceNetworkWithContext is the same as DeleteSourceNetwork with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteSourceNetwork for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) DeleteSourceNetworkWithContext(ctx aws.Context, input *DeleteSourceNetworkInput, opts ...request.Option) (*DeleteSourceNetworkOutput, error) { + req, out := c.DeleteSourceNetworkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteSourceServer = "DeleteSourceServer" // DeleteSourceServerRequest generates a "aws/request.Request" representing the @@ -1665,36 +1960,36 @@ func (c *Drs) DescribeReplicationConfigurationTemplatesPagesWithContext(ctx aws. return p.Err() } -const opDescribeSourceServers = "DescribeSourceServers" +const opDescribeSourceNetworks = "DescribeSourceNetworks" -// DescribeSourceServersRequest generates a "aws/request.Request" representing the -// client's request for the DescribeSourceServers operation. The "output" return +// DescribeSourceNetworksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeSourceNetworks operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeSourceServers for more information on using the DescribeSourceServers +// See DescribeSourceNetworks for more information on using the DescribeSourceNetworks // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeSourceServersRequest method. -// req, resp := client.DescribeSourceServersRequest(params) +// // Example sending a request using the DescribeSourceNetworksRequest method. +// req, resp := client.DescribeSourceNetworksRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceServers -func (c *Drs) DescribeSourceServersRequest(input *DescribeSourceServersInput) (req *request.Request, output *DescribeSourceServersOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceNetworks +func (c *Drs) DescribeSourceNetworksRequest(input *DescribeSourceNetworksInput) (req *request.Request, output *DescribeSourceNetworksOutput) { op := &request.Operation{ - Name: opDescribeSourceServers, + Name: opDescribeSourceNetworks, HTTPMethod: "POST", - HTTPPath: "/DescribeSourceServers", + HTTPPath: "/DescribeSourceNetworks", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, OutputTokens: []string{"nextToken"}, @@ -1704,24 +1999,24 @@ func (c *Drs) DescribeSourceServersRequest(input *DescribeSourceServersInput) (r } if input == nil { - input = &DescribeSourceServersInput{} + input = &DescribeSourceNetworksInput{} } - output = &DescribeSourceServersOutput{} + output = &DescribeSourceNetworksOutput{} req = c.newRequest(op, input, output) return } -// DescribeSourceServers API operation for Elastic Disaster Recovery Service. +// DescribeSourceNetworks API operation for Elastic Disaster Recovery Service. // -// Lists all Source Servers or multiple Source Servers filtered by ID. +// Lists all Source Networks or multiple Source Networks filtered by ID. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Elastic Disaster Recovery Service's -// API operation DescribeSourceServers for usage and error information. +// API operation DescribeSourceNetworks for usage and error information. // // Returned Error Types: // @@ -1738,49 +2033,195 @@ func (c *Drs) DescribeSourceServersRequest(input *DescribeSourceServersInput) (r // - UninitializedAccountException // The account performing the request has not been initialized. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceServers -func (c *Drs) DescribeSourceServers(input *DescribeSourceServersInput) (*DescribeSourceServersOutput, error) { - req, out := c.DescribeSourceServersRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceNetworks +func (c *Drs) DescribeSourceNetworks(input *DescribeSourceNetworksInput) (*DescribeSourceNetworksOutput, error) { + req, out := c.DescribeSourceNetworksRequest(input) return out, req.Send() } -// DescribeSourceServersWithContext is the same as DescribeSourceServers with the addition of +// DescribeSourceNetworksWithContext is the same as DescribeSourceNetworks with the addition of // the ability to pass a context and additional request options. // -// See DescribeSourceServers for details on how to use this API operation. +// See DescribeSourceNetworks for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Drs) DescribeSourceServersWithContext(ctx aws.Context, input *DescribeSourceServersInput, opts ...request.Option) (*DescribeSourceServersOutput, error) { - req, out := c.DescribeSourceServersRequest(input) +func (c *Drs) DescribeSourceNetworksWithContext(ctx aws.Context, input *DescribeSourceNetworksInput, opts ...request.Option) (*DescribeSourceNetworksOutput, error) { + req, out := c.DescribeSourceNetworksRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeSourceServersPages iterates over the pages of a DescribeSourceServers operation, +// DescribeSourceNetworksPages iterates over the pages of a DescribeSourceNetworks operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See DescribeSourceServers method for more information on how to use this operation. +// See DescribeSourceNetworks method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a DescribeSourceServers operation. +// // Example iterating over at most 3 pages of a DescribeSourceNetworks operation. // pageNum := 0 -// err := client.DescribeSourceServersPages(params, -// func(page *drs.DescribeSourceServersOutput, lastPage bool) bool { +// err := client.DescribeSourceNetworksPages(params, +// func(page *drs.DescribeSourceNetworksOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *Drs) DescribeSourceServersPages(input *DescribeSourceServersInput, fn func(*DescribeSourceServersOutput, bool) bool) error { - return c.DescribeSourceServersPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *Drs) DescribeSourceNetworksPages(input *DescribeSourceNetworksInput, fn func(*DescribeSourceNetworksOutput, bool) bool) error { + return c.DescribeSourceNetworksPagesWithContext(aws.BackgroundContext(), input, fn) } -// DescribeSourceServersPagesWithContext same as DescribeSourceServersPages except +// DescribeSourceNetworksPagesWithContext same as DescribeSourceNetworksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) DescribeSourceNetworksPagesWithContext(ctx aws.Context, input *DescribeSourceNetworksInput, fn func(*DescribeSourceNetworksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeSourceNetworksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeSourceNetworksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeSourceNetworksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeSourceServers = "DescribeSourceServers" + +// DescribeSourceServersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeSourceServers operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeSourceServers for more information on using the DescribeSourceServers +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeSourceServersRequest method. +// req, resp := client.DescribeSourceServersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceServers +func (c *Drs) DescribeSourceServersRequest(input *DescribeSourceServersInput) (req *request.Request, output *DescribeSourceServersOutput) { + op := &request.Operation{ + Name: opDescribeSourceServers, + HTTPMethod: "POST", + HTTPPath: "/DescribeSourceServers", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeSourceServersInput{} + } + + output = &DescribeSourceServersOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeSourceServers API operation for Elastic Disaster Recovery Service. +// +// Lists all Source Servers or multiple Source Servers filtered by ID. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation DescribeSourceServers for usage and error information. +// +// Returned Error Types: +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/DescribeSourceServers +func (c *Drs) DescribeSourceServers(input *DescribeSourceServersInput) (*DescribeSourceServersOutput, error) { + req, out := c.DescribeSourceServersRequest(input) + return out, req.Send() +} + +// DescribeSourceServersWithContext is the same as DescribeSourceServers with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeSourceServers for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) DescribeSourceServersWithContext(ctx aws.Context, input *DescribeSourceServersInput, opts ...request.Option) (*DescribeSourceServersOutput, error) { + req, out := c.DescribeSourceServersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeSourceServersPages iterates over the pages of a DescribeSourceServers operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeSourceServers method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeSourceServers operation. +// pageNum := 0 +// err := client.DescribeSourceServersPages(params, +// func(page *drs.DescribeSourceServersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *Drs) DescribeSourceServersPages(input *DescribeSourceServersInput, fn func(*DescribeSourceServersOutput, bool) bool) error { + return c.DescribeSourceServersPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeSourceServersPagesWithContext same as DescribeSourceServersPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If @@ -2022,6 +2463,102 @@ func (c *Drs) DisconnectSourceServerWithContext(ctx aws.Context, input *Disconne return out, req.Send() } +const opExportSourceNetworkCfnTemplate = "ExportSourceNetworkCfnTemplate" + +// ExportSourceNetworkCfnTemplateRequest generates a "aws/request.Request" representing the +// client's request for the ExportSourceNetworkCfnTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ExportSourceNetworkCfnTemplate for more information on using the ExportSourceNetworkCfnTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ExportSourceNetworkCfnTemplateRequest method. +// req, resp := client.ExportSourceNetworkCfnTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/ExportSourceNetworkCfnTemplate +func (c *Drs) ExportSourceNetworkCfnTemplateRequest(input *ExportSourceNetworkCfnTemplateInput) (req *request.Request, output *ExportSourceNetworkCfnTemplateOutput) { + op := &request.Operation{ + Name: opExportSourceNetworkCfnTemplate, + HTTPMethod: "POST", + HTTPPath: "/ExportSourceNetworkCfnTemplate", + } + + if input == nil { + input = &ExportSourceNetworkCfnTemplateInput{} + } + + output = &ExportSourceNetworkCfnTemplateOutput{} + req = c.newRequest(op, input, output) + return +} + +// ExportSourceNetworkCfnTemplate API operation for Elastic Disaster Recovery Service. +// +// Export the Source Network CloudFormation template to an S3 bucket. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation ExportSourceNetworkCfnTemplate for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/ExportSourceNetworkCfnTemplate +func (c *Drs) ExportSourceNetworkCfnTemplate(input *ExportSourceNetworkCfnTemplateInput) (*ExportSourceNetworkCfnTemplateOutput, error) { + req, out := c.ExportSourceNetworkCfnTemplateRequest(input) + return out, req.Send() +} + +// ExportSourceNetworkCfnTemplateWithContext is the same as ExportSourceNetworkCfnTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See ExportSourceNetworkCfnTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) ExportSourceNetworkCfnTemplateWithContext(ctx aws.Context, input *ExportSourceNetworkCfnTemplateInput, opts ...request.Option) (*ExportSourceNetworkCfnTemplateOutput, error) { + req, out := c.ExportSourceNetworkCfnTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetFailbackReplicationConfiguration = "GetFailbackReplicationConfiguration" // GetFailbackReplicationConfigurationRequest generates a "aws/request.Request" representing the @@ -3270,101 +3807,293 @@ func (c *Drs) StartReplicationWithContext(ctx aws.Context, input *StartReplicati return out, req.Send() } -const opStopFailback = "StopFailback" +const opStartSourceNetworkRecovery = "StartSourceNetworkRecovery" -// StopFailbackRequest generates a "aws/request.Request" representing the -// client's request for the StopFailback operation. The "output" return +// StartSourceNetworkRecoveryRequest generates a "aws/request.Request" representing the +// client's request for the StartSourceNetworkRecovery operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StopFailback for more information on using the StopFailback +// See StartSourceNetworkRecovery for more information on using the StartSourceNetworkRecovery // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the StopFailbackRequest method. -// req, resp := client.StopFailbackRequest(params) +// // Example sending a request using the StartSourceNetworkRecoveryRequest method. +// req, resp := client.StartSourceNetworkRecoveryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopFailback -func (c *Drs) StopFailbackRequest(input *StopFailbackInput) (req *request.Request, output *StopFailbackOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StartSourceNetworkRecovery +func (c *Drs) StartSourceNetworkRecoveryRequest(input *StartSourceNetworkRecoveryInput) (req *request.Request, output *StartSourceNetworkRecoveryOutput) { op := &request.Operation{ - Name: opStopFailback, + Name: opStartSourceNetworkRecovery, HTTPMethod: "POST", - HTTPPath: "/StopFailback", + HTTPPath: "/StartSourceNetworkRecovery", } if input == nil { - input = &StopFailbackInput{} + input = &StartSourceNetworkRecoveryInput{} } - output = &StopFailbackOutput{} + output = &StartSourceNetworkRecoveryOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// StopFailback API operation for Elastic Disaster Recovery Service. +// StartSourceNetworkRecovery API operation for Elastic Disaster Recovery Service. // -// Stops the failback process for a specified Recovery Instance. This changes -// the Failback State of the Recovery Instance back to FAILBACK_NOT_STARTED. +// Deploy VPC for the specified Source Network and modify launch templates to +// use this network. The VPC will be deployed using a dedicated CloudFormation +// stack. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Elastic Disaster Recovery Service's -// API operation StopFailback for usage and error information. +// API operation StartSourceNetworkRecovery for usage and error information. // // Returned Error Types: // -// - ResourceNotFoundException -// The resource for this operation was not found. -// // - InternalServerException // The request processing has failed because of an unknown error, exception // or failure. // +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ServiceQuotaExceededException +// The request could not be completed because its exceeded the service quota. +// // - ThrottlingException // The request was denied due to request throttling. // +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// // - UninitializedAccountException // The account performing the request has not been initialized. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopFailback -func (c *Drs) StopFailback(input *StopFailbackInput) (*StopFailbackOutput, error) { - req, out := c.StopFailbackRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StartSourceNetworkRecovery +func (c *Drs) StartSourceNetworkRecovery(input *StartSourceNetworkRecoveryInput) (*StartSourceNetworkRecoveryOutput, error) { + req, out := c.StartSourceNetworkRecoveryRequest(input) return out, req.Send() } -// StopFailbackWithContext is the same as StopFailback with the addition of +// StartSourceNetworkRecoveryWithContext is the same as StartSourceNetworkRecovery with the addition of // the ability to pass a context and additional request options. // -// See StopFailback for details on how to use this API operation. +// See StartSourceNetworkRecovery for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Drs) StopFailbackWithContext(ctx aws.Context, input *StopFailbackInput, opts ...request.Option) (*StopFailbackOutput, error) { - req, out := c.StopFailbackRequest(input) +func (c *Drs) StartSourceNetworkRecoveryWithContext(ctx aws.Context, input *StartSourceNetworkRecoveryInput, opts ...request.Option) (*StartSourceNetworkRecoveryOutput, error) { + req, out := c.StartSourceNetworkRecoveryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStopReplication = "StopReplication" +const opStartSourceNetworkReplication = "StartSourceNetworkReplication" -// StopReplicationRequest generates a "aws/request.Request" representing the -// client's request for the StopReplication operation. The "output" return +// StartSourceNetworkReplicationRequest generates a "aws/request.Request" representing the +// client's request for the StartSourceNetworkReplication operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartSourceNetworkReplication for more information on using the StartSourceNetworkReplication +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartSourceNetworkReplicationRequest method. +// req, resp := client.StartSourceNetworkReplicationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StartSourceNetworkReplication +func (c *Drs) StartSourceNetworkReplicationRequest(input *StartSourceNetworkReplicationInput) (req *request.Request, output *StartSourceNetworkReplicationOutput) { + op := &request.Operation{ + Name: opStartSourceNetworkReplication, + HTTPMethod: "POST", + HTTPPath: "/StartSourceNetworkReplication", + } + + if input == nil { + input = &StartSourceNetworkReplicationInput{} + } + + output = &StartSourceNetworkReplicationOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartSourceNetworkReplication API operation for Elastic Disaster Recovery Service. +// +// Starts replication for a Source Network. This action would make the Source +// Network protected. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation StartSourceNetworkReplication for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StartSourceNetworkReplication +func (c *Drs) StartSourceNetworkReplication(input *StartSourceNetworkReplicationInput) (*StartSourceNetworkReplicationOutput, error) { + req, out := c.StartSourceNetworkReplicationRequest(input) + return out, req.Send() +} + +// StartSourceNetworkReplicationWithContext is the same as StartSourceNetworkReplication with the addition of +// the ability to pass a context and additional request options. +// +// See StartSourceNetworkReplication for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) StartSourceNetworkReplicationWithContext(ctx aws.Context, input *StartSourceNetworkReplicationInput, opts ...request.Option) (*StartSourceNetworkReplicationOutput, error) { + req, out := c.StartSourceNetworkReplicationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStopFailback = "StopFailback" + +// StopFailbackRequest generates a "aws/request.Request" representing the +// client's request for the StopFailback operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopFailback for more information on using the StopFailback +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StopFailbackRequest method. +// req, resp := client.StopFailbackRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopFailback +func (c *Drs) StopFailbackRequest(input *StopFailbackInput) (req *request.Request, output *StopFailbackOutput) { + op := &request.Operation{ + Name: opStopFailback, + HTTPMethod: "POST", + HTTPPath: "/StopFailback", + } + + if input == nil { + input = &StopFailbackInput{} + } + + output = &StopFailbackOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StopFailback API operation for Elastic Disaster Recovery Service. +// +// Stops the failback process for a specified Recovery Instance. This changes +// the Failback State of the Recovery Instance back to FAILBACK_NOT_STARTED. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation StopFailback for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopFailback +func (c *Drs) StopFailback(input *StopFailbackInput) (*StopFailbackOutput, error) { + req, out := c.StopFailbackRequest(input) + return out, req.Send() +} + +// StopFailbackWithContext is the same as StopFailback with the addition of +// the ability to pass a context and additional request options. +// +// See StopFailback for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) StopFailbackWithContext(ctx aws.Context, input *StopFailbackInput, opts ...request.Option) (*StopFailbackOutput, error) { + req, out := c.StopFailbackRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStopReplication = "StopReplication" + +// StopReplicationRequest generates a "aws/request.Request" representing the +// client's request for the StopReplication operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // @@ -3455,6 +4184,103 @@ func (c *Drs) StopReplicationWithContext(ctx aws.Context, input *StopReplication return out, req.Send() } +const opStopSourceNetworkReplication = "StopSourceNetworkReplication" + +// StopSourceNetworkReplicationRequest generates a "aws/request.Request" representing the +// client's request for the StopSourceNetworkReplication operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopSourceNetworkReplication for more information on using the StopSourceNetworkReplication +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StopSourceNetworkReplicationRequest method. +// req, resp := client.StopSourceNetworkReplicationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopSourceNetworkReplication +func (c *Drs) StopSourceNetworkReplicationRequest(input *StopSourceNetworkReplicationInput) (req *request.Request, output *StopSourceNetworkReplicationOutput) { + op := &request.Operation{ + Name: opStopSourceNetworkReplication, + HTTPMethod: "POST", + HTTPPath: "/StopSourceNetworkReplication", + } + + if input == nil { + input = &StopSourceNetworkReplicationInput{} + } + + output = &StopSourceNetworkReplicationOutput{} + req = c.newRequest(op, input, output) + return +} + +// StopSourceNetworkReplication API operation for Elastic Disaster Recovery Service. +// +// Stops replication for a Source Network. This action would make the Source +// Network unprotected. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Elastic Disaster Recovery Service's +// API operation StopSourceNetworkReplication for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource for this operation was not found. +// +// - InternalServerException +// The request processing has failed because of an unknown error, exception +// or failure. +// +// - ConflictException +// The request could not be completed due to a conflict with the current state +// of the target resource. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - ValidationException +// The input fails to satisfy the constraints specified by the AWS service. +// +// - UninitializedAccountException +// The account performing the request has not been initialized. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/drs-2020-02-26/StopSourceNetworkReplication +func (c *Drs) StopSourceNetworkReplication(input *StopSourceNetworkReplicationInput) (*StopSourceNetworkReplicationOutput, error) { + req, out := c.StopSourceNetworkReplicationRequest(input) + return out, req.Send() +} + +// StopSourceNetworkReplicationWithContext is the same as StopSourceNetworkReplication with the addition of +// the ability to pass a context and additional request options. +// +// See StopSourceNetworkReplication for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Drs) StopSourceNetworkReplicationWithContext(ctx aws.Context, input *StopSourceNetworkReplicationInput, opts ...request.Option) (*StopSourceNetworkReplicationOutput, error) { + req, out := c.StopSourceNetworkReplicationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -4317,15 +5143,22 @@ func (s *Account) SetAccountID(v string) *Account { return s } -// Information about a server's CPU. -type CPU struct { +type AssociateSourceNetworkStackInput struct { _ struct{} `type:"structure"` - // The number of CPU cores. - Cores *int64 `locationName:"cores" type:"long"` + // CloudFormation template to associate with a Source Network. + // + // CfnStackName is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssociateSourceNetworkStackInput's + // String and GoString methods. + // + // CfnStackName is a required field + CfnStackName *string `locationName:"cfnStackName" min:"1" type:"string" required:"true" sensitive:"true"` - // The model name of the CPU. - ModelName *string `locationName:"modelName" type:"string"` + // The Source Network ID to associate with CloudFormation template. + // + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -4333,7 +5166,7 @@ type CPU struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CPU) String() string { +func (s AssociateSourceNetworkStackInput) String() string { return awsutil.Prettify(s) } @@ -4342,15 +5175,109 @@ func (s CPU) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CPU) GoString() string { +func (s AssociateSourceNetworkStackInput) GoString() string { return s.String() } -// SetCores sets the Cores field's value. -func (s *CPU) SetCores(v int64) *CPU { - s.Cores = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateSourceNetworkStackInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateSourceNetworkStackInput"} + if s.CfnStackName == nil { + invalidParams.Add(request.NewErrParamRequired("CfnStackName")) + } + if s.CfnStackName != nil && len(*s.CfnStackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CfnStackName", 1)) + } + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) + } + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCfnStackName sets the CfnStackName field's value. +func (s *AssociateSourceNetworkStackInput) SetCfnStackName(v string) *AssociateSourceNetworkStackInput { + s.CfnStackName = &v + return s +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *AssociateSourceNetworkStackInput) SetSourceNetworkID(v string) *AssociateSourceNetworkStackInput { + s.SourceNetworkID = &v + return s +} + +type AssociateSourceNetworkStackOutput struct { + _ struct{} `type:"structure"` + + // The Source Network association Job. + Job *Job `locationName:"job" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateSourceNetworkStackOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateSourceNetworkStackOutput) GoString() string { + return s.String() +} + +// SetJob sets the Job field's value. +func (s *AssociateSourceNetworkStackOutput) SetJob(v *Job) *AssociateSourceNetworkStackOutput { + s.Job = v + return s +} + +// Information about a server's CPU. +type CPU struct { + _ struct{} `type:"structure"` + + // The number of CPU cores. + Cores *int64 `locationName:"cores" type:"long"` + + // The model name of the CPU. + ModelName *string `locationName:"modelName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CPU) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CPU) GoString() string { + return s.String() +} + +// SetCores sets the Cores field's value. +func (s *CPU) SetCores(v int64) *CPU { + s.Cores = &v + return s +} // SetModelName sets the ModelName field's value. func (s *CPU) SetModelName(v string) *CPU { @@ -4603,6 +5530,9 @@ type CreateLaunchConfigurationTemplateInput struct { // Copy tags. CopyTags *bool `locationName:"copyTags" type:"boolean"` + // S3 bucket ARN to export Source Network templates. + ExportBucketArn *string `locationName:"exportBucketArn" min:"20" type:"string"` + // Launch disposition. LaunchDisposition *string `locationName:"launchDisposition" type:"string" enum:"LaunchDisposition"` @@ -4638,6 +5568,19 @@ func (s CreateLaunchConfigurationTemplateInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLaunchConfigurationTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLaunchConfigurationTemplateInput"} + if s.ExportBucketArn != nil && len(*s.ExportBucketArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ExportBucketArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetCopyPrivateIp sets the CopyPrivateIp field's value. func (s *CreateLaunchConfigurationTemplateInput) SetCopyPrivateIp(v bool) *CreateLaunchConfigurationTemplateInput { s.CopyPrivateIp = &v @@ -4650,6 +5593,12 @@ func (s *CreateLaunchConfigurationTemplateInput) SetCopyTags(v bool) *CreateLaun return s } +// SetExportBucketArn sets the ExportBucketArn field's value. +func (s *CreateLaunchConfigurationTemplateInput) SetExportBucketArn(v string) *CreateLaunchConfigurationTemplateInput { + s.ExportBucketArn = &v + return s +} + // SetLaunchDisposition sets the LaunchDisposition field's value. func (s *CreateLaunchConfigurationTemplateInput) SetLaunchDisposition(v string) *CreateLaunchConfigurationTemplateInput { s.LaunchDisposition = &v @@ -5153,6 +6102,130 @@ func (s *CreateReplicationConfigurationTemplateOutput) SetUseDedicatedReplicatio return s } +type CreateSourceNetworkInput struct { + _ struct{} `type:"structure"` + + // Account containing the VPC to protect. + // + // OriginAccountID is a required field + OriginAccountID *string `locationName:"originAccountID" min:"12" type:"string" required:"true"` + + // Region containing the VPC to protect. + // + // OriginRegion is a required field + OriginRegion *string `locationName:"originRegion" type:"string" required:"true"` + + // A set of tags to be associated with the Source Network resource. + // + // Tags is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateSourceNetworkInput's + // String and GoString methods. + Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` + + // Which VPC ID to protect. + // + // VpcID is a required field + VpcID *string `locationName:"vpcID" min:"12" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSourceNetworkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSourceNetworkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSourceNetworkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSourceNetworkInput"} + if s.OriginAccountID == nil { + invalidParams.Add(request.NewErrParamRequired("OriginAccountID")) + } + if s.OriginAccountID != nil && len(*s.OriginAccountID) < 12 { + invalidParams.Add(request.NewErrParamMinLen("OriginAccountID", 12)) + } + if s.OriginRegion == nil { + invalidParams.Add(request.NewErrParamRequired("OriginRegion")) + } + if s.VpcID == nil { + invalidParams.Add(request.NewErrParamRequired("VpcID")) + } + if s.VpcID != nil && len(*s.VpcID) < 12 { + invalidParams.Add(request.NewErrParamMinLen("VpcID", 12)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOriginAccountID sets the OriginAccountID field's value. +func (s *CreateSourceNetworkInput) SetOriginAccountID(v string) *CreateSourceNetworkInput { + s.OriginAccountID = &v + return s +} + +// SetOriginRegion sets the OriginRegion field's value. +func (s *CreateSourceNetworkInput) SetOriginRegion(v string) *CreateSourceNetworkInput { + s.OriginRegion = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateSourceNetworkInput) SetTags(v map[string]*string) *CreateSourceNetworkInput { + s.Tags = v + return s +} + +// SetVpcID sets the VpcID field's value. +func (s *CreateSourceNetworkInput) SetVpcID(v string) *CreateSourceNetworkInput { + s.VpcID = &v + return s +} + +type CreateSourceNetworkOutput struct { + _ struct{} `type:"structure"` + + // ID of the created Source Network. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSourceNetworkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSourceNetworkOutput) GoString() string { + return s.String() +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *CreateSourceNetworkOutput) SetSourceNetworkID(v string) *CreateSourceNetworkOutput { + s.SourceNetworkID = &v + return s +} + // Error in data replication. type DataReplicationError struct { _ struct{} `type:"structure"` @@ -5723,6 +6796,77 @@ func (s DeleteReplicationConfigurationTemplateOutput) GoString() string { return s.String() } +type DeleteSourceNetworkInput struct { + _ struct{} `type:"structure"` + + // ID of the Source Network to delete. + // + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSourceNetworkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSourceNetworkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteSourceNetworkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteSourceNetworkInput"} + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) + } + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *DeleteSourceNetworkInput) SetSourceNetworkID(v string) *DeleteSourceNetworkInput { + s.SourceNetworkID = &v + return s +} + +type DeleteSourceNetworkOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSourceNetworkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSourceNetworkOutput) GoString() string { + return s.String() +} + type DeleteSourceServerInput struct { _ struct{} `type:"structure"` @@ -6618,16 +7762,16 @@ func (s *DescribeReplicationConfigurationTemplatesOutput) SetNextToken(v string) return s } -type DescribeSourceServersInput struct { +type DescribeSourceNetworksInput struct { _ struct{} `type:"structure"` - // A set of filters by which to return Source Servers. - Filters *DescribeSourceServersRequestFilters `locationName:"filters" type:"structure"` + // A set of filters by which to return Source Networks. + Filters *DescribeSourceNetworksRequestFilters `locationName:"filters" type:"structure"` - // Maximum number of Source Servers to retrieve. + // Maximum number of Source Networks to retrieve. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token of the next Source Server to retrieve. + // The token of the next Source Networks to retrieve. NextToken *string `locationName:"nextToken" type:"string"` } @@ -6636,7 +7780,7 @@ type DescribeSourceServersInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSourceServersInput) String() string { +func (s DescribeSourceNetworksInput) String() string { return awsutil.Prettify(s) } @@ -6645,16 +7789,21 @@ func (s DescribeSourceServersInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSourceServersInput) GoString() string { +func (s DescribeSourceNetworksInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeSourceServersInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeSourceServersInput"} +func (s *DescribeSourceNetworksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSourceNetworksInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } + if s.Filters != nil { + if err := s.Filters.Validate(); err != nil { + invalidParams.AddNested("Filters", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -6663,30 +7812,30 @@ func (s *DescribeSourceServersInput) Validate() error { } // SetFilters sets the Filters field's value. -func (s *DescribeSourceServersInput) SetFilters(v *DescribeSourceServersRequestFilters) *DescribeSourceServersInput { +func (s *DescribeSourceNetworksInput) SetFilters(v *DescribeSourceNetworksRequestFilters) *DescribeSourceNetworksInput { s.Filters = v return s } // SetMaxResults sets the MaxResults field's value. -func (s *DescribeSourceServersInput) SetMaxResults(v int64) *DescribeSourceServersInput { +func (s *DescribeSourceNetworksInput) SetMaxResults(v int64) *DescribeSourceNetworksInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeSourceServersInput) SetNextToken(v string) *DescribeSourceServersInput { +func (s *DescribeSourceNetworksInput) SetNextToken(v string) *DescribeSourceNetworksInput { s.NextToken = &v return s } -type DescribeSourceServersOutput struct { +type DescribeSourceNetworksOutput struct { _ struct{} `type:"structure"` - // An array of Source Servers. - Items []*SourceServer `locationName:"items" type:"list"` + // An array of Source Networks. + Items []*SourceNetwork `locationName:"items" type:"list"` - // The token of the next Source Server to retrieve. + // The token of the next Source Networks to retrieve. NextToken *string `locationName:"nextToken" type:"string"` } @@ -6695,7 +7844,7 @@ type DescribeSourceServersOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSourceServersOutput) String() string { +func (s DescribeSourceNetworksOutput) String() string { return awsutil.Prettify(s) } @@ -6704,27 +7853,193 @@ func (s DescribeSourceServersOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSourceServersOutput) GoString() string { +func (s DescribeSourceNetworksOutput) GoString() string { return s.String() } // SetItems sets the Items field's value. -func (s *DescribeSourceServersOutput) SetItems(v []*SourceServer) *DescribeSourceServersOutput { +func (s *DescribeSourceNetworksOutput) SetItems(v []*SourceNetwork) *DescribeSourceNetworksOutput { s.Items = v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeSourceServersOutput) SetNextToken(v string) *DescribeSourceServersOutput { +func (s *DescribeSourceNetworksOutput) SetNextToken(v string) *DescribeSourceNetworksOutput { s.NextToken = &v return s } -// A set of filters by which to return Source Servers. -type DescribeSourceServersRequestFilters struct { +// A set of filters by which to return Source Networks. +type DescribeSourceNetworksRequestFilters struct { _ struct{} `type:"structure"` - // An ID that describes the hardware of the Source Server. This is either an + // Filter Source Networks by account ID containing the protected VPCs. + OriginAccountID *string `locationName:"originAccountID" min:"12" type:"string"` + + // Filter Source Networks by the region containing the protected VPCs. + OriginRegion *string `locationName:"originRegion" type:"string"` + + // An array of Source Network IDs that should be returned. An empty array means + // all Source Networks. + SourceNetworkIDs []*string `locationName:"sourceNetworkIDs" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceNetworksRequestFilters) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceNetworksRequestFilters) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeSourceNetworksRequestFilters) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSourceNetworksRequestFilters"} + if s.OriginAccountID != nil && len(*s.OriginAccountID) < 12 { + invalidParams.Add(request.NewErrParamMinLen("OriginAccountID", 12)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOriginAccountID sets the OriginAccountID field's value. +func (s *DescribeSourceNetworksRequestFilters) SetOriginAccountID(v string) *DescribeSourceNetworksRequestFilters { + s.OriginAccountID = &v + return s +} + +// SetOriginRegion sets the OriginRegion field's value. +func (s *DescribeSourceNetworksRequestFilters) SetOriginRegion(v string) *DescribeSourceNetworksRequestFilters { + s.OriginRegion = &v + return s +} + +// SetSourceNetworkIDs sets the SourceNetworkIDs field's value. +func (s *DescribeSourceNetworksRequestFilters) SetSourceNetworkIDs(v []*string) *DescribeSourceNetworksRequestFilters { + s.SourceNetworkIDs = v + return s +} + +type DescribeSourceServersInput struct { + _ struct{} `type:"structure"` + + // A set of filters by which to return Source Servers. + Filters *DescribeSourceServersRequestFilters `locationName:"filters" type:"structure"` + + // Maximum number of Source Servers to retrieve. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // The token of the next Source Server to retrieve. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceServersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceServersInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeSourceServersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSourceServersInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *DescribeSourceServersInput) SetFilters(v *DescribeSourceServersRequestFilters) *DescribeSourceServersInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeSourceServersInput) SetMaxResults(v int64) *DescribeSourceServersInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeSourceServersInput) SetNextToken(v string) *DescribeSourceServersInput { + s.NextToken = &v + return s +} + +type DescribeSourceServersOutput struct { + _ struct{} `type:"structure"` + + // An array of Source Servers. + Items []*SourceServer `locationName:"items" type:"list"` + + // The token of the next Source Server to retrieve. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceServersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSourceServersOutput) GoString() string { + return s.String() +} + +// SetItems sets the Items field's value. +func (s *DescribeSourceServersOutput) SetItems(v []*SourceServer) *DescribeSourceServersOutput { + s.Items = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeSourceServersOutput) SetNextToken(v string) *DescribeSourceServersOutput { + s.NextToken = &v + return s +} + +// A set of filters by which to return Source Servers. +type DescribeSourceServersRequestFilters struct { + _ struct{} `type:"structure"` + + // An ID that describes the hardware of the Source Server. This is either an // EC2 instance id, a VMware uuid or a mac address. HardwareId *string `locationName:"hardwareId" type:"string"` @@ -6922,6 +8237,9 @@ type DisconnectSourceServerOutput struct { // Source cloud properties of the Source Server. SourceCloudProperties *SourceCloudProperties `locationName:"sourceCloudProperties" type:"structure"` + // ID of the Source Network which is protecting this Source Server's network. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` + // The source properties of the Source Server. SourceProperties *SourceProperties `locationName:"sourceProperties" type:"structure"` @@ -7005,6 +8323,12 @@ func (s *DisconnectSourceServerOutput) SetSourceCloudProperties(v *SourceCloudPr return s } +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *DisconnectSourceServerOutput) SetSourceNetworkID(v string) *DisconnectSourceServerOutput { + s.SourceNetworkID = &v + return s +} + // SetSourceProperties sets the SourceProperties field's value. func (s *DisconnectSourceServerOutput) SetSourceProperties(v *SourceProperties) *DisconnectSourceServerOutput { s.SourceProperties = v @@ -7070,6 +8394,119 @@ func (s *Disk) SetDeviceName(v string) *Disk { return s } +// Properties of resource related to a job event. +type EventResourceData struct { + _ struct{} `type:"structure"` + + // Source Network properties. + SourceNetworkData *SourceNetworkData `locationName:"sourceNetworkData" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventResourceData) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventResourceData) GoString() string { + return s.String() +} + +// SetSourceNetworkData sets the SourceNetworkData field's value. +func (s *EventResourceData) SetSourceNetworkData(v *SourceNetworkData) *EventResourceData { + s.SourceNetworkData = v + return s +} + +type ExportSourceNetworkCfnTemplateInput struct { + _ struct{} `type:"structure"` + + // The Source Network ID to export its CloudFormation template to an S3 bucket. + // + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportSourceNetworkCfnTemplateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportSourceNetworkCfnTemplateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportSourceNetworkCfnTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportSourceNetworkCfnTemplateInput"} + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) + } + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *ExportSourceNetworkCfnTemplateInput) SetSourceNetworkID(v string) *ExportSourceNetworkCfnTemplateInput { + s.SourceNetworkID = &v + return s +} + +type ExportSourceNetworkCfnTemplateOutput struct { + _ struct{} `type:"structure"` + + // S3 bucket URL where the Source Network CloudFormation template was exported + // to. + S3DestinationUrl *string `locationName:"s3DestinationUrl" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportSourceNetworkCfnTemplateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportSourceNetworkCfnTemplateOutput) GoString() string { + return s.String() +} + +// SetS3DestinationUrl sets the S3DestinationUrl field's value. +func (s *ExportSourceNetworkCfnTemplateOutput) SetS3DestinationUrl(v string) *ExportSourceNetworkCfnTemplateOutput { + s.S3DestinationUrl = &v + return s +} + type GetFailbackReplicationConfigurationInput struct { _ struct{} `type:"structure"` @@ -7753,6 +9190,9 @@ type Job struct { // JobID is a required field JobID *string `locationName:"jobID" min:"24" type:"string" required:"true"` + // A list of resources that the Job is acting upon. + ParticipatingResources []*ParticipatingResource `locationName:"participatingResources" type:"list"` + // A list of servers that the Job is acting upon. ParticipatingServers []*ParticipatingServer `locationName:"participatingServers" type:"list"` @@ -7818,6 +9258,12 @@ func (s *Job) SetJobID(v string) *Job { return s } +// SetParticipatingResources sets the ParticipatingResources field's value. +func (s *Job) SetParticipatingResources(v []*ParticipatingResource) *Job { + s.ParticipatingResources = v + return s +} + // SetParticipatingServers sets the ParticipatingServers field's value. func (s *Job) SetParticipatingServers(v []*ParticipatingServer) *Job { s.ParticipatingServers = v @@ -7902,6 +9348,9 @@ type JobLogEventData struct { // The ID of a conversion server. ConversionServerID *string `locationName:"conversionServerID" type:"string"` + // Properties of resource related to a job event. + EventResourceData *EventResourceData `locationName:"eventResourceData" type:"structure"` + // A string representing a job error. RawError *string `locationName:"rawError" type:"string"` @@ -7942,6 +9391,12 @@ func (s *JobLogEventData) SetConversionServerID(v string) *JobLogEventData { return s } +// SetEventResourceData sets the EventResourceData field's value. +func (s *JobLogEventData) SetEventResourceData(v *EventResourceData) *JobLogEventData { + s.EventResourceData = v + return s +} + // SetRawError sets the RawError field's value. func (s *JobLogEventData) SetRawError(v string) *JobLogEventData { s.RawError = &v @@ -7973,6 +9428,9 @@ type LaunchConfigurationTemplate struct { // Copy tags. CopyTags *bool `locationName:"copyTags" type:"boolean"` + // S3 bucket ARN to export Source Network templates. + ExportBucketArn *string `locationName:"exportBucketArn" min:"20" type:"string"` + // ID of the Launch Configuration Template. LaunchConfigurationTemplateID *string `locationName:"launchConfigurationTemplateID" min:"21" type:"string"` @@ -8029,6 +9487,12 @@ func (s *LaunchConfigurationTemplate) SetCopyTags(v bool) *LaunchConfigurationTe return s } +// SetExportBucketArn sets the ExportBucketArn field's value. +func (s *LaunchConfigurationTemplate) SetExportBucketArn(v string) *LaunchConfigurationTemplate { + s.ExportBucketArn = &v + return s +} + // SetLaunchConfigurationTemplateID sets the LaunchConfigurationTemplateID field's value. func (s *LaunchConfigurationTemplate) SetLaunchConfigurationTemplateID(v string) *LaunchConfigurationTemplate { s.LaunchConfigurationTemplateID = &v @@ -8722,18 +10186,15 @@ func (s *PITPolicyRule) SetUnits(v string) *PITPolicyRule { return s } -// Represents a server participating in an asynchronous Job. -type ParticipatingServer struct { +// Represents a resource participating in an asynchronous Job. +type ParticipatingResource struct { _ struct{} `type:"structure"` - // The launch status of a participating server. + // The launch status of a participating resource. LaunchStatus *string `locationName:"launchStatus" type:"string" enum:"LaunchStatus"` - // The Recovery Instance ID of a participating server. - RecoveryInstanceID *string `locationName:"recoveryInstanceID" min:"10" type:"string"` - - // The Source Server ID of a participating server. - SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string"` + // The ID of a participating resource. + ParticipatingResourceID *ParticipatingResourceID `locationName:"participatingResourceID" type:"structure"` } // String returns the string representation. @@ -8741,7 +10202,83 @@ type ParticipatingServer struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ParticipatingServer) String() string { +func (s ParticipatingResource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParticipatingResource) GoString() string { + return s.String() +} + +// SetLaunchStatus sets the LaunchStatus field's value. +func (s *ParticipatingResource) SetLaunchStatus(v string) *ParticipatingResource { + s.LaunchStatus = &v + return s +} + +// SetParticipatingResourceID sets the ParticipatingResourceID field's value. +func (s *ParticipatingResource) SetParticipatingResourceID(v *ParticipatingResourceID) *ParticipatingResource { + s.ParticipatingResourceID = v + return s +} + +// ID of a resource participating in an asynchronous Job. +type ParticipatingResourceID struct { + _ struct{} `type:"structure"` + + // Source Network ID. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParticipatingResourceID) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParticipatingResourceID) GoString() string { + return s.String() +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *ParticipatingResourceID) SetSourceNetworkID(v string) *ParticipatingResourceID { + s.SourceNetworkID = &v + return s +} + +// Represents a server participating in an asynchronous Job. +type ParticipatingServer struct { + _ struct{} `type:"structure"` + + // The launch status of a participating server. + LaunchStatus *string `locationName:"launchStatus" type:"string" enum:"LaunchStatus"` + + // The Recovery Instance ID of a participating server. + RecoveryInstanceID *string `locationName:"recoveryInstanceID" min:"10" type:"string"` + + // The Source Server ID of a participating server. + SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParticipatingServer) String() string { return awsutil.Prettify(s) } @@ -9459,6 +10996,56 @@ func (s *RecoveryInstanceProperties) SetRamBytes(v int64) *RecoveryInstancePrope return s } +// An object representing the Source Network recovery Lifecycle. +type RecoveryLifeCycle struct { + _ struct{} `type:"structure"` + + // The date and time the last Source Network recovery was initiated. + ApiCallDateTime *time.Time `locationName:"apiCallDateTime" type:"timestamp" timestampFormat:"iso8601"` + + // The ID of the Job that was used to last recover the Source Network. + JobID *string `locationName:"jobID" min:"24" type:"string"` + + // The status of the last recovery status of this Source Network. + LastRecoveryResult *string `locationName:"lastRecoveryResult" type:"string" enum:"RecoveryResult"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RecoveryLifeCycle) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RecoveryLifeCycle) GoString() string { + return s.String() +} + +// SetApiCallDateTime sets the ApiCallDateTime field's value. +func (s *RecoveryLifeCycle) SetApiCallDateTime(v time.Time) *RecoveryLifeCycle { + s.ApiCallDateTime = &v + return s +} + +// SetJobID sets the JobID field's value. +func (s *RecoveryLifeCycle) SetJobID(v string) *RecoveryLifeCycle { + s.JobID = &v + return s +} + +// SetLastRecoveryResult sets the LastRecoveryResult field's value. +func (s *RecoveryLifeCycle) SetLastRecoveryResult(v string) *RecoveryLifeCycle { + s.LastRecoveryResult = &v + return s +} + // A snapshot of a Source Server used during recovery. type RecoverySnapshot struct { _ struct{} `type:"structure"` @@ -9954,6 +11541,9 @@ type RetryDataReplicationOutput struct { // Source cloud properties of the Source Server. SourceCloudProperties *SourceCloudProperties `locationName:"sourceCloudProperties" type:"structure"` + // ID of the Source Network which is protecting this Source Server's network. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` + // The source properties of the Source Server. SourceProperties *SourceProperties `locationName:"sourceProperties" type:"structure"` @@ -10037,6 +11627,12 @@ func (s *RetryDataReplicationOutput) SetSourceCloudProperties(v *SourceCloudProp return s } +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *RetryDataReplicationOutput) SetSourceNetworkID(v string) *RetryDataReplicationOutput { + s.SourceNetworkID = &v + return s +} + // SetSourceProperties sets the SourceProperties field's value. func (s *RetryDataReplicationOutput) SetSourceProperties(v *SourceProperties) *RetryDataReplicationOutput { s.SourceProperties = v @@ -10269,6 +11865,203 @@ func (s *SourceCloudProperties) SetOriginRegion(v string) *SourceCloudProperties return s } +// The ARN of the Source Network. +type SourceNetwork struct { + _ struct{} `type:"structure"` + + // The ARN of the Source Network. + Arn *string `locationName:"arn" min:"20" type:"string"` + + // CloudFormation stack name that was deployed for recovering the Source Network. + // + // CfnStackName is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SourceNetwork's + // String and GoString methods. + CfnStackName *string `locationName:"cfnStackName" min:"1" type:"string" sensitive:"true"` + + // An object containing information regarding the last recovery of the Source + // Network. + LastRecovery *RecoveryLifeCycle `locationName:"lastRecovery" type:"structure"` + + // ID of the recovered VPC following Source Network recovery. + LaunchedVpcID *string `locationName:"launchedVpcID" min:"12" type:"string"` + + // Status of Source Network Replication. Possible values: (a) STOPPED - Source + // Network is not replicating. (b) IN_PROGRESS - Source Network is being replicated. + // (c) PROTECTED - Source Network was replicated successfully and is being synchronized + // for changes. (d) ERROR - Source Network replication has failed + ReplicationStatus *string `locationName:"replicationStatus" type:"string" enum:"ReplicationStatus"` + + // Error details in case Source Network replication status is ERROR. + // + // ReplicationStatusDetails is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SourceNetwork's + // String and GoString methods. + ReplicationStatusDetails *string `locationName:"replicationStatusDetails" type:"string" sensitive:"true"` + + // Account ID containing the VPC protected by the Source Network. + SourceAccountID *string `locationName:"sourceAccountID" min:"12" type:"string"` + + // Source Network ID. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` + + // Region containing the VPC protected by the Source Network. + SourceRegion *string `locationName:"sourceRegion" type:"string"` + + // VPC ID protected by the Source Network. + SourceVpcID *string `locationName:"sourceVpcID" min:"12" type:"string"` + + // A list of tags associated with the Source Network. + // + // Tags is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SourceNetwork's + // String and GoString methods. + Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SourceNetwork) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SourceNetwork) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *SourceNetwork) SetArn(v string) *SourceNetwork { + s.Arn = &v + return s +} + +// SetCfnStackName sets the CfnStackName field's value. +func (s *SourceNetwork) SetCfnStackName(v string) *SourceNetwork { + s.CfnStackName = &v + return s +} + +// SetLastRecovery sets the LastRecovery field's value. +func (s *SourceNetwork) SetLastRecovery(v *RecoveryLifeCycle) *SourceNetwork { + s.LastRecovery = v + return s +} + +// SetLaunchedVpcID sets the LaunchedVpcID field's value. +func (s *SourceNetwork) SetLaunchedVpcID(v string) *SourceNetwork { + s.LaunchedVpcID = &v + return s +} + +// SetReplicationStatus sets the ReplicationStatus field's value. +func (s *SourceNetwork) SetReplicationStatus(v string) *SourceNetwork { + s.ReplicationStatus = &v + return s +} + +// SetReplicationStatusDetails sets the ReplicationStatusDetails field's value. +func (s *SourceNetwork) SetReplicationStatusDetails(v string) *SourceNetwork { + s.ReplicationStatusDetails = &v + return s +} + +// SetSourceAccountID sets the SourceAccountID field's value. +func (s *SourceNetwork) SetSourceAccountID(v string) *SourceNetwork { + s.SourceAccountID = &v + return s +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *SourceNetwork) SetSourceNetworkID(v string) *SourceNetwork { + s.SourceNetworkID = &v + return s +} + +// SetSourceRegion sets the SourceRegion field's value. +func (s *SourceNetwork) SetSourceRegion(v string) *SourceNetwork { + s.SourceRegion = &v + return s +} + +// SetSourceVpcID sets the SourceVpcID field's value. +func (s *SourceNetwork) SetSourceVpcID(v string) *SourceNetwork { + s.SourceVpcID = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *SourceNetwork) SetTags(v map[string]*string) *SourceNetwork { + s.Tags = v + return s +} + +// Properties of Source Network related to a job event. +type SourceNetworkData struct { + _ struct{} `type:"structure"` + + // Source Network ID. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` + + // VPC ID protected by the Source Network. + SourceVpc *string `locationName:"sourceVpc" min:"12" type:"string"` + + // CloudFormation stack name that was deployed for recovering the Source Network. + StackName *string `locationName:"stackName" type:"string"` + + // ID of the recovered VPC following Source Network recovery. + TargetVpc *string `locationName:"targetVpc" min:"12" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SourceNetworkData) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SourceNetworkData) GoString() string { + return s.String() +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *SourceNetworkData) SetSourceNetworkID(v string) *SourceNetworkData { + s.SourceNetworkID = &v + return s +} + +// SetSourceVpc sets the SourceVpc field's value. +func (s *SourceNetworkData) SetSourceVpc(v string) *SourceNetworkData { + s.SourceVpc = &v + return s +} + +// SetStackName sets the StackName field's value. +func (s *SourceNetworkData) SetStackName(v string) *SourceNetworkData { + s.StackName = &v + return s +} + +// SetTargetVpc sets the TargetVpc field's value. +func (s *SourceNetworkData) SetTargetVpc(v string) *SourceNetworkData { + s.TargetVpc = &v + return s +} + // Properties of the Source Server machine. type SourceProperties struct { _ struct{} `type:"structure"` @@ -10403,6 +12196,9 @@ type SourceServer struct { // Source cloud properties of the Source Server. SourceCloudProperties *SourceCloudProperties `locationName:"sourceCloudProperties" type:"structure"` + // ID of the Source Network which is protecting this Source Server's network. + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string"` + // The source properties of the Source Server. SourceProperties *SourceProperties `locationName:"sourceProperties" type:"structure"` @@ -10486,6 +12282,12 @@ func (s *SourceServer) SetSourceCloudProperties(v *SourceCloudProperties) *Sourc return s } +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *SourceServer) SetSourceNetworkID(v string) *SourceServer { + s.SourceNetworkID = &v + return s +} + // SetSourceProperties sets the SourceProperties field's value. func (s *SourceServer) SetSourceProperties(v *SourceProperties) *SourceServer { s.SourceProperties = v @@ -10619,32 +12421,293 @@ func (s *StagingSourceServer) SetArn(v string) *StagingSourceServer { return s } -// SetHostname sets the Hostname field's value. -func (s *StagingSourceServer) SetHostname(v string) *StagingSourceServer { - s.Hostname = &v +// SetHostname sets the Hostname field's value. +func (s *StagingSourceServer) SetHostname(v string) *StagingSourceServer { + s.Hostname = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *StagingSourceServer) SetTags(v map[string]*string) *StagingSourceServer { + s.Tags = v + return s +} + +type StartFailbackLaunchInput struct { + _ struct{} `type:"structure"` + + // The IDs of the Recovery Instance whose failback launch we want to request. + // + // RecoveryInstanceIDs is a required field + RecoveryInstanceIDs []*string `locationName:"recoveryInstanceIDs" min:"1" type:"list" required:"true"` + + // The tags to be associated with the failback launch Job. + // + // Tags is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartFailbackLaunchInput's + // String and GoString methods. + Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartFailbackLaunchInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartFailbackLaunchInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartFailbackLaunchInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartFailbackLaunchInput"} + if s.RecoveryInstanceIDs == nil { + invalidParams.Add(request.NewErrParamRequired("RecoveryInstanceIDs")) + } + if s.RecoveryInstanceIDs != nil && len(s.RecoveryInstanceIDs) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RecoveryInstanceIDs", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetRecoveryInstanceIDs sets the RecoveryInstanceIDs field's value. +func (s *StartFailbackLaunchInput) SetRecoveryInstanceIDs(v []*string) *StartFailbackLaunchInput { + s.RecoveryInstanceIDs = v + return s +} + +// SetTags sets the Tags field's value. +func (s *StartFailbackLaunchInput) SetTags(v map[string]*string) *StartFailbackLaunchInput { + s.Tags = v + return s +} + +type StartFailbackLaunchOutput struct { + _ struct{} `type:"structure"` + + // The failback launch Job. + Job *Job `locationName:"job" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartFailbackLaunchOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartFailbackLaunchOutput) GoString() string { + return s.String() +} + +// SetJob sets the Job field's value. +func (s *StartFailbackLaunchOutput) SetJob(v *Job) *StartFailbackLaunchOutput { + s.Job = v + return s +} + +type StartRecoveryInput struct { + _ struct{} `type:"structure"` + + // Whether this Source Server Recovery operation is a drill or not. + IsDrill *bool `locationName:"isDrill" type:"boolean"` + + // The Source Servers that we want to start a Recovery Job for. + // + // SourceServers is a required field + SourceServers []*StartRecoveryRequestSourceServer `locationName:"sourceServers" min:"1" type:"list" required:"true"` + + // The tags to be associated with the Recovery Job. + // + // Tags is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartRecoveryInput's + // String and GoString methods. + Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartRecoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartRecoveryInput"} + if s.SourceServers == nil { + invalidParams.Add(request.NewErrParamRequired("SourceServers")) + } + if s.SourceServers != nil && len(s.SourceServers) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SourceServers", 1)) + } + if s.SourceServers != nil { + for i, v := range s.SourceServers { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SourceServers", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIsDrill sets the IsDrill field's value. +func (s *StartRecoveryInput) SetIsDrill(v bool) *StartRecoveryInput { + s.IsDrill = &v + return s +} + +// SetSourceServers sets the SourceServers field's value. +func (s *StartRecoveryInput) SetSourceServers(v []*StartRecoveryRequestSourceServer) *StartRecoveryInput { + s.SourceServers = v + return s +} + +// SetTags sets the Tags field's value. +func (s *StartRecoveryInput) SetTags(v map[string]*string) *StartRecoveryInput { + s.Tags = v + return s +} + +type StartRecoveryOutput struct { + _ struct{} `type:"structure"` + + // The Recovery Job. + Job *Job `locationName:"job" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryOutput) GoString() string { + return s.String() +} + +// SetJob sets the Job field's value. +func (s *StartRecoveryOutput) SetJob(v *Job) *StartRecoveryOutput { + s.Job = v + return s +} + +// An object representing the Source Server to recover. +type StartRecoveryRequestSourceServer struct { + _ struct{} `type:"structure"` + + // The ID of a Recovery Snapshot we want to recover from. Omit this field to + // launch from the latest data by taking an on-demand snapshot. + RecoverySnapshotID *string `locationName:"recoverySnapshotID" min:"21" type:"string"` + + // The ID of the Source Server you want to recover. + // + // SourceServerID is a required field + SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryRequestSourceServer) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartRecoveryRequestSourceServer) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartRecoveryRequestSourceServer) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartRecoveryRequestSourceServer"} + if s.RecoverySnapshotID != nil && len(*s.RecoverySnapshotID) < 21 { + invalidParams.Add(request.NewErrParamMinLen("RecoverySnapshotID", 21)) + } + if s.SourceServerID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceServerID")) + } + if s.SourceServerID != nil && len(*s.SourceServerID) < 19 { + invalidParams.Add(request.NewErrParamMinLen("SourceServerID", 19)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetRecoverySnapshotID sets the RecoverySnapshotID field's value. +func (s *StartRecoveryRequestSourceServer) SetRecoverySnapshotID(v string) *StartRecoveryRequestSourceServer { + s.RecoverySnapshotID = &v return s } -// SetTags sets the Tags field's value. -func (s *StagingSourceServer) SetTags(v map[string]*string) *StagingSourceServer { - s.Tags = v +// SetSourceServerID sets the SourceServerID field's value. +func (s *StartRecoveryRequestSourceServer) SetSourceServerID(v string) *StartRecoveryRequestSourceServer { + s.SourceServerID = &v return s } -type StartFailbackLaunchInput struct { +type StartReplicationInput struct { _ struct{} `type:"structure"` - // The IDs of the Recovery Instance whose failback launch we want to request. - // - // RecoveryInstanceIDs is a required field - RecoveryInstanceIDs []*string `locationName:"recoveryInstanceIDs" min:"1" type:"list" required:"true"` - - // The tags to be associated with the failback launch Job. + // The ID of the Source Server to start replication for. // - // Tags is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by StartFailbackLaunchInput's - // String and GoString methods. - Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` + // SourceServerID is a required field + SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string" required:"true"` } // String returns the string representation. @@ -10652,7 +12715,7 @@ type StartFailbackLaunchInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartFailbackLaunchInput) String() string { +func (s StartReplicationInput) String() string { return awsutil.Prettify(s) } @@ -10661,18 +12724,18 @@ func (s StartFailbackLaunchInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartFailbackLaunchInput) GoString() string { +func (s StartReplicationInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *StartFailbackLaunchInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "StartFailbackLaunchInput"} - if s.RecoveryInstanceIDs == nil { - invalidParams.Add(request.NewErrParamRequired("RecoveryInstanceIDs")) +func (s *StartReplicationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartReplicationInput"} + if s.SourceServerID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceServerID")) } - if s.RecoveryInstanceIDs != nil && len(s.RecoveryInstanceIDs) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RecoveryInstanceIDs", 1)) + if s.SourceServerID != nil && len(*s.SourceServerID) < 19 { + invalidParams.Add(request.NewErrParamMinLen("SourceServerID", 19)) } if invalidParams.Len() > 0 { @@ -10681,23 +12744,17 @@ func (s *StartFailbackLaunchInput) Validate() error { return nil } -// SetRecoveryInstanceIDs sets the RecoveryInstanceIDs field's value. -func (s *StartFailbackLaunchInput) SetRecoveryInstanceIDs(v []*string) *StartFailbackLaunchInput { - s.RecoveryInstanceIDs = v - return s -} - -// SetTags sets the Tags field's value. -func (s *StartFailbackLaunchInput) SetTags(v map[string]*string) *StartFailbackLaunchInput { - s.Tags = v +// SetSourceServerID sets the SourceServerID field's value. +func (s *StartReplicationInput) SetSourceServerID(v string) *StartReplicationInput { + s.SourceServerID = &v return s } -type StartFailbackLaunchOutput struct { +type StartReplicationOutput struct { _ struct{} `type:"structure"` - // The failback launch Job. - Job *Job `locationName:"job" type:"structure"` + // The Source Server that this action was targeted on. + SourceServer *SourceServer `locationName:"sourceServer" type:"structure"` } // String returns the string representation. @@ -10705,7 +12762,7 @@ type StartFailbackLaunchOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartFailbackLaunchOutput) String() string { +func (s StartReplicationOutput) String() string { return awsutil.Prettify(s) } @@ -10714,31 +12771,32 @@ func (s StartFailbackLaunchOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartFailbackLaunchOutput) GoString() string { +func (s StartReplicationOutput) GoString() string { return s.String() } -// SetJob sets the Job field's value. -func (s *StartFailbackLaunchOutput) SetJob(v *Job) *StartFailbackLaunchOutput { - s.Job = v +// SetSourceServer sets the SourceServer field's value. +func (s *StartReplicationOutput) SetSourceServer(v *SourceServer) *StartReplicationOutput { + s.SourceServer = v return s } -type StartRecoveryInput struct { +type StartSourceNetworkRecoveryInput struct { _ struct{} `type:"structure"` - // Whether this Source Server Recovery operation is a drill or not. - IsDrill *bool `locationName:"isDrill" type:"boolean"` + // Don't update existing CloudFormation Stack, recover the network using a new + // stack. + DeployAsNew *bool `locationName:"deployAsNew" type:"boolean"` - // The Source Servers that we want to start a Recovery Job for. + // The Source Networks that we want to start a Recovery Job for. // - // SourceServers is a required field - SourceServers []*StartRecoveryRequestSourceServer `locationName:"sourceServers" min:"1" type:"list" required:"true"` + // SourceNetworks is a required field + SourceNetworks []*StartSourceNetworkRecoveryRequestNetworkEntry `locationName:"sourceNetworks" min:"1" type:"list" required:"true"` - // The tags to be associated with the Recovery Job. + // The tags to be associated with the Source Network recovery Job. // // Tags is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by StartRecoveryInput's + // replaced with "sensitive" in string returned by StartSourceNetworkRecoveryInput's // String and GoString methods. Tags map[string]*string `locationName:"tags" type:"map" sensitive:"true"` } @@ -10748,7 +12806,7 @@ type StartRecoveryInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryInput) String() string { +func (s StartSourceNetworkRecoveryInput) String() string { return awsutil.Prettify(s) } @@ -10757,26 +12815,26 @@ func (s StartRecoveryInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryInput) GoString() string { +func (s StartSourceNetworkRecoveryInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *StartRecoveryInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "StartRecoveryInput"} - if s.SourceServers == nil { - invalidParams.Add(request.NewErrParamRequired("SourceServers")) +func (s *StartSourceNetworkRecoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartSourceNetworkRecoveryInput"} + if s.SourceNetworks == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworks")) } - if s.SourceServers != nil && len(s.SourceServers) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SourceServers", 1)) + if s.SourceNetworks != nil && len(s.SourceNetworks) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworks", 1)) } - if s.SourceServers != nil { - for i, v := range s.SourceServers { + if s.SourceNetworks != nil { + for i, v := range s.SourceNetworks { if v == nil { continue } if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SourceServers", i), err.(request.ErrInvalidParams)) + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SourceNetworks", i), err.(request.ErrInvalidParams)) } } } @@ -10787,28 +12845,28 @@ func (s *StartRecoveryInput) Validate() error { return nil } -// SetIsDrill sets the IsDrill field's value. -func (s *StartRecoveryInput) SetIsDrill(v bool) *StartRecoveryInput { - s.IsDrill = &v +// SetDeployAsNew sets the DeployAsNew field's value. +func (s *StartSourceNetworkRecoveryInput) SetDeployAsNew(v bool) *StartSourceNetworkRecoveryInput { + s.DeployAsNew = &v return s } -// SetSourceServers sets the SourceServers field's value. -func (s *StartRecoveryInput) SetSourceServers(v []*StartRecoveryRequestSourceServer) *StartRecoveryInput { - s.SourceServers = v +// SetSourceNetworks sets the SourceNetworks field's value. +func (s *StartSourceNetworkRecoveryInput) SetSourceNetworks(v []*StartSourceNetworkRecoveryRequestNetworkEntry) *StartSourceNetworkRecoveryInput { + s.SourceNetworks = v return s } // SetTags sets the Tags field's value. -func (s *StartRecoveryInput) SetTags(v map[string]*string) *StartRecoveryInput { +func (s *StartSourceNetworkRecoveryInput) SetTags(v map[string]*string) *StartSourceNetworkRecoveryInput { s.Tags = v return s } -type StartRecoveryOutput struct { +type StartSourceNetworkRecoveryOutput struct { _ struct{} `type:"structure"` - // The Recovery Job. + // The Source Network recovery Job. Job *Job `locationName:"job" type:"structure"` } @@ -10817,7 +12875,7 @@ type StartRecoveryOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryOutput) String() string { +func (s StartSourceNetworkRecoveryOutput) String() string { return awsutil.Prettify(s) } @@ -10826,28 +12884,31 @@ func (s StartRecoveryOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryOutput) GoString() string { +func (s StartSourceNetworkRecoveryOutput) GoString() string { return s.String() } // SetJob sets the Job field's value. -func (s *StartRecoveryOutput) SetJob(v *Job) *StartRecoveryOutput { +func (s *StartSourceNetworkRecoveryOutput) SetJob(v *Job) *StartSourceNetworkRecoveryOutput { s.Job = v return s } -// An object representing the Source Server to recover. -type StartRecoveryRequestSourceServer struct { +// An object representing the Source Network to recover. +type StartSourceNetworkRecoveryRequestNetworkEntry struct { _ struct{} `type:"structure"` - // The ID of a Recovery Snapshot we want to recover from. Omit this field to - // launch from the latest data by taking an on-demand snapshot. - RecoverySnapshotID *string `locationName:"recoverySnapshotID" min:"21" type:"string"` + // CloudFormation stack name to be used for recovering the network. + // + // CfnStackName is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartSourceNetworkRecoveryRequestNetworkEntry's + // String and GoString methods. + CfnStackName *string `locationName:"cfnStackName" min:"1" type:"string" sensitive:"true"` - // The ID of the Source Server you want to recover. + // The ID of the Source Network you want to recover. // - // SourceServerID is a required field - SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string" required:"true"` + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -10855,7 +12916,7 @@ type StartRecoveryRequestSourceServer struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryRequestSourceServer) String() string { +func (s StartSourceNetworkRecoveryRequestNetworkEntry) String() string { return awsutil.Prettify(s) } @@ -10864,21 +12925,21 @@ func (s StartRecoveryRequestSourceServer) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartRecoveryRequestSourceServer) GoString() string { +func (s StartSourceNetworkRecoveryRequestNetworkEntry) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *StartRecoveryRequestSourceServer) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "StartRecoveryRequestSourceServer"} - if s.RecoverySnapshotID != nil && len(*s.RecoverySnapshotID) < 21 { - invalidParams.Add(request.NewErrParamMinLen("RecoverySnapshotID", 21)) +func (s *StartSourceNetworkRecoveryRequestNetworkEntry) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartSourceNetworkRecoveryRequestNetworkEntry"} + if s.CfnStackName != nil && len(*s.CfnStackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CfnStackName", 1)) } - if s.SourceServerID == nil { - invalidParams.Add(request.NewErrParamRequired("SourceServerID")) + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) } - if s.SourceServerID != nil && len(*s.SourceServerID) < 19 { - invalidParams.Add(request.NewErrParamMinLen("SourceServerID", 19)) + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) } if invalidParams.Len() > 0 { @@ -10887,25 +12948,25 @@ func (s *StartRecoveryRequestSourceServer) Validate() error { return nil } -// SetRecoverySnapshotID sets the RecoverySnapshotID field's value. -func (s *StartRecoveryRequestSourceServer) SetRecoverySnapshotID(v string) *StartRecoveryRequestSourceServer { - s.RecoverySnapshotID = &v +// SetCfnStackName sets the CfnStackName field's value. +func (s *StartSourceNetworkRecoveryRequestNetworkEntry) SetCfnStackName(v string) *StartSourceNetworkRecoveryRequestNetworkEntry { + s.CfnStackName = &v return s } -// SetSourceServerID sets the SourceServerID field's value. -func (s *StartRecoveryRequestSourceServer) SetSourceServerID(v string) *StartRecoveryRequestSourceServer { - s.SourceServerID = &v +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *StartSourceNetworkRecoveryRequestNetworkEntry) SetSourceNetworkID(v string) *StartSourceNetworkRecoveryRequestNetworkEntry { + s.SourceNetworkID = &v return s } -type StartReplicationInput struct { +type StartSourceNetworkReplicationInput struct { _ struct{} `type:"structure"` - // The ID of the Source Server to start replication for. + // ID of the Source Network to replicate. // - // SourceServerID is a required field - SourceServerID *string `locationName:"sourceServerID" min:"19" type:"string" required:"true"` + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -10913,7 +12974,7 @@ type StartReplicationInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartReplicationInput) String() string { +func (s StartSourceNetworkReplicationInput) String() string { return awsutil.Prettify(s) } @@ -10922,18 +12983,18 @@ func (s StartReplicationInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartReplicationInput) GoString() string { +func (s StartSourceNetworkReplicationInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *StartReplicationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "StartReplicationInput"} - if s.SourceServerID == nil { - invalidParams.Add(request.NewErrParamRequired("SourceServerID")) +func (s *StartSourceNetworkReplicationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartSourceNetworkReplicationInput"} + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) } - if s.SourceServerID != nil && len(*s.SourceServerID) < 19 { - invalidParams.Add(request.NewErrParamMinLen("SourceServerID", 19)) + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) } if invalidParams.Len() > 0 { @@ -10942,17 +13003,17 @@ func (s *StartReplicationInput) Validate() error { return nil } -// SetSourceServerID sets the SourceServerID field's value. -func (s *StartReplicationInput) SetSourceServerID(v string) *StartReplicationInput { - s.SourceServerID = &v +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *StartSourceNetworkReplicationInput) SetSourceNetworkID(v string) *StartSourceNetworkReplicationInput { + s.SourceNetworkID = &v return s } -type StartReplicationOutput struct { +type StartSourceNetworkReplicationOutput struct { _ struct{} `type:"structure"` - // The Source Server that this action was targeted on. - SourceServer *SourceServer `locationName:"sourceServer" type:"structure"` + // Source Network which was requested for replication. + SourceNetwork *SourceNetwork `locationName:"sourceNetwork" type:"structure"` } // String returns the string representation. @@ -10960,7 +13021,7 @@ type StartReplicationOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartReplicationOutput) String() string { +func (s StartSourceNetworkReplicationOutput) String() string { return awsutil.Prettify(s) } @@ -10969,13 +13030,13 @@ func (s StartReplicationOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s StartReplicationOutput) GoString() string { +func (s StartSourceNetworkReplicationOutput) GoString() string { return s.String() } -// SetSourceServer sets the SourceServer field's value. -func (s *StartReplicationOutput) SetSourceServer(v *SourceServer) *StartReplicationOutput { - s.SourceServer = v +// SetSourceNetwork sets the SourceNetwork field's value. +func (s *StartSourceNetworkReplicationOutput) SetSourceNetwork(v *SourceNetwork) *StartSourceNetworkReplicationOutput { + s.SourceNetwork = v return s } @@ -11130,6 +13191,86 @@ func (s *StopReplicationOutput) SetSourceServer(v *SourceServer) *StopReplicatio return s } +type StopSourceNetworkReplicationInput struct { + _ struct{} `type:"structure"` + + // ID of the Source Network to stop replication. + // + // SourceNetworkID is a required field + SourceNetworkID *string `locationName:"sourceNetworkID" min:"20" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StopSourceNetworkReplicationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StopSourceNetworkReplicationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StopSourceNetworkReplicationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StopSourceNetworkReplicationInput"} + if s.SourceNetworkID == nil { + invalidParams.Add(request.NewErrParamRequired("SourceNetworkID")) + } + if s.SourceNetworkID != nil && len(*s.SourceNetworkID) < 20 { + invalidParams.Add(request.NewErrParamMinLen("SourceNetworkID", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSourceNetworkID sets the SourceNetworkID field's value. +func (s *StopSourceNetworkReplicationInput) SetSourceNetworkID(v string) *StopSourceNetworkReplicationInput { + s.SourceNetworkID = &v + return s +} + +type StopSourceNetworkReplicationOutput struct { + _ struct{} `type:"structure"` + + // Source Network which was requested to stop replication. + SourceNetwork *SourceNetwork `locationName:"sourceNetwork" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StopSourceNetworkReplicationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StopSourceNetworkReplicationOutput) GoString() string { + return s.String() +} + +// SetSourceNetwork sets the SourceNetwork field's value. +func (s *StopSourceNetworkReplicationOutput) SetSourceNetwork(v *SourceNetwork) *StopSourceNetworkReplicationOutput { + s.SourceNetwork = v + return s +} + type TagResourceInput struct { _ struct{} `type:"structure"` @@ -11839,6 +13980,9 @@ type UpdateLaunchConfigurationTemplateInput struct { // Copy tags. CopyTags *bool `locationName:"copyTags" type:"boolean"` + // S3 bucket ARN to export Source Network templates. + ExportBucketArn *string `locationName:"exportBucketArn" min:"20" type:"string"` + // Launch Configuration Template ID. // // LaunchConfigurationTemplateID is a required field @@ -11875,6 +14019,9 @@ func (s UpdateLaunchConfigurationTemplateInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateLaunchConfigurationTemplateInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateLaunchConfigurationTemplateInput"} + if s.ExportBucketArn != nil && len(*s.ExportBucketArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ExportBucketArn", 20)) + } if s.LaunchConfigurationTemplateID == nil { invalidParams.Add(request.NewErrParamRequired("LaunchConfigurationTemplateID")) } @@ -11900,6 +14047,12 @@ func (s *UpdateLaunchConfigurationTemplateInput) SetCopyTags(v bool) *UpdateLaun return s } +// SetExportBucketArn sets the ExportBucketArn field's value. +func (s *UpdateLaunchConfigurationTemplateInput) SetExportBucketArn(v string) *UpdateLaunchConfigurationTemplateInput { + s.ExportBucketArn = &v + return s +} + // SetLaunchConfigurationTemplateID sets the LaunchConfigurationTemplateID field's value. func (s *UpdateLaunchConfigurationTemplateInput) SetLaunchConfigurationTemplateID(v string) *UpdateLaunchConfigurationTemplateInput { s.LaunchConfigurationTemplateID = &v @@ -13283,6 +15436,15 @@ const ( // InitiatedByTargetAccount is a InitiatedBy enum value InitiatedByTargetAccount = "TARGET_ACCOUNT" + + // InitiatedByCreateNetworkRecovery is a InitiatedBy enum value + InitiatedByCreateNetworkRecovery = "CREATE_NETWORK_RECOVERY" + + // InitiatedByUpdateNetworkRecovery is a InitiatedBy enum value + InitiatedByUpdateNetworkRecovery = "UPDATE_NETWORK_RECOVERY" + + // InitiatedByAssociateNetworkRecovery is a InitiatedBy enum value + InitiatedByAssociateNetworkRecovery = "ASSOCIATE_NETWORK_RECOVERY" ) // InitiatedBy_Values returns all elements of the InitiatedBy enum @@ -13294,6 +15456,9 @@ func InitiatedBy_Values() []string { InitiatedByDiagnostic, InitiatedByTerminateRecoveryInstances, InitiatedByTargetAccount, + InitiatedByCreateNetworkRecovery, + InitiatedByUpdateNetworkRecovery, + InitiatedByAssociateNetworkRecovery, } } @@ -13348,6 +15513,36 @@ const ( // JobLogEventJobEnd is a JobLogEvent enum value JobLogEventJobEnd = "JOB_END" + + // JobLogEventDeployNetworkConfigurationStart is a JobLogEvent enum value + JobLogEventDeployNetworkConfigurationStart = "DEPLOY_NETWORK_CONFIGURATION_START" + + // JobLogEventDeployNetworkConfigurationEnd is a JobLogEvent enum value + JobLogEventDeployNetworkConfigurationEnd = "DEPLOY_NETWORK_CONFIGURATION_END" + + // JobLogEventDeployNetworkConfigurationFailed is a JobLogEvent enum value + JobLogEventDeployNetworkConfigurationFailed = "DEPLOY_NETWORK_CONFIGURATION_FAILED" + + // JobLogEventUpdateNetworkConfigurationStart is a JobLogEvent enum value + JobLogEventUpdateNetworkConfigurationStart = "UPDATE_NETWORK_CONFIGURATION_START" + + // JobLogEventUpdateNetworkConfigurationEnd is a JobLogEvent enum value + JobLogEventUpdateNetworkConfigurationEnd = "UPDATE_NETWORK_CONFIGURATION_END" + + // JobLogEventUpdateNetworkConfigurationFailed is a JobLogEvent enum value + JobLogEventUpdateNetworkConfigurationFailed = "UPDATE_NETWORK_CONFIGURATION_FAILED" + + // JobLogEventUpdateLaunchTemplateStart is a JobLogEvent enum value + JobLogEventUpdateLaunchTemplateStart = "UPDATE_LAUNCH_TEMPLATE_START" + + // JobLogEventUpdateLaunchTemplateEnd is a JobLogEvent enum value + JobLogEventUpdateLaunchTemplateEnd = "UPDATE_LAUNCH_TEMPLATE_END" + + // JobLogEventUpdateLaunchTemplateFailed is a JobLogEvent enum value + JobLogEventUpdateLaunchTemplateFailed = "UPDATE_LAUNCH_TEMPLATE_FAILED" + + // JobLogEventNetworkRecoveryFail is a JobLogEvent enum value + JobLogEventNetworkRecoveryFail = "NETWORK_RECOVERY_FAIL" ) // JobLogEvent_Values returns all elements of the JobLogEvent enum @@ -13370,6 +15565,16 @@ func JobLogEvent_Values() []string { JobLogEventLaunchFailed, JobLogEventJobCancel, JobLogEventJobEnd, + JobLogEventDeployNetworkConfigurationStart, + JobLogEventDeployNetworkConfigurationEnd, + JobLogEventDeployNetworkConfigurationFailed, + JobLogEventUpdateNetworkConfigurationStart, + JobLogEventUpdateNetworkConfigurationEnd, + JobLogEventUpdateNetworkConfigurationFailed, + JobLogEventUpdateLaunchTemplateStart, + JobLogEventUpdateLaunchTemplateEnd, + JobLogEventUpdateLaunchTemplateFailed, + JobLogEventNetworkRecoveryFail, } } @@ -13697,6 +15902,42 @@ func RecoveryInstanceDataReplicationState_Values() []string { } } +const ( + // RecoveryResultNotStarted is a RecoveryResult enum value + RecoveryResultNotStarted = "NOT_STARTED" + + // RecoveryResultInProgress is a RecoveryResult enum value + RecoveryResultInProgress = "IN_PROGRESS" + + // RecoveryResultSuccess is a RecoveryResult enum value + RecoveryResultSuccess = "SUCCESS" + + // RecoveryResultFail is a RecoveryResult enum value + RecoveryResultFail = "FAIL" + + // RecoveryResultPartialSuccess is a RecoveryResult enum value + RecoveryResultPartialSuccess = "PARTIAL_SUCCESS" + + // RecoveryResultAssociateSuccess is a RecoveryResult enum value + RecoveryResultAssociateSuccess = "ASSOCIATE_SUCCESS" + + // RecoveryResultAssociateFail is a RecoveryResult enum value + RecoveryResultAssociateFail = "ASSOCIATE_FAIL" +) + +// RecoveryResult_Values returns all elements of the RecoveryResult enum +func RecoveryResult_Values() []string { + return []string{ + RecoveryResultNotStarted, + RecoveryResultInProgress, + RecoveryResultSuccess, + RecoveryResultFail, + RecoveryResultPartialSuccess, + RecoveryResultAssociateSuccess, + RecoveryResultAssociateFail, + } +} + const ( // RecoverySnapshotsOrderAsc is a RecoverySnapshotsOrder enum value RecoverySnapshotsOrderAsc = "ASC" @@ -13759,6 +16000,9 @@ const ( // ReplicationConfigurationEbsEncryptionCustom is a ReplicationConfigurationEbsEncryption enum value ReplicationConfigurationEbsEncryptionCustom = "CUSTOM" + + // ReplicationConfigurationEbsEncryptionNone is a ReplicationConfigurationEbsEncryption enum value + ReplicationConfigurationEbsEncryptionNone = "NONE" ) // ReplicationConfigurationEbsEncryption_Values returns all elements of the ReplicationConfigurationEbsEncryption enum @@ -13766,6 +16010,7 @@ func ReplicationConfigurationEbsEncryption_Values() []string { return []string{ ReplicationConfigurationEbsEncryptionDefault, ReplicationConfigurationEbsEncryptionCustom, + ReplicationConfigurationEbsEncryptionNone, } } @@ -13827,6 +16072,30 @@ func ReplicationDirection_Values() []string { } } +const ( + // ReplicationStatusStopped is a ReplicationStatus enum value + ReplicationStatusStopped = "STOPPED" + + // ReplicationStatusInProgress is a ReplicationStatus enum value + ReplicationStatusInProgress = "IN_PROGRESS" + + // ReplicationStatusProtected is a ReplicationStatus enum value + ReplicationStatusProtected = "PROTECTED" + + // ReplicationStatusError is a ReplicationStatus enum value + ReplicationStatusError = "ERROR" +) + +// ReplicationStatus_Values returns all elements of the ReplicationStatus enum +func ReplicationStatus_Values() []string { + return []string{ + ReplicationStatusStopped, + ReplicationStatusInProgress, + ReplicationStatusProtected, + ReplicationStatusError, + } +} + const ( // TargetInstanceTypeRightSizingMethodNone is a TargetInstanceTypeRightSizingMethod enum value TargetInstanceTypeRightSizingMethodNone = "NONE" diff --git a/service/drs/drsiface/interface.go b/service/drs/drsiface/interface.go index 7df8790b134..262f0ec104f 100644 --- a/service/drs/drsiface/interface.go +++ b/service/drs/drsiface/interface.go @@ -26,7 +26,7 @@ import ( // // myFunc uses an SDK service client to make a request to // // Elastic Disaster Recovery Service. // func myFunc(svc drsiface.DrsAPI) bool { -// // Make svc.CreateExtendedSourceServer request +// // Make svc.AssociateSourceNetworkStack request // } // // func main() { @@ -42,7 +42,7 @@ import ( // type mockDrsClient struct { // drsiface.DrsAPI // } -// func (m *mockDrsClient) CreateExtendedSourceServer(input *drs.CreateExtendedSourceServerInput) (*drs.CreateExtendedSourceServerOutput, error) { +// func (m *mockDrsClient) AssociateSourceNetworkStack(input *drs.AssociateSourceNetworkStackInput) (*drs.AssociateSourceNetworkStackOutput, error) { // // mock response/functionality // } // @@ -60,6 +60,10 @@ import ( // and waiters. Its suggested to use the pattern above for testing, or using // tooling to generate mocks to satisfy the interfaces. type DrsAPI interface { + AssociateSourceNetworkStack(*drs.AssociateSourceNetworkStackInput) (*drs.AssociateSourceNetworkStackOutput, error) + AssociateSourceNetworkStackWithContext(aws.Context, *drs.AssociateSourceNetworkStackInput, ...request.Option) (*drs.AssociateSourceNetworkStackOutput, error) + AssociateSourceNetworkStackRequest(*drs.AssociateSourceNetworkStackInput) (*request.Request, *drs.AssociateSourceNetworkStackOutput) + CreateExtendedSourceServer(*drs.CreateExtendedSourceServerInput) (*drs.CreateExtendedSourceServerOutput, error) CreateExtendedSourceServerWithContext(aws.Context, *drs.CreateExtendedSourceServerInput, ...request.Option) (*drs.CreateExtendedSourceServerOutput, error) CreateExtendedSourceServerRequest(*drs.CreateExtendedSourceServerInput) (*request.Request, *drs.CreateExtendedSourceServerOutput) @@ -72,6 +76,10 @@ type DrsAPI interface { CreateReplicationConfigurationTemplateWithContext(aws.Context, *drs.CreateReplicationConfigurationTemplateInput, ...request.Option) (*drs.CreateReplicationConfigurationTemplateOutput, error) CreateReplicationConfigurationTemplateRequest(*drs.CreateReplicationConfigurationTemplateInput) (*request.Request, *drs.CreateReplicationConfigurationTemplateOutput) + CreateSourceNetwork(*drs.CreateSourceNetworkInput) (*drs.CreateSourceNetworkOutput, error) + CreateSourceNetworkWithContext(aws.Context, *drs.CreateSourceNetworkInput, ...request.Option) (*drs.CreateSourceNetworkOutput, error) + CreateSourceNetworkRequest(*drs.CreateSourceNetworkInput) (*request.Request, *drs.CreateSourceNetworkOutput) + DeleteJob(*drs.DeleteJobInput) (*drs.DeleteJobOutput, error) DeleteJobWithContext(aws.Context, *drs.DeleteJobInput, ...request.Option) (*drs.DeleteJobOutput, error) DeleteJobRequest(*drs.DeleteJobInput) (*request.Request, *drs.DeleteJobOutput) @@ -88,6 +96,10 @@ type DrsAPI interface { DeleteReplicationConfigurationTemplateWithContext(aws.Context, *drs.DeleteReplicationConfigurationTemplateInput, ...request.Option) (*drs.DeleteReplicationConfigurationTemplateOutput, error) DeleteReplicationConfigurationTemplateRequest(*drs.DeleteReplicationConfigurationTemplateInput) (*request.Request, *drs.DeleteReplicationConfigurationTemplateOutput) + DeleteSourceNetwork(*drs.DeleteSourceNetworkInput) (*drs.DeleteSourceNetworkOutput, error) + DeleteSourceNetworkWithContext(aws.Context, *drs.DeleteSourceNetworkInput, ...request.Option) (*drs.DeleteSourceNetworkOutput, error) + DeleteSourceNetworkRequest(*drs.DeleteSourceNetworkInput) (*request.Request, *drs.DeleteSourceNetworkOutput) + DeleteSourceServer(*drs.DeleteSourceServerInput) (*drs.DeleteSourceServerOutput, error) DeleteSourceServerWithContext(aws.Context, *drs.DeleteSourceServerInput, ...request.Option) (*drs.DeleteSourceServerOutput, error) DeleteSourceServerRequest(*drs.DeleteSourceServerInput) (*request.Request, *drs.DeleteSourceServerOutput) @@ -134,6 +146,13 @@ type DrsAPI interface { DescribeReplicationConfigurationTemplatesPages(*drs.DescribeReplicationConfigurationTemplatesInput, func(*drs.DescribeReplicationConfigurationTemplatesOutput, bool) bool) error DescribeReplicationConfigurationTemplatesPagesWithContext(aws.Context, *drs.DescribeReplicationConfigurationTemplatesInput, func(*drs.DescribeReplicationConfigurationTemplatesOutput, bool) bool, ...request.Option) error + DescribeSourceNetworks(*drs.DescribeSourceNetworksInput) (*drs.DescribeSourceNetworksOutput, error) + DescribeSourceNetworksWithContext(aws.Context, *drs.DescribeSourceNetworksInput, ...request.Option) (*drs.DescribeSourceNetworksOutput, error) + DescribeSourceNetworksRequest(*drs.DescribeSourceNetworksInput) (*request.Request, *drs.DescribeSourceNetworksOutput) + + DescribeSourceNetworksPages(*drs.DescribeSourceNetworksInput, func(*drs.DescribeSourceNetworksOutput, bool) bool) error + DescribeSourceNetworksPagesWithContext(aws.Context, *drs.DescribeSourceNetworksInput, func(*drs.DescribeSourceNetworksOutput, bool) bool, ...request.Option) error + DescribeSourceServers(*drs.DescribeSourceServersInput) (*drs.DescribeSourceServersOutput, error) DescribeSourceServersWithContext(aws.Context, *drs.DescribeSourceServersInput, ...request.Option) (*drs.DescribeSourceServersOutput, error) DescribeSourceServersRequest(*drs.DescribeSourceServersInput) (*request.Request, *drs.DescribeSourceServersOutput) @@ -149,6 +168,10 @@ type DrsAPI interface { DisconnectSourceServerWithContext(aws.Context, *drs.DisconnectSourceServerInput, ...request.Option) (*drs.DisconnectSourceServerOutput, error) DisconnectSourceServerRequest(*drs.DisconnectSourceServerInput) (*request.Request, *drs.DisconnectSourceServerOutput) + ExportSourceNetworkCfnTemplate(*drs.ExportSourceNetworkCfnTemplateInput) (*drs.ExportSourceNetworkCfnTemplateOutput, error) + ExportSourceNetworkCfnTemplateWithContext(aws.Context, *drs.ExportSourceNetworkCfnTemplateInput, ...request.Option) (*drs.ExportSourceNetworkCfnTemplateOutput, error) + ExportSourceNetworkCfnTemplateRequest(*drs.ExportSourceNetworkCfnTemplateInput) (*request.Request, *drs.ExportSourceNetworkCfnTemplateOutput) + GetFailbackReplicationConfiguration(*drs.GetFailbackReplicationConfigurationInput) (*drs.GetFailbackReplicationConfigurationOutput, error) GetFailbackReplicationConfigurationWithContext(aws.Context, *drs.GetFailbackReplicationConfigurationInput, ...request.Option) (*drs.GetFailbackReplicationConfigurationOutput, error) GetFailbackReplicationConfigurationRequest(*drs.GetFailbackReplicationConfigurationInput) (*request.Request, *drs.GetFailbackReplicationConfigurationOutput) @@ -203,6 +226,14 @@ type DrsAPI interface { StartReplicationWithContext(aws.Context, *drs.StartReplicationInput, ...request.Option) (*drs.StartReplicationOutput, error) StartReplicationRequest(*drs.StartReplicationInput) (*request.Request, *drs.StartReplicationOutput) + StartSourceNetworkRecovery(*drs.StartSourceNetworkRecoveryInput) (*drs.StartSourceNetworkRecoveryOutput, error) + StartSourceNetworkRecoveryWithContext(aws.Context, *drs.StartSourceNetworkRecoveryInput, ...request.Option) (*drs.StartSourceNetworkRecoveryOutput, error) + StartSourceNetworkRecoveryRequest(*drs.StartSourceNetworkRecoveryInput) (*request.Request, *drs.StartSourceNetworkRecoveryOutput) + + StartSourceNetworkReplication(*drs.StartSourceNetworkReplicationInput) (*drs.StartSourceNetworkReplicationOutput, error) + StartSourceNetworkReplicationWithContext(aws.Context, *drs.StartSourceNetworkReplicationInput, ...request.Option) (*drs.StartSourceNetworkReplicationOutput, error) + StartSourceNetworkReplicationRequest(*drs.StartSourceNetworkReplicationInput) (*request.Request, *drs.StartSourceNetworkReplicationOutput) + StopFailback(*drs.StopFailbackInput) (*drs.StopFailbackOutput, error) StopFailbackWithContext(aws.Context, *drs.StopFailbackInput, ...request.Option) (*drs.StopFailbackOutput, error) StopFailbackRequest(*drs.StopFailbackInput) (*request.Request, *drs.StopFailbackOutput) @@ -211,6 +242,10 @@ type DrsAPI interface { StopReplicationWithContext(aws.Context, *drs.StopReplicationInput, ...request.Option) (*drs.StopReplicationOutput, error) StopReplicationRequest(*drs.StopReplicationInput) (*request.Request, *drs.StopReplicationOutput) + StopSourceNetworkReplication(*drs.StopSourceNetworkReplicationInput) (*drs.StopSourceNetworkReplicationOutput, error) + StopSourceNetworkReplicationWithContext(aws.Context, *drs.StopSourceNetworkReplicationInput, ...request.Option) (*drs.StopSourceNetworkReplicationOutput, error) + StopSourceNetworkReplicationRequest(*drs.StopSourceNetworkReplicationInput) (*request.Request, *drs.StopSourceNetworkReplicationOutput) + TagResource(*drs.TagResourceInput) (*drs.TagResourceOutput, error) TagResourceWithContext(aws.Context, *drs.TagResourceInput, ...request.Option) (*drs.TagResourceOutput, error) TagResourceRequest(*drs.TagResourceInput) (*request.Request, *drs.TagResourceOutput) diff --git a/service/ec2/api.go b/service/ec2/api.go index 994d221d318..1c461723a63 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -683,15 +683,10 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // see Bring Your Own IP Addresses (BYOIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) // in the Amazon Elastic Compute Cloud User Guide. // -// [EC2-VPC] If you release an Elastic IP address, you might be able to recover -// it. You cannot recover an Elastic IP address that you released after it is -// allocated to another Amazon Web Services account. You cannot recover an Elastic -// IP address for EC2-Classic. To attempt to recover an Elastic IP address that -// you released, specify it in this operation. -// -// An Elastic IP address is for use either in the EC2-Classic platform or in -// a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic -// per Region and 5 Elastic IP addresses for EC2-VPC per Region. +// If you release an Elastic IP address, you might be able to recover it. You +// cannot recover an Elastic IP address that you released after it is allocated +// to another Amazon Web Services account. To attempt to recover an Elastic +// IP address that you released, specify it in this operation. // // For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -700,10 +695,6 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // telecommunication carrier, to a network interface which resides in a subnet // in a Wavelength Zone (for example an EC2 instance). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -850,9 +841,12 @@ func (c *EC2) AllocateIpamPoolCidrRequest(input *AllocateIpamPoolCidrInput) (req // AllocateIpamPoolCidr API operation for Amazon Elastic Compute Cloud. // -// Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment -// from an IPAM pool to another IPAM pool or to a resource. For more information, -// see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) +// Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM +// pool locale. The locale is the Amazon Web Services Region where this IPAM +// pool is available for allocations. +// +// In IPAM, an allocation is a CIDR assignment from an IPAM pool to another +// IPAM pool or to a resource. For more information, see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) // in the Amazon VPC IPAM User Guide. // // This action creates an allocation with strong consistency. The returned CIDR @@ -1270,23 +1264,11 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // are in subnets in Wavelength Zones) with an instance or a network interface. // Before you can use an Elastic IP address, you must allocate it to your account. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// [EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is -// already associated with a different instance, it is disassociated from that -// instance and associated with the specified instance. If you associate an -// Elastic IP address with an instance that has an existing Elastic IP address, -// the existing address is disassociated from the instance, but remains allocated -// to your account. -// -// [VPC in an EC2-Classic account] If you don't specify a private IP address, -// the Elastic IP address is associated with the primary IP address. If the -// Elastic IP address is already associated with a different instance or a network -// interface, you get an error unless you allow reassociation. You cannot associate -// an Elastic IP address with an instance or network interface that has an existing -// Elastic IP address. +// If the Elastic IP address is already associated with a different instance, +// it is disassociated from that instance and associated with the specified +// instance. If you associate an Elastic IP address with an instance that has +// an existing Elastic IP address, the existing address is disassociated from +// the instance, but remains allocated to your account. // // [Subnets in Wavelength Zones] You can associate an IP address from the telecommunication // carrier to the instance or network interface. @@ -1299,10 +1281,6 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // the Elastic IP address is remapped to the same instance. For more information, // see the Elastic IP Addresses section of Amazon EC2 Pricing (http://aws.amazon.com/ec2/pricing/). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -5713,6 +5691,85 @@ func (c *EC2) CreateImageWithContext(ctx aws.Context, input *CreateImageInput, o return out, req.Send() } +const opCreateInstanceConnectEndpoint = "CreateInstanceConnectEndpoint" + +// CreateInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the CreateInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateInstanceConnectEndpoint for more information on using the CreateInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateInstanceConnectEndpointRequest method. +// req, resp := client.CreateInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpointRequest(input *CreateInstanceConnectEndpointInput) (req *request.Request, output *CreateInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opCreateInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateInstanceConnectEndpointInput{} + } + + output = &CreateInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Creates an EC2 Instance Connect Endpoint. +// +// An EC2 Instance Connect Endpoint allows you to connect to a resource, without +// requiring the resource to have a public IPv4 address. For more information, +// see Connect to your resources without requiring a public IPv4 address using +// EC2 Instance Connect Endpoint (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Connect-using-EC2-Instance-Connect-Endpoint.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpoint(input *CreateInstanceConnectEndpointInput) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// CreateInstanceConnectEndpointWithContext is the same as CreateInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See CreateInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateInstanceConnectEndpointWithContext(ctx aws.Context, input *CreateInstanceConnectEndpointInput, opts ...request.Option) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateInstanceEventWindow = "CreateInstanceEventWindow" // CreateInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -11858,6 +11915,79 @@ func (c *EC2) DeleteFpgaImageWithContext(ctx aws.Context, input *DeleteFpgaImage return out, req.Send() } +const opDeleteInstanceConnectEndpoint = "DeleteInstanceConnectEndpoint" + +// DeleteInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the DeleteInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteInstanceConnectEndpoint for more information on using the DeleteInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteInstanceConnectEndpointRequest method. +// req, resp := client.DeleteInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpointRequest(input *DeleteInstanceConnectEndpointInput) (req *request.Request, output *DeleteInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opDeleteInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteInstanceConnectEndpointInput{} + } + + output = &DeleteInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified EC2 Instance Connect Endpoint. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpoint(input *DeleteInstanceConnectEndpointInput) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// DeleteInstanceConnectEndpointWithContext is the same as DeleteInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteInstanceConnectEndpointWithContext(ctx aws.Context, input *DeleteInstanceConnectEndpointInput, opts ...request.Option) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteInstanceEventWindow = "DeleteInstanceEventWindow" // DeleteInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -17216,6 +17346,15 @@ func (c *EC2) DescribeAddressTransfersRequest(input *DescribeAddressTransfersInp // Elastic IP addresses (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) // in the Amazon Virtual Private Cloud User Guide. // +// When you transfer an Elastic IP address, there is a two-step handshake between +// the source and transfer Amazon Web Services accounts. When the source account +// starts the transfer, the transfer account has seven days to accept the Elastic +// IP address transfer. During those seven days, the source account can view +// the pending transfer by using this action. After seven days, the transfer +// expires and ownership of the Elastic IP address returns to the source account. +// Accepted transfers are visible to the source account for three days after +// the transfers have been accepted. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17340,14 +17479,6 @@ func (c *EC2) DescribeAddressesRequest(input *DescribeAddressesInput) (req *requ // // Describes the specified Elastic IP addresses or all of your Elastic IP addresses. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -22173,6 +22304,137 @@ func (c *EC2) DescribeInstanceAttributeWithContext(ctx aws.Context, input *Descr return out, req.Send() } +const opDescribeInstanceConnectEndpoints = "DescribeInstanceConnectEndpoints" + +// DescribeInstanceConnectEndpointsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceConnectEndpoints operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceConnectEndpoints for more information on using the DescribeInstanceConnectEndpoints +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeInstanceConnectEndpointsRequest method. +// req, resp := client.DescribeInstanceConnectEndpointsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpointsRequest(input *DescribeInstanceConnectEndpointsInput) (req *request.Request, output *DescribeInstanceConnectEndpointsOutput) { + op := &request.Operation{ + Name: opDescribeInstanceConnectEndpoints, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstanceConnectEndpointsInput{} + } + + output = &DescribeInstanceConnectEndpointsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceConnectEndpoints API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance +// Connect Endpoints. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceConnectEndpoints for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpoints(input *DescribeInstanceConnectEndpointsInput) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsWithContext is the same as DescribeInstanceConnectEndpoints with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceConnectEndpoints for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, opts ...request.Option) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsPages iterates over the pages of a DescribeInstanceConnectEndpoints operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceConnectEndpoints method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceConnectEndpoints operation. +// pageNum := 0 +// err := client.DescribeInstanceConnectEndpointsPages(params, +// func(page *ec2.DescribeInstanceConnectEndpointsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeInstanceConnectEndpointsPages(input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool) error { + return c.DescribeInstanceConnectEndpointsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceConnectEndpointsPagesWithContext same as DescribeInstanceConnectEndpointsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsPagesWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceConnectEndpointsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceConnectEndpointsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceConnectEndpointsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceCreditSpecifications = "DescribeInstanceCreditSpecifications" // DescribeInstanceCreditSpecificationsRequest generates a "aws/request.Request" representing the @@ -25325,9 +25587,11 @@ func (c *EC2) DescribeMovingAddressesRequest(input *DescribeMovingAddressesInput // DescribeMovingAddresses API operation for Amazon Elastic Compute Cloud. // -// Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, -// or that are being restored to the EC2-Classic platform. This request does -// not return information about any other Elastic IP addresses in your account. +// This action is deprecated. +// +// Describes your Elastic IP addresses that are being moved from or being restored +// to the EC2-Classic platform. This request does not return information about +// any other Elastic IP addresses in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -35865,14 +36129,6 @@ func (c *EC2) DisassociateAddressRequest(input *DisassociateAddressInput) (req * // Disassociates an Elastic IP address from the instance or network interface // it's associated with. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // This is an idempotent operation. If you perform the operation more than once, // Amazon EC2 doesn't return an error. // @@ -40164,7 +40420,9 @@ func (c *EC2) GetIpamPoolAllocationsRequest(input *GetIpamPoolAllocationsInput) // GetIpamPoolAllocations API operation for Amazon Elastic Compute Cloud. // -// Get a list of all the CIDR allocations in an IPAM pool. +// Get a list of all the CIDR allocations in an IPAM pool. The Region you use +// should be the IPAM pool locale. The locale is the Amazon Web Services Region +// where this IPAM pool is available for allocations. // // If you use this action after AllocateIpamPoolCidr (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html) // or ReleaseIpamPoolAllocation (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseIpamPoolAllocation.html), @@ -48800,6 +49058,8 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // MoveAddressToVpc API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC // platform. The Elastic IP address must be allocated to your account for more // than 24 hours, and it must not be associated with an instance. After the @@ -48808,10 +49068,6 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // You cannot move an Elastic IP address that was originally allocated for use // in the EC2-VPC platform to the EC2-Classic platform. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -50274,13 +50530,9 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // // Releases the specified Elastic IP address. // -// [EC2-Classic, default VPC] Releasing an Elastic IP address automatically -// disassociates it from any instance that it's associated with. To disassociate -// an Elastic IP address without releasing it, use DisassociateAddress. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// [Default VPC] Releasing an Elastic IP address automatically disassociates +// it from any instance that it's associated with. To disassociate an Elastic +// IP address without releasing it, use DisassociateAddress. // // [Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic // IP address before you can release it. Otherwise, Amazon EC2 returns an error @@ -50292,11 +50544,8 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // already released, you'll get an AuthFailure error if the address is already // allocated to another Amazon Web Services account. // -// [EC2-VPC] After you release an Elastic IP address for use in a VPC, you might -// be able to recover it. For more information, see AllocateAddress. -// -// For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. +// After you release an Elastic IP address, you might be able to recover it. +// For more information, see AllocateAddress. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50452,9 +50701,11 @@ func (c *EC2) ReleaseIpamPoolAllocationRequest(input *ReleaseIpamPoolAllocationI // ReleaseIpamPoolAllocation API operation for Amazon Elastic Compute Cloud. // -// Release an allocation within an IPAM pool. You can only use this action to -// release manual allocations. To remove an allocation for a resource without -// deleting the resource, set its monitored state to false using ModifyIpamResourceCidr +// Release an allocation within an IPAM pool. The Region you use should be the +// IPAM pool locale. The locale is the Amazon Web Services Region where this +// IPAM pool is available for allocations. You can only use this action to release +// manual allocations. To remove an allocation for a resource without deleting +// the resource, set its monitored state to false using ModifyIpamResourceCidr // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceCidr.html). // For more information, see Release an allocation (https://docs.aws.amazon.com/vpc/latest/ipam/release-pool-alloc-ipam.html) // in the Amazon VPC IPAM User Guide. @@ -51873,15 +52124,13 @@ func (c *EC2) RestoreAddressToClassicRequest(input *RestoreAddressToClassicInput // RestoreAddressToClassic API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Restores an Elastic IP address that was previously moved to the EC2-VPC platform // back to the EC2-Classic platform. You cannot move an Elastic IP address that // was originally allocated for use in EC2-VPC. The Elastic IP address must // not be associated with an instance or network interface. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -55683,11 +55932,10 @@ func (s *AdditionalDetail) SetVpcEndpointService(v *AnalysisComponent) *Addition type Address struct { _ struct{} `type:"structure"` - // The ID representing the allocation of the address for use with EC2-VPC. + // The ID representing the allocation of the address. AllocationId *string `locationName:"allocationId" type:"string"` - // The ID representing the association of the address with an instance in a - // VPC. + // The ID representing the association of the address with an instance. AssociationId *string `locationName:"associationId" type:"string"` // The carrier IP address associated. This option is only available for network @@ -55701,8 +55949,7 @@ type Address struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether this Elastic IP address is for use with instances in EC2-Classic - // (standard) or instances in a VPC (vpc). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The ID of the instance that the address is associated with (if any). @@ -56067,8 +56314,7 @@ func (s *AdvertiseByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *AdvertiseByoipCid type AllocateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address - // pool. + // The Elastic IP address to recover or an IPv4 address from an address pool. Address *string `type:"string"` // The ID of a customer-owned address pool. Use this parameter to let Amazon @@ -56076,11 +56322,7 @@ type AllocateAddressInput struct { // address from the address pool. CustomerOwnedIpv4Pool *string `type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // or instances in EC2-Classic. - // - // Default: If the Region supports EC2-Classic, the default is standard. Otherwise, - // the default is vpc. + // The network (vpc). Domain *string `type:"string" enum:"DomainType"` // Checks whether you have the required permissions for the action, without @@ -56173,12 +56415,11 @@ func (s *AllocateAddressInput) SetTagSpecifications(v []*TagSpecification) *Allo type AllocateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation - // of the Elastic IP address for use with instances in a VPC. + // The ID that represents the allocation of the Elastic IP address. AllocationId *string `locationName:"allocationId" type:"string"` // The carrier IP address. This option is only available for network interfaces - // which reside in a subnet in a Wavelength Zone (for example an EC2 instance). + // that reside in a subnet in a Wavelength Zone. CarrierIp *string `locationName:"carrierIp" type:"string"` // The customer-owned IP address. @@ -56187,8 +56428,7 @@ type AllocateAddressOutput struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // (vpc) or instances in EC2-Classic (standard). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The set of Availability Zones, Local Zones, or Wavelength Zones from which @@ -57836,15 +58076,11 @@ func (s *AssignedPrivateIpAddress) SetPrivateIpAddress(v string) *AssignedPrivat type AssociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. This is required for EC2-VPC. + // The allocation ID. This is required. AllocationId *string `type:"string"` - // [EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic - // IP address that is already associated with an instance or network interface - // to be reassociated with the specified instance or network interface. Otherwise, - // the operation fails. In a VPC in an EC2-VPC-only account, reassociation is - // automatic, therefore you can specify false to ensure the operation fails - // if the Elastic IP address is already associated with another resource. + // Reassociation is automatic, but you can specify false to ensure the operation + // fails if the Elastic IP address is already associated with another resource. AllowReassociation *bool `locationName:"allowReassociation" type:"boolean"` // Checks whether you have the required permissions for the action, without @@ -57854,25 +58090,23 @@ type AssociateAddressInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // The ID of the instance. The instance must have exactly one attached network - // interface. For EC2-VPC, you can specify either the instance ID or the network - // interface ID, but not both. For EC2-Classic, you must specify an instance - // ID and the instance must be in the running state. + // interface. You can specify either the instance ID or the network interface + // ID, but not both. InstanceId *string `type:"string"` - // [EC2-VPC] The ID of the network interface. If the instance has more than - // one network interface, you must specify a network interface ID. + // The ID of the network interface. If the instance has more than one network + // interface, you must specify a network interface ID. // - // For EC2-VPC, you can specify either the instance ID or the network interface - // ID, but not both. + // You can specify either the instance ID or the network interface ID, but not + // both. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` - // [EC2-VPC] The primary or secondary private IP address to associate with the - // Elastic IP address. If no private IP address is specified, the Elastic IP - // address is associated with the primary private IP address. + // The primary or secondary private IP address to associate with the Elastic + // IP address. If no private IP address is specified, the Elastic IP address + // is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // [EC2-Classic] The Elastic IP address to associate with the instance. This - // is required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -57939,8 +58173,8 @@ func (s *AssociateAddressInput) SetPublicIp(v string) *AssociateAddressInput { type AssociateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that represents the association of the Elastic IP address - // with an instance. + // The ID that represents the association of the Elastic IP address with an + // instance. AssociationId *string `locationName:"associationId" type:"string"` } @@ -69770,6 +70004,152 @@ func (s *CreateImageOutput) SetImageId(v string) *CreateImageOutput { return s } +type CreateInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `type:"boolean"` + + // One or more security groups to associate with the endpoint. If you don't + // specify a security group, the default security group for your VPC will be + // associated with the endpoint. + SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + + // The ID of the subnet in which to create the EC2 Instance Connect Endpoint. + // + // SubnetId is a required field + SubnetId *string `type:"string" required:"true"` + + // The tags to apply to the EC2 Instance Connect Endpoint during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateInstanceConnectEndpointInput"} + if s.SubnetId == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointInput) SetClientToken(v string) *CreateInstanceConnectEndpointInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateInstanceConnectEndpointInput) SetDryRun(v bool) *CreateInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *CreateInstanceConnectEndpointInput) SetPreserveClientIp(v bool) *CreateInstanceConnectEndpointInput { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *CreateInstanceConnectEndpointInput) SetSecurityGroupIds(v []*string) *CreateInstanceConnectEndpointInput { + s.SecurityGroupIds = v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *CreateInstanceConnectEndpointInput) SetSubnetId(v string) *CreateInstanceConnectEndpointInput { + s.SubnetId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateInstanceConnectEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateInstanceConnectEndpointInput { + s.TagSpecifications = v + return s +} + +type CreateInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive idempotency token provided by the client in the the + // request. + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointOutput) SetClientToken(v string) *CreateInstanceConnectEndpointOutput { + s.ClientToken = &v + return s +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *CreateInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *CreateInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type CreateInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -72607,7 +72987,7 @@ type CreateNetworkInterfaceInput struct { // The type of network interface. The default is interface. // - // The only supported values are efa and trunk. + // The only supported values are interface, efa, and trunk. InterfaceType *string `type:"string" enum:"NetworkInterfaceCreationType"` // The number of IPv4 prefixes that Amazon Web Services automatically assigns @@ -80996,6 +81376,95 @@ func (s *DeleteFpgaImageOutput) SetReturn(v bool) *DeleteFpgaImageOutput { return s } +type DeleteInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the EC2 Instance Connect Endpoint to delete. + // + // InstanceConnectEndpointId is a required field + InstanceConnectEndpointId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceConnectEndpointInput"} + if s.InstanceConnectEndpointId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceConnectEndpointId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteInstanceConnectEndpointInput) SetDryRun(v bool) *DeleteInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *DeleteInstanceConnectEndpointInput) SetInstanceConnectEndpointId(v string) *DeleteInstanceConnectEndpointInput { + s.InstanceConnectEndpointId = &v + return s +} + +type DeleteInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *DeleteInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *DeleteInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type DeleteInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -87774,7 +88243,7 @@ func (s *DescribeAddressesAttributeOutput) SetNextToken(v string) *DescribeAddre type DescribeAddressesInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] Information about the allocation IDs. + // Information about the allocation IDs. AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list"` // Checks whether you have the required permissions for the action, without @@ -87785,12 +88254,9 @@ type DescribeAddressesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * allocation-id - [EC2-VPC] The allocation ID for the address. - // - // * association-id - [EC2-VPC] The association ID for the address. + // * allocation-id - The allocation ID for the address. // - // * domain - Indicates whether the address is for use in EC2-Classic (standard) - // or in a VPC (vpc). + // * association-id - The association ID for the address. // // * instance-id - The ID of the instance the address is associated with, // if any. @@ -87798,14 +88264,14 @@ type DescribeAddressesInput struct { // * network-border-group - A unique set of Availability Zones, Local Zones, // or Wavelength Zones from where Amazon Web Services advertises IP addresses. // - // * network-interface-id - [EC2-VPC] The ID of the network interface that - // the address is associated with, if any. + // * network-interface-id - The ID of the network interface that the address + // is associated with, if any. // // * network-interface-owner-id - The Amazon Web Services account ID of the // owner. // - // * private-ip-address - [EC2-VPC] The private IP address associated with - // the Elastic IP address. + // * private-ip-address - The private IP address associated with the Elastic + // IP address. // // * public-ip - The Elastic IP address, or the carrier IP address. // @@ -93791,6 +94257,159 @@ func (s *DescribeInstanceAttributeOutput) SetUserData(v *AttributeValue) *Descri return s } +type DescribeInstanceConnectEndpointsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * instance-connect-endpoint-id - The ID of the EC2 Instance Connect Endpoint. + // + // * state - The state of the EC2 Instance Connect Endpoint (create-in-progress + // | create-complete | create-failed | delete-in-progress | delete-complete + // | delete-failed). + // + // * subnet-id - The ID of the subnet in which the EC2 Instance Connect Endpoint + // was created. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + // + // * tag-value - The value of a tag assigned to the resource. Use this filter + // to find all resources that have a tag with a specific value, regardless + // of tag key. + // + // * vpc-id - The ID of the VPC in which the EC2 Instance Connect Endpoint + // was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // One or more EC2 Instance Connect Endpoint IDs. + InstanceConnectEndpointIds []*string `locationName:"InstanceConnectEndpointId" locationNameList:"item" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"1" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceConnectEndpointsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceConnectEndpointsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetDryRun(v bool) *DescribeInstanceConnectEndpointsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetFilters(v []*Filter) *DescribeInstanceConnectEndpointsInput { + s.Filters = v + return s +} + +// SetInstanceConnectEndpointIds sets the InstanceConnectEndpointIds field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetInstanceConnectEndpointIds(v []*string) *DescribeInstanceConnectEndpointsInput { + s.InstanceConnectEndpointIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetMaxResults(v int64) *DescribeInstanceConnectEndpointsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetNextToken(v string) *DescribeInstanceConnectEndpointsInput { + s.NextToken = &v + return s +} + +type DescribeInstanceConnectEndpointsOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoints. + InstanceConnectEndpoints []*Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpointSet" locationNameList:"item" type:"list"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoints sets the InstanceConnectEndpoints field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetInstanceConnectEndpoints(v []*Ec2InstanceConnectEndpoint) *DescribeInstanceConnectEndpointsOutput { + s.InstanceConnectEndpoints = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetNextToken(v string) *DescribeInstanceConnectEndpointsOutput { + s.NextToken = &v + return s +} + type DescribeInstanceCreditSpecificationsInput struct { _ struct{} `type:"structure"` @@ -110370,7 +110989,7 @@ func (s *DisableVpcClassicLinkOutput) SetReturn(v bool) *DisableVpcClassicLinkOu type DisassociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The association ID. Required for EC2-VPC. + // The association ID. This parameter is required. AssociationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -110379,7 +110998,7 @@ type DisassociateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -112669,6 +113288,176 @@ func (s *EbsOptimizedInfo) SetMaximumThroughputInMBps(v float64) *EbsOptimizedIn return s } +// The EC2 Instance Connect Endpoint. +type Ec2InstanceConnectEndpoint struct { + _ struct{} `type:"structure"` + + // The Availability Zone of the EC2 Instance Connect Endpoint. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The date and time that the EC2 Instance Connect Endpoint was created. + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + + // The DNS name of the EC2 Instance Connect Endpoint. + DnsName *string `locationName:"dnsName" type:"string"` + + FipsDnsName *string `locationName:"fipsDnsName" type:"string"` + + // The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointArn *string `locationName:"instanceConnectEndpointArn" min:"1" type:"string"` + + // The ID of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointId *string `locationName:"instanceConnectEndpointId" type:"string"` + + // The ID of the elastic network interface that Amazon EC2 automatically created + // when creating the EC2 Instance Connect Endpoint. + NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` + + // The ID of the Amazon Web Services account that created the EC2 Instance Connect + // Endpoint. + OwnerId *string `locationName:"ownerId" type:"string"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `locationName:"preserveClientIp" type:"boolean"` + + // The security groups associated with the endpoint. If you didn't specify a + // security group, the default security group for your VPC is associated with + // the endpoint. + SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + + // The current state of the EC2 Instance Connect Endpoint. + State *string `locationName:"state" type:"string" enum:"Ec2InstanceConnectEndpointState"` + + // The message for the current state of the EC2 Instance Connect Endpoint. Can + // include a failure message. + StateMessage *string `locationName:"stateMessage" type:"string"` + + // The ID of the subnet in which the EC2 Instance Connect Endpoint was created. + SubnetId *string `locationName:"subnetId" type:"string"` + + // The tags assigned to the EC2 Instance Connect Endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VPC in which the EC2 Instance Connect Endpoint was created. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *Ec2InstanceConnectEndpoint) SetAvailabilityZone(v string) *Ec2InstanceConnectEndpoint { + s.AvailabilityZone = &v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Ec2InstanceConnectEndpoint) SetCreatedAt(v time.Time) *Ec2InstanceConnectEndpoint { + s.CreatedAt = &v + return s +} + +// SetDnsName sets the DnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetDnsName(v string) *Ec2InstanceConnectEndpoint { + s.DnsName = &v + return s +} + +// SetFipsDnsName sets the FipsDnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetFipsDnsName(v string) *Ec2InstanceConnectEndpoint { + s.FipsDnsName = &v + return s +} + +// SetInstanceConnectEndpointArn sets the InstanceConnectEndpointArn field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointArn(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointArn = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointId(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointId = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetNetworkInterfaceIds(v []*string) *Ec2InstanceConnectEndpoint { + s.NetworkInterfaceIds = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *Ec2InstanceConnectEndpoint) SetOwnerId(v string) *Ec2InstanceConnectEndpoint { + s.OwnerId = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *Ec2InstanceConnectEndpoint) SetPreserveClientIp(v bool) *Ec2InstanceConnectEndpoint { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetSecurityGroupIds(v []*string) *Ec2InstanceConnectEndpoint { + s.SecurityGroupIds = v + return s +} + +// SetState sets the State field's value. +func (s *Ec2InstanceConnectEndpoint) SetState(v string) *Ec2InstanceConnectEndpoint { + s.State = &v + return s +} + +// SetStateMessage sets the StateMessage field's value. +func (s *Ec2InstanceConnectEndpoint) SetStateMessage(v string) *Ec2InstanceConnectEndpoint { + s.StateMessage = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *Ec2InstanceConnectEndpoint) SetSubnetId(v string) *Ec2InstanceConnectEndpoint { + s.SubnetId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Ec2InstanceConnectEndpoint) SetTags(v []*Tag) *Ec2InstanceConnectEndpoint { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *Ec2InstanceConnectEndpoint) SetVpcId(v string) *Ec2InstanceConnectEndpoint { + s.VpcId = &v + return s +} + // Describes the Elastic Fabric Adapters for the instance type. type EfaInfo struct { _ struct{} `type:"structure"` @@ -149039,16 +149828,13 @@ func (s *MoveByoipCidrToIpamOutput) SetByoipCidr(v *ByoipCidr) *MoveByoipCidrToI return s } -// Describes the status of a moving Elastic IP address. +// This action is deprecated. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Describes the status of a moving Elastic IP address. type MovingAddressStatus struct { _ struct{} `type:"structure"` - // The status of the Elastic IP address that's being moved to the EC2-VPC platform, - // or restored to the EC2-Classic platform. + // The status of the Elastic IP address that's being moved or restored. MoveStatus *string `locationName:"moveStatus" type:"string" enum:"MoveStatus"` // The Elastic IP address. @@ -156588,7 +157374,7 @@ func (s *RejectVpcPeeringConnectionOutput) SetReturn(v bool) *RejectVpcPeeringCo type ReleaseAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. Required for EC2-VPC. + // The allocation ID. This parameter is required. AllocationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -156607,7 +157393,7 @@ type ReleaseAddressInput struct { // operation on EC2 classic, you receive an InvalidParameterCombination error. NetworkBorderGroup *string `type:"string"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -182677,6 +183463,38 @@ func EbsOptimizedSupport_Values() []string { } } +const ( + // Ec2InstanceConnectEndpointStateCreateInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateInProgress = "create-in-progress" + + // Ec2InstanceConnectEndpointStateCreateComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateComplete = "create-complete" + + // Ec2InstanceConnectEndpointStateCreateFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateFailed = "create-failed" + + // Ec2InstanceConnectEndpointStateDeleteInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteInProgress = "delete-in-progress" + + // Ec2InstanceConnectEndpointStateDeleteComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteComplete = "delete-complete" + + // Ec2InstanceConnectEndpointStateDeleteFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteFailed = "delete-failed" +) + +// Ec2InstanceConnectEndpointState_Values returns all elements of the Ec2InstanceConnectEndpointState enum +func Ec2InstanceConnectEndpointState_Values() []string { + return []string{ + Ec2InstanceConnectEndpointStateCreateInProgress, + Ec2InstanceConnectEndpointStateCreateComplete, + Ec2InstanceConnectEndpointStateCreateFailed, + Ec2InstanceConnectEndpointStateDeleteInProgress, + Ec2InstanceConnectEndpointStateDeleteComplete, + Ec2InstanceConnectEndpointStateDeleteFailed, + } +} + const ( // ElasticGpuStateAttached is a ElasticGpuState enum value ElasticGpuStateAttached = "ATTACHED" @@ -188672,6 +189490,9 @@ const ( // ResourceTypeIpamResourceDiscoveryAssociation is a ResourceType enum value ResourceTypeIpamResourceDiscoveryAssociation = "ipam-resource-discovery-association" + + // ResourceTypeInstanceConnectEndpoint is a ResourceType enum value + ResourceTypeInstanceConnectEndpoint = "instance-connect-endpoint" ) // ResourceType_Values returns all elements of the ResourceType enum @@ -188762,6 +189583,7 @@ func ResourceType_Values() []string { ResourceTypeVpcBlockPublicAccessExclusion, ResourceTypeIpamResourceDiscovery, ResourceTypeIpamResourceDiscoveryAssociation, + ResourceTypeInstanceConnectEndpoint, } } diff --git a/service/ec2/ec2iface/interface.go b/service/ec2/ec2iface/interface.go index 1652abb1801..33214a6be6a 100644 --- a/service/ec2/ec2iface/interface.go +++ b/service/ec2/ec2iface/interface.go @@ -340,6 +340,10 @@ type EC2API interface { CreateImageWithContext(aws.Context, *ec2.CreateImageInput, ...request.Option) (*ec2.CreateImageOutput, error) CreateImageRequest(*ec2.CreateImageInput) (*request.Request, *ec2.CreateImageOutput) + CreateInstanceConnectEndpoint(*ec2.CreateInstanceConnectEndpointInput) (*ec2.CreateInstanceConnectEndpointOutput, error) + CreateInstanceConnectEndpointWithContext(aws.Context, *ec2.CreateInstanceConnectEndpointInput, ...request.Option) (*ec2.CreateInstanceConnectEndpointOutput, error) + CreateInstanceConnectEndpointRequest(*ec2.CreateInstanceConnectEndpointInput) (*request.Request, *ec2.CreateInstanceConnectEndpointOutput) + CreateInstanceEventWindow(*ec2.CreateInstanceEventWindowInput) (*ec2.CreateInstanceEventWindowOutput, error) CreateInstanceEventWindowWithContext(aws.Context, *ec2.CreateInstanceEventWindowInput, ...request.Option) (*ec2.CreateInstanceEventWindowOutput, error) CreateInstanceEventWindowRequest(*ec2.CreateInstanceEventWindowInput) (*request.Request, *ec2.CreateInstanceEventWindowOutput) @@ -644,6 +648,10 @@ type EC2API interface { DeleteFpgaImageWithContext(aws.Context, *ec2.DeleteFpgaImageInput, ...request.Option) (*ec2.DeleteFpgaImageOutput, error) DeleteFpgaImageRequest(*ec2.DeleteFpgaImageInput) (*request.Request, *ec2.DeleteFpgaImageOutput) + DeleteInstanceConnectEndpoint(*ec2.DeleteInstanceConnectEndpointInput) (*ec2.DeleteInstanceConnectEndpointOutput, error) + DeleteInstanceConnectEndpointWithContext(aws.Context, *ec2.DeleteInstanceConnectEndpointInput, ...request.Option) (*ec2.DeleteInstanceConnectEndpointOutput, error) + DeleteInstanceConnectEndpointRequest(*ec2.DeleteInstanceConnectEndpointInput) (*request.Request, *ec2.DeleteInstanceConnectEndpointOutput) + DeleteInstanceEventWindow(*ec2.DeleteInstanceEventWindowInput) (*ec2.DeleteInstanceEventWindowOutput, error) DeleteInstanceEventWindowWithContext(aws.Context, *ec2.DeleteInstanceEventWindowInput, ...request.Option) (*ec2.DeleteInstanceEventWindowOutput, error) DeleteInstanceEventWindowRequest(*ec2.DeleteInstanceEventWindowInput) (*request.Request, *ec2.DeleteInstanceEventWindowOutput) @@ -1187,6 +1195,13 @@ type EC2API interface { DescribeInstanceAttributeWithContext(aws.Context, *ec2.DescribeInstanceAttributeInput, ...request.Option) (*ec2.DescribeInstanceAttributeOutput, error) DescribeInstanceAttributeRequest(*ec2.DescribeInstanceAttributeInput) (*request.Request, *ec2.DescribeInstanceAttributeOutput) + DescribeInstanceConnectEndpoints(*ec2.DescribeInstanceConnectEndpointsInput) (*ec2.DescribeInstanceConnectEndpointsOutput, error) + DescribeInstanceConnectEndpointsWithContext(aws.Context, *ec2.DescribeInstanceConnectEndpointsInput, ...request.Option) (*ec2.DescribeInstanceConnectEndpointsOutput, error) + DescribeInstanceConnectEndpointsRequest(*ec2.DescribeInstanceConnectEndpointsInput) (*request.Request, *ec2.DescribeInstanceConnectEndpointsOutput) + + DescribeInstanceConnectEndpointsPages(*ec2.DescribeInstanceConnectEndpointsInput, func(*ec2.DescribeInstanceConnectEndpointsOutput, bool) bool) error + DescribeInstanceConnectEndpointsPagesWithContext(aws.Context, *ec2.DescribeInstanceConnectEndpointsInput, func(*ec2.DescribeInstanceConnectEndpointsOutput, bool) bool, ...request.Option) error + DescribeInstanceCreditSpecifications(*ec2.DescribeInstanceCreditSpecificationsInput) (*ec2.DescribeInstanceCreditSpecificationsOutput, error) DescribeInstanceCreditSpecificationsWithContext(aws.Context, *ec2.DescribeInstanceCreditSpecificationsInput, ...request.Option) (*ec2.DescribeInstanceCreditSpecificationsOutput, error) DescribeInstanceCreditSpecificationsRequest(*ec2.DescribeInstanceCreditSpecificationsInput) (*request.Request, *ec2.DescribeInstanceCreditSpecificationsOutput) diff --git a/service/imagebuilder/api.go b/service/imagebuilder/api.go index 9ed21fcfb73..445fb380615 100644 --- a/service/imagebuilder/api.go +++ b/service/imagebuilder/api.go @@ -13402,7 +13402,7 @@ type ImagePipeline struct { // This is no longer supported, and does not return a value. DateLastRun *string `locationName:"dateLastRun" type:"string"` - // This is no longer supported, and does not return a value. + // The next date when the pipeline is scheduled to run. DateNextRun *string `locationName:"dateNextRun" type:"string"` // The date on which this image pipeline was last updated. diff --git a/service/lightsail/api.go b/service/lightsail/api.go index fce3db782f4..a596fcd8d32 100644 --- a/service/lightsail/api.go +++ b/service/lightsail/api.go @@ -7603,7 +7603,7 @@ func (c *Lightsail) GetCertificatesRequest(input *GetCertificatesInput) (req *re // // Returns information about one or more Amazon Lightsail SSL/TLS certificates. // -// To get a summary of a certificate, ommit includeCertificateDetails from your +// To get a summary of a certificate, omit includeCertificateDetails from your // request. The response will include only the certificate Amazon Resource Name // (ARN), certificate name, domain name, and tags. // @@ -19655,7 +19655,7 @@ func (s *CacheSettings) SetMinimumTTL(v int64) *CacheSettings { // Describes the full details of an Amazon Lightsail SSL/TLS certificate. // -// To get a summary of a certificate, use the GetCertificates action and ommit +// To get a summary of a certificate, use the GetCertificates action and omit // includeCertificateDetails from your request. The response will include only // the certificate Amazon Resource Name (ARN), certificate name, domain name, // and tags. @@ -30007,6 +30007,13 @@ type GetCertificatesInput struct { // When omitted, the response includes only the certificate names, Amazon Resource // Names (ARNs), domain names, and tags. IncludeCertificateDetails *bool `locationName:"includeCertificateDetails" type:"boolean"` + + // The token to advance to the next page of results from your request. + // + // To get a page token, perform an initial GetCertificates request. If your + // results are paginated, the response will return a next page token that you + // can specify as the page token in a subsequent request. + PageToken *string `locationName:"pageToken" type:"string"` } // String returns the string representation. @@ -30045,11 +30052,23 @@ func (s *GetCertificatesInput) SetIncludeCertificateDetails(v bool) *GetCertific return s } +// SetPageToken sets the PageToken field's value. +func (s *GetCertificatesInput) SetPageToken(v string) *GetCertificatesInput { + s.PageToken = &v + return s +} + type GetCertificatesOutput struct { _ struct{} `type:"structure"` // An object that describes certificates. Certificates []*CertificateSummary `locationName:"certificates" type:"list"` + + // If NextPageToken is returned there are more results available. The value + // of NextPageToken is a unique pagination token for each page. Make the call + // again using the returned token to retrieve the next page. Keep all other + // arguments unchanged. + NextPageToken *string `locationName:"nextPageToken" type:"string"` } // String returns the string representation. @@ -30076,6 +30095,12 @@ func (s *GetCertificatesOutput) SetCertificates(v []*CertificateSummary) *GetCer return s } +// SetNextPageToken sets the NextPageToken field's value. +func (s *GetCertificatesOutput) SetNextPageToken(v string) *GetCertificatesOutput { + s.NextPageToken = &v + return s +} + type GetCloudFormationStackRecordsInput struct { _ struct{} `type:"structure"` @@ -30965,7 +30990,7 @@ type GetCostEstimateInput struct { // // * Specified in Coordinated Universal Time (UTC). // - // * Specified in the Unix time format. For example, if you wish to use an + // * Specified in the Unix time format. For example, if you want to use an // end time of October 1, 2018, at 9 PM UTC, specify 1538427600 as the end // time. // @@ -30986,7 +31011,7 @@ type GetCostEstimateInput struct { // // * Specified in Coordinated Universal Time (UTC). // - // * Specified in the Unix time format. For example, if you wish to use a + // * Specified in the Unix time format. For example, if you want to use a // start time of October 1, 2018, at 8 PM UTC, specify 1538424000 as the // start time. // diff --git a/service/s3/api.go b/service/s3/api.go index b2f69484a68..fef27e4a7cd 100644 --- a/service/s3/api.go +++ b/service/s3/api.go @@ -42166,6 +42166,9 @@ const ( // ServerSideEncryptionAwsKms is a ServerSideEncryption enum value ServerSideEncryptionAwsKms = "aws:kms" + + // ServerSideEncryptionAwsKmsDsse is a ServerSideEncryption enum value + ServerSideEncryptionAwsKmsDsse = "aws:kms:dsse" ) // ServerSideEncryption_Values returns all elements of the ServerSideEncryption enum @@ -42173,6 +42176,7 @@ func ServerSideEncryption_Values() []string { return []string{ ServerSideEncryptionAes256, ServerSideEncryptionAwsKms, + ServerSideEncryptionAwsKmsDsse, } } diff --git a/service/s3/examples_test.go b/service/s3/examples_test.go index 33b46aca3c6..7c8236db113 100644 --- a/service/s3/examples_test.go +++ b/service/s3/examples_test.go @@ -125,12 +125,16 @@ func ExampleS3_CopyObject_shared00() { fmt.Println(result) } -// To create a bucket -// The following example creates a bucket. +// To create a bucket in a specific region +// The following example creates a bucket. The request specifies an AWS region where +// to create the bucket. func ExampleS3_CreateBucket_shared00() { svc := s3.New(session.New()) input := &s3.CreateBucketInput{ Bucket: aws.String("examplebucket"), + CreateBucketConfiguration: &s3.CreateBucketConfiguration{ + LocationConstraint: aws.String("eu-west-1"), + }, } result, err := svc.CreateBucket(input) @@ -155,16 +159,12 @@ func ExampleS3_CreateBucket_shared00() { fmt.Println(result) } -// To create a bucket in a specific region -// The following example creates a bucket. The request specifies an AWS region where -// to create the bucket. +// To create a bucket +// The following example creates a bucket. func ExampleS3_CreateBucket_shared01() { svc := s3.New(session.New()) input := &s3.CreateBucketInput{ Bucket: aws.String("examplebucket"), - CreateBucketConfiguration: &s3.CreateBucketConfiguration{ - LocationConstraint: aws.String("eu-west-1"), - }, } result, err := svc.CreateBucket(input) @@ -452,15 +452,15 @@ func ExampleS3_DeleteObject_shared01() { fmt.Println(result) } -// To remove tag set from an object version -// The following example removes tag set associated with the specified object version. -// The request specifies both the object key and object version. +// To remove tag set from an object +// The following example removes tag set associated with the specified object. If the +// bucket is versioning enabled, the operation removes tag set from the latest object +// version. func ExampleS3_DeleteObjectTagging_shared00() { svc := s3.New(session.New()) input := &s3.DeleteObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), } result, err := svc.DeleteObjectTagging(input) @@ -481,15 +481,15 @@ func ExampleS3_DeleteObjectTagging_shared00() { fmt.Println(result) } -// To remove tag set from an object -// The following example removes tag set associated with the specified object. If the -// bucket is versioning enabled, the operation removes tag set from the latest object -// version. +// To remove tag set from an object version +// The following example removes tag set associated with the specified object version. +// The request specifies both the object key and object version. func ExampleS3_DeleteObjectTagging_shared01() { svc := s3.New(session.New()) input := &s3.DeleteObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), } result, err := svc.DeleteObjectTagging(input) @@ -510,10 +510,10 @@ func ExampleS3_DeleteObjectTagging_shared01() { fmt.Println(result) } -// To delete multiple object versions from a versioned bucket -// The following example deletes objects from a bucket. The request specifies object -// versions. S3 deletes specific object versions and returns the key and versions of -// deleted objects in the response. +// To delete multiple objects from a versioned bucket +// The following example deletes objects from a bucket. The bucket is versioned, and +// the request does not specify the object version to delete. In this case, all versions +// remain in the bucket and S3 adds a delete marker. func ExampleS3_DeleteObjects_shared00() { svc := s3.New(session.New()) input := &s3.DeleteObjectsInput{ @@ -521,12 +521,10 @@ func ExampleS3_DeleteObjects_shared00() { Delete: &s3.Delete{ Objects: []*s3.ObjectIdentifier{ { - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"), + Key: aws.String("objectkey1"), }, { - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"), + Key: aws.String("objectkey2"), }, }, Quiet: aws.Bool(false), @@ -551,10 +549,10 @@ func ExampleS3_DeleteObjects_shared00() { fmt.Println(result) } -// To delete multiple objects from a versioned bucket -// The following example deletes objects from a bucket. The bucket is versioned, and -// the request does not specify the object version to delete. In this case, all versions -// remain in the bucket and S3 adds a delete marker. +// To delete multiple object versions from a versioned bucket +// The following example deletes objects from a bucket. The request specifies object +// versions. S3 deletes specific object versions and returns the key and versions of +// deleted objects in the response. func ExampleS3_DeleteObjects_shared01() { svc := s3.New(session.New()) input := &s3.DeleteObjectsInput{ @@ -562,10 +560,12 @@ func ExampleS3_DeleteObjects_shared01() { Delete: &s3.Delete{ Objects: []*s3.ObjectIdentifier{ { - Key: aws.String("objectkey1"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"), }, { - Key: aws.String("objectkey2"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"), }, }, Quiet: aws.Bool(false), @@ -903,13 +903,15 @@ func ExampleS3_GetBucketWebsite_shared00() { fmt.Println(result) } -// To retrieve an object -// The following example retrieves an object for an S3 bucket. +// To retrieve a byte range of an object +// The following example retrieves an object for an S3 bucket. The request specifies +// the range header to retrieve a specific byte range. func ExampleS3_GetObject_shared00() { svc := s3.New(session.New()) input := &s3.GetObjectInput{ Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), + Key: aws.String("SampleFile.txt"), + Range: aws.String("bytes=0-9"), } result, err := svc.GetObject(input) @@ -934,15 +936,13 @@ func ExampleS3_GetObject_shared00() { fmt.Println(result) } -// To retrieve a byte range of an object -// The following example retrieves an object for an S3 bucket. The request specifies -// the range header to retrieve a specific byte range. +// To retrieve an object +// The following example retrieves an object for an S3 bucket. func ExampleS3_GetObject_shared01() { svc := s3.New(session.New()) input := &s3.GetObjectInput{ Bucket: aws.String("examplebucket"), - Key: aws.String("SampleFile.txt"), - Range: aws.String("bytes=0-9"), + Key: aws.String("HappyFace.jpg"), } result, err := svc.GetObject(input) @@ -1748,16 +1748,16 @@ func ExampleS3_PutBucketWebsite_shared00() { fmt.Println(result) } -// To upload an object and specify optional tags -// The following example uploads an object. The request specifies optional object tags. -// The bucket is versioned, therefore S3 returns version ID of the newly created object. +// To upload an object +// The following example uploads an object to a versioning-enabled bucket. The source +// file is specified using Windows file syntax. S3 returns VersionId of the newly created +// object. func ExampleS3_PutObject_shared00() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("c:\\HappyFace.jpg")), - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), - Tagging: aws.String("key1=value1&key2=value2"), + Body: aws.ReadSeekCloser(strings.NewReader("HappyFace.jpg")), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), } result, err := svc.PutObject(input) @@ -1778,17 +1778,19 @@ func ExampleS3_PutObject_shared00() { fmt.Println(result) } -// To upload an object and specify canned ACL. -// The following example uploads and object. The request specifies optional canned ACL -// (access control list) to all READ access to authenticated users. If the bucket is -// versioning enabled, S3 returns version ID in response. +// To upload object and specify user-defined metadata +// The following example creates an object. The request also specifies optional metadata. +// If the bucket is versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared01() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - ACL: aws.String("authenticated-read"), Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), Bucket: aws.String("examplebucket"), Key: aws.String("exampleobject"), + Metadata: map[string]*string{ + "metadata1": aws.String("value1"), + "metadata2": aws.String("value2"), + }, } result, err := svc.PutObject(input) @@ -1809,18 +1811,17 @@ func ExampleS3_PutObject_shared01() { fmt.Println(result) } -// To upload an object and specify server-side encryption and object tags -// The following example uploads an object. The request specifies the optional server-side -// encryption option. The request also specifies optional object tags. If the bucket -// is versioning enabled, S3 returns version ID in response. +// To upload an object (specify optional headers) +// The following example uploads an object. The request specifies optional request headers +// to directs S3 to use specific storage class and use server-side encryption. func ExampleS3_PutObject_shared02() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), + Body: aws.ReadSeekCloser(strings.NewReader("HappyFace.jpg")), Bucket: aws.String("examplebucket"), - Key: aws.String("exampleobject"), + Key: aws.String("HappyFace.jpg"), ServerSideEncryption: aws.String("AES256"), - Tagging: aws.String("key1=value1&key2=value2"), + StorageClass: aws.String("STANDARD_IA"), } result, err := svc.PutObject(input) @@ -1870,16 +1871,18 @@ func ExampleS3_PutObject_shared03() { fmt.Println(result) } -// To upload an object -// The following example uploads an object to a versioning-enabled bucket. The source -// file is specified using Windows file syntax. S3 returns VersionId of the newly created -// object. +// To upload an object and specify server-side encryption and object tags +// The following example uploads an object. The request specifies the optional server-side +// encryption option. The request also specifies optional object tags. If the bucket +// is versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared04() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("HappyFace.jpg")), - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), + Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), + Bucket: aws.String("examplebucket"), + Key: aws.String("exampleobject"), + ServerSideEncryption: aws.String("AES256"), + Tagging: aws.String("key1=value1&key2=value2"), } result, err := svc.PutObject(input) @@ -1900,17 +1903,16 @@ func ExampleS3_PutObject_shared04() { fmt.Println(result) } -// To upload an object (specify optional headers) -// The following example uploads an object. The request specifies optional request headers -// to directs S3 to use specific storage class and use server-side encryption. +// To upload an object and specify optional tags +// The following example uploads an object. The request specifies optional object tags. +// The bucket is versioned, therefore S3 returns version ID of the newly created object. func ExampleS3_PutObject_shared05() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("HappyFace.jpg")), - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), - ServerSideEncryption: aws.String("AES256"), - StorageClass: aws.String("STANDARD_IA"), + Body: aws.ReadSeekCloser(strings.NewReader("c:\\HappyFace.jpg")), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), + Tagging: aws.String("key1=value1&key2=value2"), } result, err := svc.PutObject(input) @@ -1931,19 +1933,17 @@ func ExampleS3_PutObject_shared05() { fmt.Println(result) } -// To upload object and specify user-defined metadata -// The following example creates an object. The request also specifies optional metadata. -// If the bucket is versioning enabled, S3 returns version ID in response. +// To upload an object and specify canned ACL. +// The following example uploads and object. The request specifies optional canned ACL +// (access control list) to all READ access to authenticated users. If the bucket is +// versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared06() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ + ACL: aws.String("authenticated-read"), Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), Bucket: aws.String("examplebucket"), Key: aws.String("exampleobject"), - Metadata: map[string]*string{ - "metadata1": aws.String("value1"), - "metadata2": aws.String("value2"), - }, } result, err := svc.PutObject(input) @@ -2104,17 +2104,18 @@ func ExampleS3_UploadPart_shared00() { fmt.Println(result) } -// To upload a part by copying data from an existing object as data source -// The following example uploads a part of a multipart upload by copying data from an -// existing object as data source. +// To upload a part by copying byte range from an existing object as data source +// The following example uploads a part of a multipart upload by copying a specified +// byte range from an existing object as data source. func ExampleS3_UploadPartCopy_shared00() { svc := s3.New(session.New()) input := &s3.UploadPartCopyInput{ - Bucket: aws.String("examplebucket"), - CopySource: aws.String("/bucketname/sourceobjectkey"), - Key: aws.String("examplelargeobject"), - PartNumber: aws.Int64(1), - UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), + Bucket: aws.String("examplebucket"), + CopySource: aws.String("/bucketname/sourceobjectkey"), + CopySourceRange: aws.String("bytes=1-100000"), + Key: aws.String("examplelargeobject"), + PartNumber: aws.Int64(2), + UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), } result, err := svc.UploadPartCopy(input) @@ -2135,18 +2136,17 @@ func ExampleS3_UploadPartCopy_shared00() { fmt.Println(result) } -// To upload a part by copying byte range from an existing object as data source -// The following example uploads a part of a multipart upload by copying a specified -// byte range from an existing object as data source. +// To upload a part by copying data from an existing object as data source +// The following example uploads a part of a multipart upload by copying data from an +// existing object as data source. func ExampleS3_UploadPartCopy_shared01() { svc := s3.New(session.New()) input := &s3.UploadPartCopyInput{ - Bucket: aws.String("examplebucket"), - CopySource: aws.String("/bucketname/sourceobjectkey"), - CopySourceRange: aws.String("bytes=1-100000"), - Key: aws.String("examplelargeobject"), - PartNumber: aws.Int64(2), - UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), + Bucket: aws.String("examplebucket"), + CopySource: aws.String("/bucketname/sourceobjectkey"), + Key: aws.String("examplelargeobject"), + PartNumber: aws.Int64(1), + UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), } result, err := svc.UploadPartCopy(input) diff --git a/service/securityhub/api.go b/service/securityhub/api.go index 855888499a7..46401bc63bb 100644 --- a/service/securityhub/api.go +++ b/service/securityhub/api.go @@ -235,6 +235,100 @@ func (c *SecurityHub) AcceptInvitationWithContext(ctx aws.Context, input *Accept return out, req.Send() } +const opBatchDeleteAutomationRules = "BatchDeleteAutomationRules" + +// BatchDeleteAutomationRulesRequest generates a "aws/request.Request" representing the +// client's request for the BatchDeleteAutomationRules operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See BatchDeleteAutomationRules for more information on using the BatchDeleteAutomationRules +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the BatchDeleteAutomationRulesRequest method. +// req, resp := client.BatchDeleteAutomationRulesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDeleteAutomationRules +func (c *SecurityHub) BatchDeleteAutomationRulesRequest(input *BatchDeleteAutomationRulesInput) (req *request.Request, output *BatchDeleteAutomationRulesOutput) { + op := &request.Operation{ + Name: opBatchDeleteAutomationRules, + HTTPMethod: "POST", + HTTPPath: "/automationrules/delete", + } + + if input == nil { + input = &BatchDeleteAutomationRulesInput{} + } + + output = &BatchDeleteAutomationRulesOutput{} + req = c.newRequest(op, input, output) + return +} + +// BatchDeleteAutomationRules API operation for AWS SecurityHub. +// +// Deletes one or more automation rules. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SecurityHub's +// API operation BatchDeleteAutomationRules for usage and error information. +// +// Returned Error Types: +// +// - InternalException +// Internal server error. +// +// - InvalidAccessException +// The account doesn't have permission to perform this action. +// +// - InvalidInputException +// The request was rejected because you supplied an invalid or out-of-range +// value for an input parameter. +// +// - LimitExceededException +// The request was rejected because it attempted to create resources beyond +// the current Amazon Web Services account or throttling limits. The error code +// describes the limit exceeded. +// +// - ResourceNotFoundException +// The request was rejected because we can't find the specified resource. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDeleteAutomationRules +func (c *SecurityHub) BatchDeleteAutomationRules(input *BatchDeleteAutomationRulesInput) (*BatchDeleteAutomationRulesOutput, error) { + req, out := c.BatchDeleteAutomationRulesRequest(input) + return out, req.Send() +} + +// BatchDeleteAutomationRulesWithContext is the same as BatchDeleteAutomationRules with the addition of +// the ability to pass a context and additional request options. +// +// See BatchDeleteAutomationRules for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecurityHub) BatchDeleteAutomationRulesWithContext(ctx aws.Context, input *BatchDeleteAutomationRulesInput, opts ...request.Option) (*BatchDeleteAutomationRulesOutput, error) { + req, out := c.BatchDeleteAutomationRulesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opBatchDisableStandards = "BatchDisableStandards" // BatchDisableStandardsRequest generates a "aws/request.Request" representing the @@ -424,6 +518,104 @@ func (c *SecurityHub) BatchEnableStandardsWithContext(ctx aws.Context, input *Ba return out, req.Send() } +const opBatchGetAutomationRules = "BatchGetAutomationRules" + +// BatchGetAutomationRulesRequest generates a "aws/request.Request" representing the +// client's request for the BatchGetAutomationRules operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See BatchGetAutomationRules for more information on using the BatchGetAutomationRules +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the BatchGetAutomationRulesRequest method. +// req, resp := client.BatchGetAutomationRulesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchGetAutomationRules +func (c *SecurityHub) BatchGetAutomationRulesRequest(input *BatchGetAutomationRulesInput) (req *request.Request, output *BatchGetAutomationRulesOutput) { + op := &request.Operation{ + Name: opBatchGetAutomationRules, + HTTPMethod: "POST", + HTTPPath: "/automationrules/get", + } + + if input == nil { + input = &BatchGetAutomationRulesInput{} + } + + output = &BatchGetAutomationRulesOutput{} + req = c.newRequest(op, input, output) + return +} + +// BatchGetAutomationRules API operation for AWS SecurityHub. +// +// Retrieves a list of details for automation rules based on rule Amazon Resource +// Names (ARNs). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SecurityHub's +// API operation BatchGetAutomationRules for usage and error information. +// +// Returned Error Types: +// +// - AccessDeniedException +// You don't have permission to perform the action specified in the request. +// +// - InternalException +// Internal server error. +// +// - InvalidAccessException +// The account doesn't have permission to perform this action. +// +// - InvalidInputException +// The request was rejected because you supplied an invalid or out-of-range +// value for an input parameter. +// +// - LimitExceededException +// The request was rejected because it attempted to create resources beyond +// the current Amazon Web Services account or throttling limits. The error code +// describes the limit exceeded. +// +// - ResourceNotFoundException +// The request was rejected because we can't find the specified resource. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchGetAutomationRules +func (c *SecurityHub) BatchGetAutomationRules(input *BatchGetAutomationRulesInput) (*BatchGetAutomationRulesOutput, error) { + req, out := c.BatchGetAutomationRulesRequest(input) + return out, req.Send() +} + +// BatchGetAutomationRulesWithContext is the same as BatchGetAutomationRules with the addition of +// the ability to pass a context and additional request options. +// +// See BatchGetAutomationRules for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecurityHub) BatchGetAutomationRulesWithContext(ctx aws.Context, input *BatchGetAutomationRulesInput, opts ...request.Option) (*BatchGetAutomationRulesOutput, error) { + req, out := c.BatchGetAutomationRulesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opBatchGetSecurityControls = "BatchGetSecurityControls" // BatchGetSecurityControlsRequest generates a "aws/request.Request" representing the @@ -746,6 +938,101 @@ func (c *SecurityHub) BatchImportFindingsWithContext(ctx aws.Context, input *Bat return out, req.Send() } +const opBatchUpdateAutomationRules = "BatchUpdateAutomationRules" + +// BatchUpdateAutomationRulesRequest generates a "aws/request.Request" representing the +// client's request for the BatchUpdateAutomationRules operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See BatchUpdateAutomationRules for more information on using the BatchUpdateAutomationRules +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the BatchUpdateAutomationRulesRequest method. +// req, resp := client.BatchUpdateAutomationRulesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchUpdateAutomationRules +func (c *SecurityHub) BatchUpdateAutomationRulesRequest(input *BatchUpdateAutomationRulesInput) (req *request.Request, output *BatchUpdateAutomationRulesOutput) { + op := &request.Operation{ + Name: opBatchUpdateAutomationRules, + HTTPMethod: "PATCH", + HTTPPath: "/automationrules/update", + } + + if input == nil { + input = &BatchUpdateAutomationRulesInput{} + } + + output = &BatchUpdateAutomationRulesOutput{} + req = c.newRequest(op, input, output) + return +} + +// BatchUpdateAutomationRules API operation for AWS SecurityHub. +// +// Updates one or more automation rules based on rule Amazon Resource Names +// (ARNs) and input parameters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SecurityHub's +// API operation BatchUpdateAutomationRules for usage and error information. +// +// Returned Error Types: +// +// - InternalException +// Internal server error. +// +// - InvalidAccessException +// The account doesn't have permission to perform this action. +// +// - InvalidInputException +// The request was rejected because you supplied an invalid or out-of-range +// value for an input parameter. +// +// - LimitExceededException +// The request was rejected because it attempted to create resources beyond +// the current Amazon Web Services account or throttling limits. The error code +// describes the limit exceeded. +// +// - ResourceNotFoundException +// The request was rejected because we can't find the specified resource. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchUpdateAutomationRules +func (c *SecurityHub) BatchUpdateAutomationRules(input *BatchUpdateAutomationRulesInput) (*BatchUpdateAutomationRulesOutput, error) { + req, out := c.BatchUpdateAutomationRulesRequest(input) + return out, req.Send() +} + +// BatchUpdateAutomationRulesWithContext is the same as BatchUpdateAutomationRules with the addition of +// the ability to pass a context and additional request options. +// +// See BatchUpdateAutomationRules for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecurityHub) BatchUpdateAutomationRulesWithContext(ctx aws.Context, input *BatchUpdateAutomationRulesInput, opts ...request.Option) (*BatchUpdateAutomationRulesOutput, error) { + req, out := c.BatchUpdateAutomationRulesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opBatchUpdateFindings = "BatchUpdateFindings" // BatchUpdateFindingsRequest generates a "aws/request.Request" representing the @@ -1059,6 +1346,100 @@ func (c *SecurityHub) CreateActionTargetWithContext(ctx aws.Context, input *Crea return out, req.Send() } +const opCreateAutomationRule = "CreateAutomationRule" + +// CreateAutomationRuleRequest generates a "aws/request.Request" representing the +// client's request for the CreateAutomationRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateAutomationRule for more information on using the CreateAutomationRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateAutomationRuleRequest method. +// req, resp := client.CreateAutomationRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateAutomationRule +func (c *SecurityHub) CreateAutomationRuleRequest(input *CreateAutomationRuleInput) (req *request.Request, output *CreateAutomationRuleOutput) { + op := &request.Operation{ + Name: opCreateAutomationRule, + HTTPMethod: "POST", + HTTPPath: "/automationrules/create", + } + + if input == nil { + input = &CreateAutomationRuleInput{} + } + + output = &CreateAutomationRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateAutomationRule API operation for AWS SecurityHub. +// +// Creates an automation rule based on input parameters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SecurityHub's +// API operation CreateAutomationRule for usage and error information. +// +// Returned Error Types: +// +// - AccessDeniedException +// You don't have permission to perform the action specified in the request. +// +// - InternalException +// Internal server error. +// +// - InvalidAccessException +// The account doesn't have permission to perform this action. +// +// - InvalidInputException +// The request was rejected because you supplied an invalid or out-of-range +// value for an input parameter. +// +// - LimitExceededException +// The request was rejected because it attempted to create resources beyond +// the current Amazon Web Services account or throttling limits. The error code +// describes the limit exceeded. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateAutomationRule +func (c *SecurityHub) CreateAutomationRule(input *CreateAutomationRuleInput) (*CreateAutomationRuleOutput, error) { + req, out := c.CreateAutomationRuleRequest(input) + return out, req.Send() +} + +// CreateAutomationRuleWithContext is the same as CreateAutomationRule with the addition of +// the ability to pass a context and additional request options. +// +// See CreateAutomationRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecurityHub) CreateAutomationRuleWithContext(ctx aws.Context, input *CreateAutomationRuleInput, opts ...request.Option) (*CreateAutomationRuleOutput, error) { + req, out := c.CreateAutomationRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateFindingAggregator = "CreateFindingAggregator" // CreateFindingAggregatorRequest generates a "aws/request.Request" representing the @@ -4977,6 +5358,100 @@ func (c *SecurityHub) InviteMembersWithContext(ctx aws.Context, input *InviteMem return out, req.Send() } +const opListAutomationRules = "ListAutomationRules" + +// ListAutomationRulesRequest generates a "aws/request.Request" representing the +// client's request for the ListAutomationRules operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAutomationRules for more information on using the ListAutomationRules +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListAutomationRulesRequest method. +// req, resp := client.ListAutomationRulesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListAutomationRules +func (c *SecurityHub) ListAutomationRulesRequest(input *ListAutomationRulesInput) (req *request.Request, output *ListAutomationRulesOutput) { + op := &request.Operation{ + Name: opListAutomationRules, + HTTPMethod: "GET", + HTTPPath: "/automationrules/list", + } + + if input == nil { + input = &ListAutomationRulesInput{} + } + + output = &ListAutomationRulesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListAutomationRules API operation for AWS SecurityHub. +// +// A list of automation rules and their metadata for the calling account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SecurityHub's +// API operation ListAutomationRules for usage and error information. +// +// Returned Error Types: +// +// - AccessDeniedException +// You don't have permission to perform the action specified in the request. +// +// - InternalException +// Internal server error. +// +// - InvalidAccessException +// The account doesn't have permission to perform this action. +// +// - InvalidInputException +// The request was rejected because you supplied an invalid or out-of-range +// value for an input parameter. +// +// - LimitExceededException +// The request was rejected because it attempted to create resources beyond +// the current Amazon Web Services account or throttling limits. The error code +// describes the limit exceeded. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListAutomationRules +func (c *SecurityHub) ListAutomationRules(input *ListAutomationRulesInput) (*ListAutomationRulesOutput, error) { + req, out := c.ListAutomationRulesRequest(input) + return out, req.Send() +} + +// ListAutomationRulesWithContext is the same as ListAutomationRules with the addition of +// the ability to pass a context and additional request options. +// +// See ListAutomationRules for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecurityHub) ListAutomationRulesWithContext(ctx aws.Context, input *ListAutomationRulesInput, opts ...request.Option) (*ListAutomationRulesOutput, error) { + req, out := c.ListAutomationRulesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListEnabledProductsForImport = "ListEnabledProductsForImport" // ListEnabledProductsForImportRequest generates a "aws/request.Request" representing the @@ -7812,6 +8287,853 @@ func (s *AssociationStateDetails) SetStatusMessage(v string) *AssociationStateDe return s } +// One or more actions to update finding fields if a finding matches the defined +// criteria of the rule. +type AutomationRulesAction struct { + _ struct{} `type:"structure"` + + // Specifies that the automation rule action is an update to a finding field. + FindingFieldsUpdate *AutomationRulesFindingFieldsUpdate `type:"structure"` + + // Specifies that the rule action should update the Types finding field. The + // Types finding field provides one or more finding types in the format of namespace/category/classifier + // that classify a finding. For more information, see Types taxonomy for ASFF + // (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) + // in the Security Hub User Guide. + Type *string `type:"string" enum:"AutomationRulesActionType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesAction) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesAction) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AutomationRulesAction) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AutomationRulesAction"} + if s.FindingFieldsUpdate != nil { + if err := s.FindingFieldsUpdate.Validate(); err != nil { + invalidParams.AddNested("FindingFieldsUpdate", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFindingFieldsUpdate sets the FindingFieldsUpdate field's value. +func (s *AutomationRulesAction) SetFindingFieldsUpdate(v *AutomationRulesFindingFieldsUpdate) *AutomationRulesAction { + s.FindingFieldsUpdate = v + return s +} + +// SetType sets the Type field's value. +func (s *AutomationRulesAction) SetType(v string) *AutomationRulesAction { + s.Type = &v + return s +} + +// Defines the configuration of an automation rule. +type AutomationRulesConfig struct { + _ struct{} `type:"structure"` + + // One or more actions to update finding fields if a finding matches the defined + // criteria of the rule. + Actions []*AutomationRulesAction `min:"1" type:"list"` + + // A timestamp that indicates when the rule was created. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + CreatedAt *time.Time `type:"timestamp" timestampFormat:"iso8601"` + + // The principal that created a rule. + CreatedBy *string `type:"string"` + + // A set of Amazon Web Services Security Finding Format (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) + // finding field attributes and corresponding expected values that Security + // Hub uses to filter findings. If a finding matches the conditions specified + // in this parameter, Security Hub applies the rule action to the finding. + Criteria *AutomationRulesFindingFilters `type:"structure"` + + // A description of the rule. + Description *string `type:"string"` + + // Specifies whether a rule is the last to be applied with respect to a finding + // that matches the rule criteria. This is useful when a finding matches the + // criteria for multiple rules, and each rule has different actions. If the + // value of this field is set to true for a rule, Security Hub applies the rule + // action to a finding that matches the rule criteria and won't evaluate other + // rules for the finding. The default value of this field is false. + IsTerminal *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) of a rule. + RuleArn *string `type:"string"` + + // The name of the rule. + RuleName *string `type:"string"` + + // An integer ranging from 1 to 1000 that represents the order in which the + // rule action is applied to findings. Security Hub applies rules with lower + // values for this parameter first. + RuleOrder *int64 `min:"1" type:"integer"` + + // Whether the rule is active after it is created. If this parameter is equal + // to >ENABLED, Security Hub will apply the rule to findings and finding updates + // after the rule is created. + RuleStatus *string `type:"string" enum:"RuleStatus"` + + // A timestamp that indicates when the rule was most recently updated. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + UpdatedAt *time.Time `type:"timestamp" timestampFormat:"iso8601"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesConfig) GoString() string { + return s.String() +} + +// SetActions sets the Actions field's value. +func (s *AutomationRulesConfig) SetActions(v []*AutomationRulesAction) *AutomationRulesConfig { + s.Actions = v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *AutomationRulesConfig) SetCreatedAt(v time.Time) *AutomationRulesConfig { + s.CreatedAt = &v + return s +} + +// SetCreatedBy sets the CreatedBy field's value. +func (s *AutomationRulesConfig) SetCreatedBy(v string) *AutomationRulesConfig { + s.CreatedBy = &v + return s +} + +// SetCriteria sets the Criteria field's value. +func (s *AutomationRulesConfig) SetCriteria(v *AutomationRulesFindingFilters) *AutomationRulesConfig { + s.Criteria = v + return s +} + +// SetDescription sets the Description field's value. +func (s *AutomationRulesConfig) SetDescription(v string) *AutomationRulesConfig { + s.Description = &v + return s +} + +// SetIsTerminal sets the IsTerminal field's value. +func (s *AutomationRulesConfig) SetIsTerminal(v bool) *AutomationRulesConfig { + s.IsTerminal = &v + return s +} + +// SetRuleArn sets the RuleArn field's value. +func (s *AutomationRulesConfig) SetRuleArn(v string) *AutomationRulesConfig { + s.RuleArn = &v + return s +} + +// SetRuleName sets the RuleName field's value. +func (s *AutomationRulesConfig) SetRuleName(v string) *AutomationRulesConfig { + s.RuleName = &v + return s +} + +// SetRuleOrder sets the RuleOrder field's value. +func (s *AutomationRulesConfig) SetRuleOrder(v int64) *AutomationRulesConfig { + s.RuleOrder = &v + return s +} + +// SetRuleStatus sets the RuleStatus field's value. +func (s *AutomationRulesConfig) SetRuleStatus(v string) *AutomationRulesConfig { + s.RuleStatus = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *AutomationRulesConfig) SetUpdatedAt(v time.Time) *AutomationRulesConfig { + s.UpdatedAt = &v + return s +} + +// Identifies the finding fields that the automation rule action will update +// when a finding matches the defined criteria. +type AutomationRulesFindingFieldsUpdate struct { + _ struct{} `type:"structure"` + + // The rule action will update the Confidence field of a finding. + Confidence *int64 `type:"integer"` + + // The rule action will update the Criticality field of a finding. + Criticality *int64 `type:"integer"` + + // The updated note. + Note *NoteUpdate `type:"structure"` + + // A list of findings that are related to a finding. + RelatedFindings []*RelatedFinding `type:"list"` + + // Updates to the severity information for a finding. + Severity *SeverityUpdate `type:"structure"` + + // The rule action will update the Types field of a finding. + Types []*string `type:"list"` + + // The rule action will update the UserDefinedFields field of a finding. + UserDefinedFields map[string]*string `type:"map"` + + // The rule action will update the VerificationState field of a finding. + VerificationState *string `type:"string" enum:"VerificationState"` + + // Used to update information about the investigation into the finding. + Workflow *WorkflowUpdate `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesFindingFieldsUpdate) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesFindingFieldsUpdate) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AutomationRulesFindingFieldsUpdate) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AutomationRulesFindingFieldsUpdate"} + if s.Note != nil { + if err := s.Note.Validate(); err != nil { + invalidParams.AddNested("Note", err.(request.ErrInvalidParams)) + } + } + if s.RelatedFindings != nil { + for i, v := range s.RelatedFindings { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RelatedFindings", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConfidence sets the Confidence field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetConfidence(v int64) *AutomationRulesFindingFieldsUpdate { + s.Confidence = &v + return s +} + +// SetCriticality sets the Criticality field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetCriticality(v int64) *AutomationRulesFindingFieldsUpdate { + s.Criticality = &v + return s +} + +// SetNote sets the Note field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetNote(v *NoteUpdate) *AutomationRulesFindingFieldsUpdate { + s.Note = v + return s +} + +// SetRelatedFindings sets the RelatedFindings field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetRelatedFindings(v []*RelatedFinding) *AutomationRulesFindingFieldsUpdate { + s.RelatedFindings = v + return s +} + +// SetSeverity sets the Severity field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetSeverity(v *SeverityUpdate) *AutomationRulesFindingFieldsUpdate { + s.Severity = v + return s +} + +// SetTypes sets the Types field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetTypes(v []*string) *AutomationRulesFindingFieldsUpdate { + s.Types = v + return s +} + +// SetUserDefinedFields sets the UserDefinedFields field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetUserDefinedFields(v map[string]*string) *AutomationRulesFindingFieldsUpdate { + s.UserDefinedFields = v + return s +} + +// SetVerificationState sets the VerificationState field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetVerificationState(v string) *AutomationRulesFindingFieldsUpdate { + s.VerificationState = &v + return s +} + +// SetWorkflow sets the Workflow field's value. +func (s *AutomationRulesFindingFieldsUpdate) SetWorkflow(v *WorkflowUpdate) *AutomationRulesFindingFieldsUpdate { + s.Workflow = v + return s +} + +// The criteria that determine which findings a rule applies to. +type AutomationRulesFindingFilters struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services account ID in which a finding was generated. + AwsAccountId []*StringFilter `type:"list"` + + // The name of the company for the product that generated the finding. For control-based + // findings, the company is Amazon Web Services. + CompanyName []*StringFilter `type:"list"` + + // The unique identifier of a standard in which a control is enabled. This field + // consists of the resource portion of the Amazon Resource Name (ARN) returned + // for a standard in the DescribeStandards (https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) + // API response. + ComplianceAssociatedStandardsId []*StringFilter `type:"list"` + + // The security control ID for which a finding was generated. Security control + // IDs are the same across standards. + ComplianceSecurityControlId []*StringFilter `type:"list"` + + // The result of a security check. This field is only used for findings generated + // from controls. + ComplianceStatus []*StringFilter `type:"list"` + + // The likelihood that a finding accurately identifies the behavior or issue + // that it was intended to identify. Confidence is scored on a 0–100 basis + // using a ratio scale. A value of 0 means 0 percent confidence, and a value + // of 100 means 100 percent confidence. For example, a data exfiltration detection + // based on a statistical deviation of network traffic has low confidence because + // an actual exfiltration hasn't been verified. For more information, see Confidence + // (https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) + // in the Security Hub User Guide. + Confidence []*NumberFilter `type:"list"` + + // A timestamp that indicates when this finding record was created. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + CreatedAt []*DateFilter `type:"list"` + + // The level of importance that is assigned to the resources that are associated + // with a finding. Criticality is scored on a 0–100 basis, using a ratio scale + // that supports only full integers. A score of 0 means that the underlying + // resources have no criticality, and a score of 100 is reserved for the most + // critical resources. For more information, see Criticality (https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) + // in the Security Hub User Guide. + Criticality []*NumberFilter `type:"list"` + + // A finding's description. + Description []*StringFilter `type:"list"` + + // A timestamp that indicates when the potential security issue captured by + // a finding was first observed by the security findings product. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + FirstObservedAt []*DateFilter `type:"list"` + + // The identifier for the solution-specific component that generated a finding. + GeneratorId []*StringFilter `type:"list"` + + // The product-specific identifier for a finding. + Id []*StringFilter `type:"list"` + + // A timestamp that indicates when the potential security issue captured by + // a finding was most recently observed by the security findings product. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + LastObservedAt []*DateFilter `type:"list"` + + // The text of a user-defined note that's added to a finding. + NoteText []*StringFilter `type:"list"` + + // The timestamp of when the note was updated. Uses the date-time format specified + // in RFC 3339 section 5.6, Internet Date/Time Format (https://www.rfc-editor.org/rfc/rfc3339#section-5.6). + // The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z. + NoteUpdatedAt []*DateFilter `type:"list"` + + // The principal that created a note. + NoteUpdatedBy []*StringFilter `type:"list"` + + // The Amazon Resource Name (ARN) for a third-party product that generated a + // finding in Security Hub. + ProductArn []*StringFilter `type:"list"` + + // Provides the name of the product that generated the finding. For control-based + // findings, the product name is Security Hub. + ProductName []*StringFilter `type:"list"` + + // Provides the current state of a finding. + RecordState []*StringFilter `type:"list"` + + // The product-generated identifier for a related finding. + RelatedFindingsId []*StringFilter `type:"list"` + + // The ARN for the product that generated a related finding. + RelatedFindingsProductArn []*StringFilter `type:"list"` + + // Custom fields and values about the resource that a finding pertains to. + ResourceDetailsOther []*MapFilter `type:"list"` + + // The identifier for the given resource type. For Amazon Web Services resources + // that are identified by Amazon Resource Names (ARNs), this is the ARN. For + // Amazon Web Services resources that lack ARNs, this is the identifier as defined + // by the Amazon Web Service that created the resource. For non-Amazon Web Services + // resources, this is a unique identifier that is associated with the resource. + ResourceId []*StringFilter `type:"list"` + + // The partition in which the resource that the finding pertains to is located. + // A partition is a group of Amazon Web Services Regions. Each Amazon Web Services + // account is scoped to one partition. + ResourcePartition []*StringFilter `type:"list"` + + // The Amazon Web Services Region where the resource that a finding pertains + // to is located. + ResourceRegion []*StringFilter `type:"list"` + + // A list of Amazon Web Services tags associated with a resource at the time + // the finding was processed. + ResourceTags []*MapFilter `type:"list"` + + // The type of resource that the finding pertains to. + ResourceType []*StringFilter `type:"list"` + + // The severity value of the finding. + SeverityLabel []*StringFilter `type:"list"` + + // Provides a URL that links to a page about the current finding in the finding + // product. + SourceUrl []*StringFilter `type:"list"` + + // A finding's title. + Title []*StringFilter `type:"list"` + + // One or more finding types in the format of namespace/category/classifier + // that classify a finding. For a list of namespaces, classifiers, and categories, + // see Types taxonomy for ASFF (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) + // in the Security Hub User Guide. + Type []*StringFilter `type:"list"` + + // A timestamp that indicates when the finding record was most recently updated. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + UpdatedAt []*DateFilter `type:"list"` + + // A list of user-defined name and value string pairs added to a finding. + UserDefinedFields []*MapFilter `type:"list"` + + // Provides the veracity of a finding. + VerificationState []*StringFilter `type:"list"` + + // Provides information about the status of the investigation into a finding. + WorkflowStatus []*StringFilter `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesFindingFilters) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesFindingFilters) GoString() string { + return s.String() +} + +// SetAwsAccountId sets the AwsAccountId field's value. +func (s *AutomationRulesFindingFilters) SetAwsAccountId(v []*StringFilter) *AutomationRulesFindingFilters { + s.AwsAccountId = v + return s +} + +// SetCompanyName sets the CompanyName field's value. +func (s *AutomationRulesFindingFilters) SetCompanyName(v []*StringFilter) *AutomationRulesFindingFilters { + s.CompanyName = v + return s +} + +// SetComplianceAssociatedStandardsId sets the ComplianceAssociatedStandardsId field's value. +func (s *AutomationRulesFindingFilters) SetComplianceAssociatedStandardsId(v []*StringFilter) *AutomationRulesFindingFilters { + s.ComplianceAssociatedStandardsId = v + return s +} + +// SetComplianceSecurityControlId sets the ComplianceSecurityControlId field's value. +func (s *AutomationRulesFindingFilters) SetComplianceSecurityControlId(v []*StringFilter) *AutomationRulesFindingFilters { + s.ComplianceSecurityControlId = v + return s +} + +// SetComplianceStatus sets the ComplianceStatus field's value. +func (s *AutomationRulesFindingFilters) SetComplianceStatus(v []*StringFilter) *AutomationRulesFindingFilters { + s.ComplianceStatus = v + return s +} + +// SetConfidence sets the Confidence field's value. +func (s *AutomationRulesFindingFilters) SetConfidence(v []*NumberFilter) *AutomationRulesFindingFilters { + s.Confidence = v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *AutomationRulesFindingFilters) SetCreatedAt(v []*DateFilter) *AutomationRulesFindingFilters { + s.CreatedAt = v + return s +} + +// SetCriticality sets the Criticality field's value. +func (s *AutomationRulesFindingFilters) SetCriticality(v []*NumberFilter) *AutomationRulesFindingFilters { + s.Criticality = v + return s +} + +// SetDescription sets the Description field's value. +func (s *AutomationRulesFindingFilters) SetDescription(v []*StringFilter) *AutomationRulesFindingFilters { + s.Description = v + return s +} + +// SetFirstObservedAt sets the FirstObservedAt field's value. +func (s *AutomationRulesFindingFilters) SetFirstObservedAt(v []*DateFilter) *AutomationRulesFindingFilters { + s.FirstObservedAt = v + return s +} + +// SetGeneratorId sets the GeneratorId field's value. +func (s *AutomationRulesFindingFilters) SetGeneratorId(v []*StringFilter) *AutomationRulesFindingFilters { + s.GeneratorId = v + return s +} + +// SetId sets the Id field's value. +func (s *AutomationRulesFindingFilters) SetId(v []*StringFilter) *AutomationRulesFindingFilters { + s.Id = v + return s +} + +// SetLastObservedAt sets the LastObservedAt field's value. +func (s *AutomationRulesFindingFilters) SetLastObservedAt(v []*DateFilter) *AutomationRulesFindingFilters { + s.LastObservedAt = v + return s +} + +// SetNoteText sets the NoteText field's value. +func (s *AutomationRulesFindingFilters) SetNoteText(v []*StringFilter) *AutomationRulesFindingFilters { + s.NoteText = v + return s +} + +// SetNoteUpdatedAt sets the NoteUpdatedAt field's value. +func (s *AutomationRulesFindingFilters) SetNoteUpdatedAt(v []*DateFilter) *AutomationRulesFindingFilters { + s.NoteUpdatedAt = v + return s +} + +// SetNoteUpdatedBy sets the NoteUpdatedBy field's value. +func (s *AutomationRulesFindingFilters) SetNoteUpdatedBy(v []*StringFilter) *AutomationRulesFindingFilters { + s.NoteUpdatedBy = v + return s +} + +// SetProductArn sets the ProductArn field's value. +func (s *AutomationRulesFindingFilters) SetProductArn(v []*StringFilter) *AutomationRulesFindingFilters { + s.ProductArn = v + return s +} + +// SetProductName sets the ProductName field's value. +func (s *AutomationRulesFindingFilters) SetProductName(v []*StringFilter) *AutomationRulesFindingFilters { + s.ProductName = v + return s +} + +// SetRecordState sets the RecordState field's value. +func (s *AutomationRulesFindingFilters) SetRecordState(v []*StringFilter) *AutomationRulesFindingFilters { + s.RecordState = v + return s +} + +// SetRelatedFindingsId sets the RelatedFindingsId field's value. +func (s *AutomationRulesFindingFilters) SetRelatedFindingsId(v []*StringFilter) *AutomationRulesFindingFilters { + s.RelatedFindingsId = v + return s +} + +// SetRelatedFindingsProductArn sets the RelatedFindingsProductArn field's value. +func (s *AutomationRulesFindingFilters) SetRelatedFindingsProductArn(v []*StringFilter) *AutomationRulesFindingFilters { + s.RelatedFindingsProductArn = v + return s +} + +// SetResourceDetailsOther sets the ResourceDetailsOther field's value. +func (s *AutomationRulesFindingFilters) SetResourceDetailsOther(v []*MapFilter) *AutomationRulesFindingFilters { + s.ResourceDetailsOther = v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *AutomationRulesFindingFilters) SetResourceId(v []*StringFilter) *AutomationRulesFindingFilters { + s.ResourceId = v + return s +} + +// SetResourcePartition sets the ResourcePartition field's value. +func (s *AutomationRulesFindingFilters) SetResourcePartition(v []*StringFilter) *AutomationRulesFindingFilters { + s.ResourcePartition = v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *AutomationRulesFindingFilters) SetResourceRegion(v []*StringFilter) *AutomationRulesFindingFilters { + s.ResourceRegion = v + return s +} + +// SetResourceTags sets the ResourceTags field's value. +func (s *AutomationRulesFindingFilters) SetResourceTags(v []*MapFilter) *AutomationRulesFindingFilters { + s.ResourceTags = v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *AutomationRulesFindingFilters) SetResourceType(v []*StringFilter) *AutomationRulesFindingFilters { + s.ResourceType = v + return s +} + +// SetSeverityLabel sets the SeverityLabel field's value. +func (s *AutomationRulesFindingFilters) SetSeverityLabel(v []*StringFilter) *AutomationRulesFindingFilters { + s.SeverityLabel = v + return s +} + +// SetSourceUrl sets the SourceUrl field's value. +func (s *AutomationRulesFindingFilters) SetSourceUrl(v []*StringFilter) *AutomationRulesFindingFilters { + s.SourceUrl = v + return s +} + +// SetTitle sets the Title field's value. +func (s *AutomationRulesFindingFilters) SetTitle(v []*StringFilter) *AutomationRulesFindingFilters { + s.Title = v + return s +} + +// SetType sets the Type field's value. +func (s *AutomationRulesFindingFilters) SetType(v []*StringFilter) *AutomationRulesFindingFilters { + s.Type = v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *AutomationRulesFindingFilters) SetUpdatedAt(v []*DateFilter) *AutomationRulesFindingFilters { + s.UpdatedAt = v + return s +} + +// SetUserDefinedFields sets the UserDefinedFields field's value. +func (s *AutomationRulesFindingFilters) SetUserDefinedFields(v []*MapFilter) *AutomationRulesFindingFilters { + s.UserDefinedFields = v + return s +} + +// SetVerificationState sets the VerificationState field's value. +func (s *AutomationRulesFindingFilters) SetVerificationState(v []*StringFilter) *AutomationRulesFindingFilters { + s.VerificationState = v + return s +} + +// SetWorkflowStatus sets the WorkflowStatus field's value. +func (s *AutomationRulesFindingFilters) SetWorkflowStatus(v []*StringFilter) *AutomationRulesFindingFilters { + s.WorkflowStatus = v + return s +} + +// Metadata for automation rules in the calling account. The response includes +// rules with a RuleStatus of ENABLED and DISABLED. +type AutomationRulesMetadata struct { + _ struct{} `type:"structure"` + + // A timestamp that indicates when the rule was created. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + CreatedAt *time.Time `type:"timestamp" timestampFormat:"iso8601"` + + // The principal that created a rule. + CreatedBy *string `type:"string"` + + // A description of the rule. + Description *string `type:"string"` + + // Specifies whether a rule is the last to be applied with respect to a finding + // that matches the rule criteria. This is useful when a finding matches the + // criteria for multiple rules, and each rule has different actions. If the + // value of this field is set to true for a rule, Security Hub applies the rule + // action to a finding that matches the rule criteria and won't evaluate other + // rules for the finding. The default value of this field is false. + IsTerminal *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) for the rule. + RuleArn *string `type:"string"` + + // The name of the rule. + RuleName *string `type:"string"` + + // An integer ranging from 1 to 1000 that represents the order in which the + // rule action is applied to findings. Security Hub applies rules with lower + // values for this parameter first. + RuleOrder *int64 `min:"1" type:"integer"` + + // Whether the rule is active after it is created. If this parameter is equal + // to ENABLED, Security Hub will apply the rule to findings and finding updates + // after the rule is created. To change the value of this parameter after creating + // a rule, use BatchUpdateAutomationRules. + RuleStatus *string `type:"string" enum:"RuleStatus"` + + // A timestamp that indicates when the rule was most recently updated. + // + // Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time + // Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot + // contain spaces. For example, 2020-03-22T13:22:13.933Z. + UpdatedAt *time.Time `type:"timestamp" timestampFormat:"iso8601"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesMetadata) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutomationRulesMetadata) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *AutomationRulesMetadata) SetCreatedAt(v time.Time) *AutomationRulesMetadata { + s.CreatedAt = &v + return s +} + +// SetCreatedBy sets the CreatedBy field's value. +func (s *AutomationRulesMetadata) SetCreatedBy(v string) *AutomationRulesMetadata { + s.CreatedBy = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *AutomationRulesMetadata) SetDescription(v string) *AutomationRulesMetadata { + s.Description = &v + return s +} + +// SetIsTerminal sets the IsTerminal field's value. +func (s *AutomationRulesMetadata) SetIsTerminal(v bool) *AutomationRulesMetadata { + s.IsTerminal = &v + return s +} + +// SetRuleArn sets the RuleArn field's value. +func (s *AutomationRulesMetadata) SetRuleArn(v string) *AutomationRulesMetadata { + s.RuleArn = &v + return s +} + +// SetRuleName sets the RuleName field's value. +func (s *AutomationRulesMetadata) SetRuleName(v string) *AutomationRulesMetadata { + s.RuleName = &v + return s +} + +// SetRuleOrder sets the RuleOrder field's value. +func (s *AutomationRulesMetadata) SetRuleOrder(v int64) *AutomationRulesMetadata { + s.RuleOrder = &v + return s +} + +// SetRuleStatus sets the RuleStatus field's value. +func (s *AutomationRulesMetadata) SetRuleStatus(v string) *AutomationRulesMetadata { + s.RuleStatus = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *AutomationRulesMetadata) SetUpdatedAt(v time.Time) *AutomationRulesMetadata { + s.UpdatedAt = &v + return s +} + // Information about an Availability Zone. type AvailabilityZone struct { _ struct{} `type:"structure"` @@ -41370,6 +42692,96 @@ func (s *AwsXrayEncryptionConfigDetails) SetType(v string) *AwsXrayEncryptionCon return s } +type BatchDeleteAutomationRulesInput struct { + _ struct{} `type:"structure"` + + // A list of Amazon Resource Names (ARNs) for the rules that are to be deleted. + // + // AutomationRulesArns is a required field + AutomationRulesArns []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchDeleteAutomationRulesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchDeleteAutomationRulesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchDeleteAutomationRulesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchDeleteAutomationRulesInput"} + if s.AutomationRulesArns == nil { + invalidParams.Add(request.NewErrParamRequired("AutomationRulesArns")) + } + if s.AutomationRulesArns != nil && len(s.AutomationRulesArns) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AutomationRulesArns", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutomationRulesArns sets the AutomationRulesArns field's value. +func (s *BatchDeleteAutomationRulesInput) SetAutomationRulesArns(v []*string) *BatchDeleteAutomationRulesInput { + s.AutomationRulesArns = v + return s +} + +type BatchDeleteAutomationRulesOutput struct { + _ struct{} `type:"structure"` + + // A list of properly processed rule ARNs. + ProcessedAutomationRules []*string `min:"1" type:"list"` + + // A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter + // tells you which automation rules the request didn't delete and why. + UnprocessedAutomationRules []*UnprocessedAutomationRule `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchDeleteAutomationRulesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchDeleteAutomationRulesOutput) GoString() string { + return s.String() +} + +// SetProcessedAutomationRules sets the ProcessedAutomationRules field's value. +func (s *BatchDeleteAutomationRulesOutput) SetProcessedAutomationRules(v []*string) *BatchDeleteAutomationRulesOutput { + s.ProcessedAutomationRules = v + return s +} + +// SetUnprocessedAutomationRules sets the UnprocessedAutomationRules field's value. +func (s *BatchDeleteAutomationRulesOutput) SetUnprocessedAutomationRules(v []*UnprocessedAutomationRule) *BatchDeleteAutomationRulesOutput { + s.UnprocessedAutomationRules = v + return s +} + type BatchDisableStandardsInput struct { _ struct{} `type:"structure"` @@ -41540,6 +42952,96 @@ func (s *BatchEnableStandardsOutput) SetStandardsSubscriptions(v []*StandardsSub return s } +type BatchGetAutomationRulesInput struct { + _ struct{} `type:"structure"` + + // A list of rule ARNs to get details for. + // + // AutomationRulesArns is a required field + AutomationRulesArns []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetAutomationRulesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetAutomationRulesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchGetAutomationRulesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchGetAutomationRulesInput"} + if s.AutomationRulesArns == nil { + invalidParams.Add(request.NewErrParamRequired("AutomationRulesArns")) + } + if s.AutomationRulesArns != nil && len(s.AutomationRulesArns) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AutomationRulesArns", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutomationRulesArns sets the AutomationRulesArns field's value. +func (s *BatchGetAutomationRulesInput) SetAutomationRulesArns(v []*string) *BatchGetAutomationRulesInput { + s.AutomationRulesArns = v + return s +} + +type BatchGetAutomationRulesOutput struct { + _ struct{} `type:"structure"` + + // A list of rule details for the provided rule ARNs. + Rules []*AutomationRulesConfig `type:"list"` + + // A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter + // tells you which automation rules the request didn't retrieve and why. + UnprocessedAutomationRules []*UnprocessedAutomationRule `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetAutomationRulesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetAutomationRulesOutput) GoString() string { + return s.String() +} + +// SetRules sets the Rules field's value. +func (s *BatchGetAutomationRulesOutput) SetRules(v []*AutomationRulesConfig) *BatchGetAutomationRulesOutput { + s.Rules = v + return s +} + +// SetUnprocessedAutomationRules sets the UnprocessedAutomationRules field's value. +func (s *BatchGetAutomationRulesOutput) SetUnprocessedAutomationRules(v []*UnprocessedAutomationRule) *BatchGetAutomationRulesOutput { + s.UnprocessedAutomationRules = v + return s +} + type BatchGetSecurityControlsInput struct { _ struct{} `type:"structure"` @@ -41852,6 +43354,107 @@ func (s *BatchImportFindingsOutput) SetSuccessCount(v int64) *BatchImportFinding return s } +type BatchUpdateAutomationRulesInput struct { + _ struct{} `type:"structure"` + + // An array of ARNs for the rules that are to be updated. Optionally, you can + // also include RuleStatus and RuleOrder. + // + // UpdateAutomationRulesRequestItems is a required field + UpdateAutomationRulesRequestItems []*UpdateAutomationRulesRequestItem `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchUpdateAutomationRulesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchUpdateAutomationRulesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchUpdateAutomationRulesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchUpdateAutomationRulesInput"} + if s.UpdateAutomationRulesRequestItems == nil { + invalidParams.Add(request.NewErrParamRequired("UpdateAutomationRulesRequestItems")) + } + if s.UpdateAutomationRulesRequestItems != nil && len(s.UpdateAutomationRulesRequestItems) < 1 { + invalidParams.Add(request.NewErrParamMinLen("UpdateAutomationRulesRequestItems", 1)) + } + if s.UpdateAutomationRulesRequestItems != nil { + for i, v := range s.UpdateAutomationRulesRequestItems { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "UpdateAutomationRulesRequestItems", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetUpdateAutomationRulesRequestItems sets the UpdateAutomationRulesRequestItems field's value. +func (s *BatchUpdateAutomationRulesInput) SetUpdateAutomationRulesRequestItems(v []*UpdateAutomationRulesRequestItem) *BatchUpdateAutomationRulesInput { + s.UpdateAutomationRulesRequestItems = v + return s +} + +type BatchUpdateAutomationRulesOutput struct { + _ struct{} `type:"structure"` + + // A list of properly processed rule ARNs. + ProcessedAutomationRules []*string `min:"1" type:"list"` + + // A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter + // tells you which automation rules the request didn't update and why. + UnprocessedAutomationRules []*UnprocessedAutomationRule `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchUpdateAutomationRulesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchUpdateAutomationRulesOutput) GoString() string { + return s.String() +} + +// SetProcessedAutomationRules sets the ProcessedAutomationRules field's value. +func (s *BatchUpdateAutomationRulesOutput) SetProcessedAutomationRules(v []*string) *BatchUpdateAutomationRulesOutput { + s.ProcessedAutomationRules = v + return s +} + +// SetUnprocessedAutomationRules sets the UnprocessedAutomationRules field's value. +func (s *BatchUpdateAutomationRulesOutput) SetUnprocessedAutomationRules(v []*UnprocessedAutomationRule) *BatchUpdateAutomationRulesOutput { + s.UnprocessedAutomationRules = v + return s +} + type BatchUpdateFindingsInput struct { _ struct{} `type:"structure"` @@ -42915,6 +44518,199 @@ func (s *CreateActionTargetOutput) SetActionTargetArn(v string) *CreateActionTar return s } +type CreateAutomationRuleInput struct { + _ struct{} `type:"structure"` + + // One or more actions to update finding fields if a finding matches the conditions + // specified in Criteria. + // + // Actions is a required field + Actions []*AutomationRulesAction `min:"1" type:"list" required:"true"` + + // A set of ASFF finding field attributes and corresponding expected values + // that Security Hub uses to filter findings. If a finding matches the conditions + // specified in this parameter, Security Hub applies the rule action to the + // finding. + // + // Criteria is a required field + Criteria *AutomationRulesFindingFilters `type:"structure" required:"true"` + + // A description of the rule. + // + // Description is a required field + Description *string `type:"string" required:"true"` + + // Specifies whether a rule is the last to be applied with respect to a finding + // that matches the rule criteria. This is useful when a finding matches the + // criteria for multiple rules, and each rule has different actions. If the + // value of this field is set to true for a rule, Security Hub applies the rule + // action to a finding that matches the rule criteria and won't evaluate other + // rules for the finding. The default value of this field is false. + IsTerminal *bool `type:"boolean"` + + // The name of the rule. + // + // RuleName is a required field + RuleName *string `type:"string" required:"true"` + + // An integer ranging from 1 to 1000 that represents the order in which the + // rule action is applied to findings. Security Hub applies rules with lower + // values for this parameter first. + // + // RuleOrder is a required field + RuleOrder *int64 `min:"1" type:"integer" required:"true"` + + // Whether the rule is active after it is created. If this parameter is equal + // to Enabled, Security Hub will apply the rule to findings and finding updates + // after the rule is created. To change the value of this parameter after creating + // a rule, use BatchUpdateAutomationRules. + RuleStatus *string `type:"string" enum:"RuleStatus"` + + // User-defined tags that help you label the purpose of a rule. + Tags map[string]*string `min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAutomationRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAutomationRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateAutomationRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateAutomationRuleInput"} + if s.Actions == nil { + invalidParams.Add(request.NewErrParamRequired("Actions")) + } + if s.Actions != nil && len(s.Actions) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Actions", 1)) + } + if s.Criteria == nil { + invalidParams.Add(request.NewErrParamRequired("Criteria")) + } + if s.Description == nil { + invalidParams.Add(request.NewErrParamRequired("Description")) + } + if s.RuleName == nil { + invalidParams.Add(request.NewErrParamRequired("RuleName")) + } + if s.RuleOrder == nil { + invalidParams.Add(request.NewErrParamRequired("RuleOrder")) + } + if s.RuleOrder != nil && *s.RuleOrder < 1 { + invalidParams.Add(request.NewErrParamMinValue("RuleOrder", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.Actions != nil { + for i, v := range s.Actions { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Actions", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetActions sets the Actions field's value. +func (s *CreateAutomationRuleInput) SetActions(v []*AutomationRulesAction) *CreateAutomationRuleInput { + s.Actions = v + return s +} + +// SetCriteria sets the Criteria field's value. +func (s *CreateAutomationRuleInput) SetCriteria(v *AutomationRulesFindingFilters) *CreateAutomationRuleInput { + s.Criteria = v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateAutomationRuleInput) SetDescription(v string) *CreateAutomationRuleInput { + s.Description = &v + return s +} + +// SetIsTerminal sets the IsTerminal field's value. +func (s *CreateAutomationRuleInput) SetIsTerminal(v bool) *CreateAutomationRuleInput { + s.IsTerminal = &v + return s +} + +// SetRuleName sets the RuleName field's value. +func (s *CreateAutomationRuleInput) SetRuleName(v string) *CreateAutomationRuleInput { + s.RuleName = &v + return s +} + +// SetRuleOrder sets the RuleOrder field's value. +func (s *CreateAutomationRuleInput) SetRuleOrder(v int64) *CreateAutomationRuleInput { + s.RuleOrder = &v + return s +} + +// SetRuleStatus sets the RuleStatus field's value. +func (s *CreateAutomationRuleInput) SetRuleStatus(v string) *CreateAutomationRuleInput { + s.RuleStatus = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateAutomationRuleInput) SetTags(v map[string]*string) *CreateAutomationRuleInput { + s.Tags = v + return s +} + +type CreateAutomationRuleOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the automation rule that you created. + RuleArn *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAutomationRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAutomationRuleOutput) GoString() string { + return s.String() +} + +// SetRuleArn sets the RuleArn field's value. +func (s *CreateAutomationRuleOutput) SetRuleArn(v string) *CreateAutomationRuleOutput { + s.RuleArn = &v + return s +} + type CreateFindingAggregatorInput struct { _ struct{} `type:"structure"` @@ -47777,6 +49573,103 @@ func (s *LimitExceededException) RequestID() string { return s.RespMetadata.RequestID } +type ListAutomationRulesInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of rules to return in the response. This currently ranges + // from 1 to 100. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + + // A token to specify where to start paginating the response. This is the NextToken + // from a previously truncated response. On your first call to the ListAutomationRules + // API, set the value of this parameter to NULL. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAutomationRulesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAutomationRulesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAutomationRulesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAutomationRulesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAutomationRulesInput) SetMaxResults(v int64) *ListAutomationRulesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAutomationRulesInput) SetNextToken(v string) *ListAutomationRulesInput { + s.NextToken = &v + return s +} + +type ListAutomationRulesOutput struct { + _ struct{} `type:"structure"` + + // Metadata for rules in the calling account. The response includes rules with + // a RuleStatus of ENABLED and DISABLED. + AutomationRulesMetadata []*AutomationRulesMetadata `type:"list"` + + // A pagination token for the response. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAutomationRulesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAutomationRulesOutput) GoString() string { + return s.String() +} + +// SetAutomationRulesMetadata sets the AutomationRulesMetadata field's value. +func (s *ListAutomationRulesOutput) SetAutomationRulesMetadata(v []*AutomationRulesMetadata) *ListAutomationRulesOutput { + s.AutomationRulesMetadata = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAutomationRulesOutput) SetNextToken(v string) *ListAutomationRulesOutput { + s.NextToken = &v + return s +} + type ListEnabledProductsForImportInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -54592,6 +56485,57 @@ func (s *ThreatIntelIndicator) SetValue(v string) *ThreatIntelIndicator { return s } +// A list of objects containing RuleArn, ErrorCode, and ErrorMessage. This parameter +// tells you which automation rules the request didn't process and why. +type UnprocessedAutomationRule struct { + _ struct{} `type:"structure"` + + // The error code associated with the unprocessed automation rule. + ErrorCode *int64 `type:"integer"` + + // An error message describing why a request didn't process a specific rule. + ErrorMessage *string `type:"string"` + + // The Amazon Resource Name (ARN) for the unprocessed automation rule. + RuleArn *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnprocessedAutomationRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnprocessedAutomationRule) GoString() string { + return s.String() +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *UnprocessedAutomationRule) SetErrorCode(v int64) *UnprocessedAutomationRule { + s.ErrorCode = &v + return s +} + +// SetErrorMessage sets the ErrorMessage field's value. +func (s *UnprocessedAutomationRule) SetErrorMessage(v string) *UnprocessedAutomationRule { + s.ErrorMessage = &v + return s +} + +// SetRuleArn sets the RuleArn field's value. +func (s *UnprocessedAutomationRule) SetRuleArn(v string) *UnprocessedAutomationRule { + s.RuleArn = &v + return s +} + // Provides details about a security control for which a response couldn't be // returned. type UnprocessedSecurityControl struct { @@ -54948,6 +56892,146 @@ func (s UpdateActionTargetOutput) GoString() string { return s.String() } +// Specifies the parameters to update in an existing automation rule. +type UpdateAutomationRulesRequestItem struct { + _ struct{} `type:"structure"` + + // One or more actions to update finding fields if a finding matches the conditions + // specified in Criteria. + Actions []*AutomationRulesAction `min:"1" type:"list"` + + // A set of ASFF finding field attributes and corresponding expected values + // that Security Hub uses to filter findings. If a finding matches the conditions + // specified in this parameter, Security Hub applies the rule action to the + // finding. + Criteria *AutomationRulesFindingFilters `type:"structure"` + + // A description of the rule. + Description *string `type:"string"` + + // Specifies whether a rule is the last to be applied with respect to a finding + // that matches the rule criteria. This is useful when a finding matches the + // criteria for multiple rules, and each rule has different actions. If the + // value of this field is set to true for a rule, Security Hub applies the rule + // action to a finding that matches the rule criteria and won't evaluate other + // rules for the finding. The default value of this field is false. + IsTerminal *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) for the rule. + // + // RuleArn is a required field + RuleArn *string `type:"string" required:"true"` + + // The name of the rule. + RuleName *string `type:"string"` + + // An integer ranging from 1 to 1000 that represents the order in which the + // rule action is applied to findings. Security Hub applies rules with lower + // values for this parameter first. + RuleOrder *int64 `min:"1" type:"integer"` + + // Whether the rule is active after it is created. If this parameter is equal + // to ENABLED, Security Hub will apply the rule to findings and finding updates + // after the rule is created. To change the value of this parameter after creating + // a rule, use BatchUpdateAutomationRules. + RuleStatus *string `type:"string" enum:"RuleStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAutomationRulesRequestItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAutomationRulesRequestItem) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateAutomationRulesRequestItem) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateAutomationRulesRequestItem"} + if s.Actions != nil && len(s.Actions) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Actions", 1)) + } + if s.RuleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RuleArn")) + } + if s.RuleOrder != nil && *s.RuleOrder < 1 { + invalidParams.Add(request.NewErrParamMinValue("RuleOrder", 1)) + } + if s.Actions != nil { + for i, v := range s.Actions { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Actions", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetActions sets the Actions field's value. +func (s *UpdateAutomationRulesRequestItem) SetActions(v []*AutomationRulesAction) *UpdateAutomationRulesRequestItem { + s.Actions = v + return s +} + +// SetCriteria sets the Criteria field's value. +func (s *UpdateAutomationRulesRequestItem) SetCriteria(v *AutomationRulesFindingFilters) *UpdateAutomationRulesRequestItem { + s.Criteria = v + return s +} + +// SetDescription sets the Description field's value. +func (s *UpdateAutomationRulesRequestItem) SetDescription(v string) *UpdateAutomationRulesRequestItem { + s.Description = &v + return s +} + +// SetIsTerminal sets the IsTerminal field's value. +func (s *UpdateAutomationRulesRequestItem) SetIsTerminal(v bool) *UpdateAutomationRulesRequestItem { + s.IsTerminal = &v + return s +} + +// SetRuleArn sets the RuleArn field's value. +func (s *UpdateAutomationRulesRequestItem) SetRuleArn(v string) *UpdateAutomationRulesRequestItem { + s.RuleArn = &v + return s +} + +// SetRuleName sets the RuleName field's value. +func (s *UpdateAutomationRulesRequestItem) SetRuleName(v string) *UpdateAutomationRulesRequestItem { + s.RuleName = &v + return s +} + +// SetRuleOrder sets the RuleOrder field's value. +func (s *UpdateAutomationRulesRequestItem) SetRuleOrder(v int64) *UpdateAutomationRulesRequestItem { + s.RuleOrder = &v + return s +} + +// SetRuleStatus sets the RuleStatus field's value. +func (s *UpdateAutomationRulesRequestItem) SetRuleStatus(v string) *UpdateAutomationRulesRequestItem { + s.RuleStatus = &v + return s +} + type UpdateFindingAggregatorInput struct { _ struct{} `type:"structure"` @@ -56177,6 +58261,18 @@ func AutoEnableStandards_Values() []string { } } +const ( + // AutomationRulesActionTypeFindingFieldsUpdate is a AutomationRulesActionType enum value + AutomationRulesActionTypeFindingFieldsUpdate = "FINDING_FIELDS_UPDATE" +) + +// AutomationRulesActionType_Values returns all elements of the AutomationRulesActionType enum +func AutomationRulesActionType_Values() []string { + return []string{ + AutomationRulesActionTypeFindingFieldsUpdate, + } +} + const ( // AwsIamAccessKeyStatusActive is a AwsIamAccessKeyStatus enum value AwsIamAccessKeyStatusActive = "Active" @@ -56485,6 +58581,22 @@ func RegionAvailabilityStatus_Values() []string { } } +const ( + // RuleStatusEnabled is a RuleStatus enum value + RuleStatusEnabled = "ENABLED" + + // RuleStatusDisabled is a RuleStatus enum value + RuleStatusDisabled = "DISABLED" +) + +// RuleStatus_Values returns all elements of the RuleStatus enum +func RuleStatus_Values() []string { + return []string{ + RuleStatusEnabled, + RuleStatusDisabled, + } +} + const ( // SeverityLabelInformational is a SeverityLabel enum value SeverityLabelInformational = "INFORMATIONAL" diff --git a/service/securityhub/examples_test.go b/service/securityhub/examples_test.go index 8a217e0dd29..4f039742d89 100644 --- a/service/securityhub/examples_test.go +++ b/service/securityhub/examples_test.go @@ -64,6 +64,45 @@ func ExampleSecurityHub_AcceptAdministratorInvitation_shared00() { fmt.Println(result) } +// To delete one or more automation rules +// The following example deletes the specified automation rules. +func ExampleSecurityHub_BatchDeleteAutomationRules_shared00() { + svc := securityhub.New(session.New()) + input := &securityhub.BatchDeleteAutomationRulesInput{ + AutomationRulesArns: []*string{ + aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"), + aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222"), + }, + } + + result, err := svc.BatchDeleteAutomationRules(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case securityhub.ErrCodeInternalException: + fmt.Println(securityhub.ErrCodeInternalException, aerr.Error()) + case securityhub.ErrCodeInvalidAccessException: + fmt.Println(securityhub.ErrCodeInvalidAccessException, aerr.Error()) + case securityhub.ErrCodeInvalidInputException: + fmt.Println(securityhub.ErrCodeInvalidInputException, aerr.Error()) + case securityhub.ErrCodeLimitExceededException: + fmt.Println(securityhub.ErrCodeLimitExceededException, aerr.Error()) + case securityhub.ErrCodeResourceNotFoundException: + fmt.Println(securityhub.ErrCodeResourceNotFoundException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // To disable one or more security standards // The following example disables a security standard in Security Hub. func ExampleSecurityHub_BatchDisableStandards_shared00() { @@ -139,6 +178,47 @@ func ExampleSecurityHub_BatchEnableStandards_shared00() { fmt.Println(result) } +// To update one ore more automation rules +// The following example updates the specified automation rules. +func ExampleSecurityHub_BatchGetAutomationRules_shared00() { + svc := securityhub.New(session.New()) + input := &securityhub.BatchGetAutomationRulesInput{ + AutomationRulesArns: []*string{ + aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"), + aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222"), + }, + } + + result, err := svc.BatchGetAutomationRules(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case securityhub.ErrCodeAccessDeniedException: + fmt.Println(securityhub.ErrCodeAccessDeniedException, aerr.Error()) + case securityhub.ErrCodeInternalException: + fmt.Println(securityhub.ErrCodeInternalException, aerr.Error()) + case securityhub.ErrCodeInvalidAccessException: + fmt.Println(securityhub.ErrCodeInvalidAccessException, aerr.Error()) + case securityhub.ErrCodeInvalidInputException: + fmt.Println(securityhub.ErrCodeInvalidInputException, aerr.Error()) + case securityhub.ErrCodeLimitExceededException: + fmt.Println(securityhub.ErrCodeLimitExceededException, aerr.Error()) + case securityhub.ErrCodeResourceNotFoundException: + fmt.Println(securityhub.ErrCodeResourceNotFoundException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // To get security control details // The following example gets details for the specified controls in the current AWS // account and AWS Region. @@ -284,6 +364,52 @@ func ExampleSecurityHub_BatchImportFindings_shared00() { fmt.Println(result) } +// To update one ore more automation rules +// The following example updates the specified automation rules. +func ExampleSecurityHub_BatchUpdateAutomationRules_shared00() { + svc := securityhub.New(session.New()) + input := &securityhub.BatchUpdateAutomationRulesInput{ + UpdateAutomationRulesRequestItems: []*securityhub.UpdateAutomationRulesRequestItem{ + { + RuleArn: aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"), + RuleOrder: aws.Int64(15), + RuleStatus: aws.String("ENABLED"), + }, + { + RuleArn: aws.String("arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222"), + RuleStatus: aws.String("DISABLED"), + }, + }, + } + + result, err := svc.BatchUpdateAutomationRules(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case securityhub.ErrCodeInternalException: + fmt.Println(securityhub.ErrCodeInternalException, aerr.Error()) + case securityhub.ErrCodeInvalidAccessException: + fmt.Println(securityhub.ErrCodeInvalidAccessException, aerr.Error()) + case securityhub.ErrCodeInvalidInputException: + fmt.Println(securityhub.ErrCodeInvalidInputException, aerr.Error()) + case securityhub.ErrCodeLimitExceededException: + fmt.Println(securityhub.ErrCodeLimitExceededException, aerr.Error()) + case securityhub.ErrCodeResourceNotFoundException: + fmt.Println(securityhub.ErrCodeResourceNotFoundException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // To update Security Hub findings // The following example updates Security Hub findings. The finding identifier parameter // specifies which findings to update. Only specific finding fields can be updated with @@ -442,6 +568,95 @@ func ExampleSecurityHub_CreateActionTarget_shared00() { fmt.Println(result) } +// To create an automation rule +// The following example creates an automation rule. +func ExampleSecurityHub_CreateAutomationRule_shared00() { + svc := securityhub.New(session.New()) + input := &securityhub.CreateAutomationRuleInput{ + Actions: []*securityhub.AutomationRulesAction{ + { + FindingFieldsUpdate: &securityhub.AutomationRulesFindingFieldsUpdate{ + Note: &securityhub.NoteUpdate{ + Text: aws.String("This is a critical S3 bucket, please look into this ASAP"), + UpdatedBy: aws.String("test-user"), + }, + Severity: &securityhub.SeverityUpdate{ + Label: aws.String("CRITICAL"), + }, + }, + Type: aws.String("FINDING_FIELDS_UPDATE"), + }, + }, + Criteria: &securityhub.AutomationRulesFindingFilters{ + ComplianceStatus: []*securityhub.StringFilter{ + { + Comparison: aws.String("EQUALS"), + Value: aws.String("FAILED"), + }, + }, + ProductName: []*securityhub.StringFilter{ + { + Comparison: aws.String("EQUALS"), + Value: aws.String("Security Hub"), + }, + }, + RecordState: []*securityhub.StringFilter{ + { + Comparison: aws.String("EQUALS"), + Value: aws.String("ACTIVE"), + }, + }, + ResourceId: []*securityhub.StringFilter{ + { + Comparison: aws.String("EQUALS"), + Value: aws.String("arn:aws:s3:::examplebucket/developers/design_info.doc"), + }, + }, + WorkflowStatus: []*securityhub.StringFilter{ + { + Comparison: aws.String("EQUALS"), + Value: aws.String("NEW"), + }, + }, + }, + Description: aws.String("Elevate finding severity to Critical for important resources"), + IsTerminal: aws.Bool(false), + RuleName: aws.String("Elevate severity for important resources"), + RuleOrder: aws.Int64(1), + RuleStatus: aws.String("ENABLED"), + Tags: map[string]*string{ + "important-resources-rule": aws.String("s3-bucket"), + }, + } + + result, err := svc.CreateAutomationRule(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case securityhub.ErrCodeAccessDeniedException: + fmt.Println(securityhub.ErrCodeAccessDeniedException, aerr.Error()) + case securityhub.ErrCodeInternalException: + fmt.Println(securityhub.ErrCodeInternalException, aerr.Error()) + case securityhub.ErrCodeInvalidAccessException: + fmt.Println(securityhub.ErrCodeInvalidAccessException, aerr.Error()) + case securityhub.ErrCodeInvalidInputException: + fmt.Println(securityhub.ErrCodeInvalidInputException, aerr.Error()) + case securityhub.ErrCodeLimitExceededException: + fmt.Println(securityhub.ErrCodeLimitExceededException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // To enable cross-Region aggregation // The following example creates a finding aggregator. This is required to enable cross-Region // aggregation. @@ -1710,6 +1925,43 @@ func ExampleSecurityHub_InviteMembers_shared00() { fmt.Println(result) } +// To list automation rules +// The following example lists automation rules and rule metadata in the calling account. +func ExampleSecurityHub_ListAutomationRules_shared00() { + svc := securityhub.New(session.New()) + input := &securityhub.ListAutomationRulesInput{ + MaxResults: aws.Int64(2), + NextToken: aws.String("example-token"), + } + + result, err := svc.ListAutomationRules(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case securityhub.ErrCodeAccessDeniedException: + fmt.Println(securityhub.ErrCodeAccessDeniedException, aerr.Error()) + case securityhub.ErrCodeInternalException: + fmt.Println(securityhub.ErrCodeInternalException, aerr.Error()) + case securityhub.ErrCodeInvalidAccessException: + fmt.Println(securityhub.ErrCodeInvalidAccessException, aerr.Error()) + case securityhub.ErrCodeInvalidInputException: + fmt.Println(securityhub.ErrCodeInvalidInputException, aerr.Error()) + case securityhub.ErrCodeLimitExceededException: + fmt.Println(securityhub.ErrCodeLimitExceededException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // To list ARNs for enabled integrations // The following example returns a list of subscription Amazon Resource Names (ARNs) // for the product integrations that you have currently enabled in Security Hub. diff --git a/service/securityhub/securityhubiface/interface.go b/service/securityhub/securityhubiface/interface.go index d4a25c60764..13f1c454b80 100644 --- a/service/securityhub/securityhubiface/interface.go +++ b/service/securityhub/securityhubiface/interface.go @@ -68,6 +68,10 @@ type SecurityHubAPI interface { AcceptInvitationWithContext(aws.Context, *securityhub.AcceptInvitationInput, ...request.Option) (*securityhub.AcceptInvitationOutput, error) AcceptInvitationRequest(*securityhub.AcceptInvitationInput) (*request.Request, *securityhub.AcceptInvitationOutput) + BatchDeleteAutomationRules(*securityhub.BatchDeleteAutomationRulesInput) (*securityhub.BatchDeleteAutomationRulesOutput, error) + BatchDeleteAutomationRulesWithContext(aws.Context, *securityhub.BatchDeleteAutomationRulesInput, ...request.Option) (*securityhub.BatchDeleteAutomationRulesOutput, error) + BatchDeleteAutomationRulesRequest(*securityhub.BatchDeleteAutomationRulesInput) (*request.Request, *securityhub.BatchDeleteAutomationRulesOutput) + BatchDisableStandards(*securityhub.BatchDisableStandardsInput) (*securityhub.BatchDisableStandardsOutput, error) BatchDisableStandardsWithContext(aws.Context, *securityhub.BatchDisableStandardsInput, ...request.Option) (*securityhub.BatchDisableStandardsOutput, error) BatchDisableStandardsRequest(*securityhub.BatchDisableStandardsInput) (*request.Request, *securityhub.BatchDisableStandardsOutput) @@ -76,6 +80,10 @@ type SecurityHubAPI interface { BatchEnableStandardsWithContext(aws.Context, *securityhub.BatchEnableStandardsInput, ...request.Option) (*securityhub.BatchEnableStandardsOutput, error) BatchEnableStandardsRequest(*securityhub.BatchEnableStandardsInput) (*request.Request, *securityhub.BatchEnableStandardsOutput) + BatchGetAutomationRules(*securityhub.BatchGetAutomationRulesInput) (*securityhub.BatchGetAutomationRulesOutput, error) + BatchGetAutomationRulesWithContext(aws.Context, *securityhub.BatchGetAutomationRulesInput, ...request.Option) (*securityhub.BatchGetAutomationRulesOutput, error) + BatchGetAutomationRulesRequest(*securityhub.BatchGetAutomationRulesInput) (*request.Request, *securityhub.BatchGetAutomationRulesOutput) + BatchGetSecurityControls(*securityhub.BatchGetSecurityControlsInput) (*securityhub.BatchGetSecurityControlsOutput, error) BatchGetSecurityControlsWithContext(aws.Context, *securityhub.BatchGetSecurityControlsInput, ...request.Option) (*securityhub.BatchGetSecurityControlsOutput, error) BatchGetSecurityControlsRequest(*securityhub.BatchGetSecurityControlsInput) (*request.Request, *securityhub.BatchGetSecurityControlsOutput) @@ -88,6 +96,10 @@ type SecurityHubAPI interface { BatchImportFindingsWithContext(aws.Context, *securityhub.BatchImportFindingsInput, ...request.Option) (*securityhub.BatchImportFindingsOutput, error) BatchImportFindingsRequest(*securityhub.BatchImportFindingsInput) (*request.Request, *securityhub.BatchImportFindingsOutput) + BatchUpdateAutomationRules(*securityhub.BatchUpdateAutomationRulesInput) (*securityhub.BatchUpdateAutomationRulesOutput, error) + BatchUpdateAutomationRulesWithContext(aws.Context, *securityhub.BatchUpdateAutomationRulesInput, ...request.Option) (*securityhub.BatchUpdateAutomationRulesOutput, error) + BatchUpdateAutomationRulesRequest(*securityhub.BatchUpdateAutomationRulesInput) (*request.Request, *securityhub.BatchUpdateAutomationRulesOutput) + BatchUpdateFindings(*securityhub.BatchUpdateFindingsInput) (*securityhub.BatchUpdateFindingsOutput, error) BatchUpdateFindingsWithContext(aws.Context, *securityhub.BatchUpdateFindingsInput, ...request.Option) (*securityhub.BatchUpdateFindingsOutput, error) BatchUpdateFindingsRequest(*securityhub.BatchUpdateFindingsInput) (*request.Request, *securityhub.BatchUpdateFindingsOutput) @@ -100,6 +112,10 @@ type SecurityHubAPI interface { CreateActionTargetWithContext(aws.Context, *securityhub.CreateActionTargetInput, ...request.Option) (*securityhub.CreateActionTargetOutput, error) CreateActionTargetRequest(*securityhub.CreateActionTargetInput) (*request.Request, *securityhub.CreateActionTargetOutput) + CreateAutomationRule(*securityhub.CreateAutomationRuleInput) (*securityhub.CreateAutomationRuleOutput, error) + CreateAutomationRuleWithContext(aws.Context, *securityhub.CreateAutomationRuleInput, ...request.Option) (*securityhub.CreateAutomationRuleOutput, error) + CreateAutomationRuleRequest(*securityhub.CreateAutomationRuleInput) (*request.Request, *securityhub.CreateAutomationRuleOutput) + CreateFindingAggregator(*securityhub.CreateFindingAggregatorInput) (*securityhub.CreateFindingAggregatorOutput, error) CreateFindingAggregatorWithContext(aws.Context, *securityhub.CreateFindingAggregatorInput, ...request.Option) (*securityhub.CreateFindingAggregatorOutput, error) CreateFindingAggregatorRequest(*securityhub.CreateFindingAggregatorInput) (*request.Request, *securityhub.CreateFindingAggregatorOutput) @@ -264,6 +280,10 @@ type SecurityHubAPI interface { InviteMembersWithContext(aws.Context, *securityhub.InviteMembersInput, ...request.Option) (*securityhub.InviteMembersOutput, error) InviteMembersRequest(*securityhub.InviteMembersInput) (*request.Request, *securityhub.InviteMembersOutput) + ListAutomationRules(*securityhub.ListAutomationRulesInput) (*securityhub.ListAutomationRulesOutput, error) + ListAutomationRulesWithContext(aws.Context, *securityhub.ListAutomationRulesInput, ...request.Option) (*securityhub.ListAutomationRulesOutput, error) + ListAutomationRulesRequest(*securityhub.ListAutomationRulesInput) (*request.Request, *securityhub.ListAutomationRulesOutput) + ListEnabledProductsForImport(*securityhub.ListEnabledProductsForImportInput) (*securityhub.ListEnabledProductsForImportOutput, error) ListEnabledProductsForImportWithContext(aws.Context, *securityhub.ListEnabledProductsForImportInput, ...request.Option) (*securityhub.ListEnabledProductsForImportOutput, error) ListEnabledProductsForImportRequest(*securityhub.ListEnabledProductsForImportInput) (*request.Request, *securityhub.ListEnabledProductsForImportOutput) diff --git a/service/simspaceweaver/api.go b/service/simspaceweaver/api.go index 4f9b2e34169..4e125de0a17 100644 --- a/service/simspaceweaver/api.go +++ b/service/simspaceweaver/api.go @@ -1700,6 +1700,9 @@ type CreateSnapshotInput struct { // The Amazon S3 bucket and optional folder (object key prefix) where SimSpace // Weaver creates the snapshot file. // + // The Amazon S3 bucket must be in the same Amazon Web Services Region as the + // simulation. + // // Destination is a required field Destination *S3Destination `type:"structure" required:"true"` @@ -3764,6 +3767,9 @@ type StartSimulationInput struct { // // Provide a SnapshotS3Location to start your simulation from a snapshot. // + // The Amazon S3 bucket must be in the same Amazon Web Services Region as the + // simulation. + // // If you provide a SnapshotS3Location then you can't provide a SchemaS3Location. SnapshotS3Location *S3Location `type:"structure"` diff --git a/service/verifiedpermissions/api.go b/service/verifiedpermissions/api.go new file mode 100644 index 00000000000..802d06cd714 --- /dev/null +++ b/service/verifiedpermissions/api.go @@ -0,0 +1,10134 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package verifiedpermissions + +import ( + "fmt" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" +) + +const opCreateIdentitySource = "CreateIdentitySource" + +// CreateIdentitySourceRequest generates a "aws/request.Request" representing the +// client's request for the CreateIdentitySource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateIdentitySource for more information on using the CreateIdentitySource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateIdentitySourceRequest method. +// req, resp := client.CreateIdentitySourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource +func (c *VerifiedPermissions) CreateIdentitySourceRequest(input *CreateIdentitySourceInput) (req *request.Request, output *CreateIdentitySourceOutput) { + op := &request.Operation{ + Name: opCreateIdentitySource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateIdentitySourceInput{} + } + + output = &CreateIdentitySourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateIdentitySource API operation for Amazon Verified Permissions. +// +// Creates a reference to an Amazon Cognito user pool as an external identity +// provider (IdP). +// +// After you create an identity source, you can use the identities provided +// by the IdP as proxies for the principal in authorization queries that use +// the IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operation. These identities take the form of tokens that contain claims about +// the user, such as IDs, attributes and group memberships. Amazon Cognito provides +// both identity tokens and access tokens, and Verified Permissions can use +// either or both. Any combination of identity and access tokens results in +// the same Cedar principal. Verified Permissions automatically translates the +// information about the identities into the standard Cedar attributes that +// can be evaluated by your policies. Because the Amazon Cognito identity and +// access tokens can contain different information, the tokens you choose to +// use determine which principal attributes are available to access when evaluating +// Cedar policies. +// +// If you delete a Amazon Cognito user pool or user, tokens from that deleted +// pool or that deleted user continue to be usable until they expire. +// +// To reference a user from this identity source in your Cedar policies, use +// the following syntax. +// +// IdentityType::"| +// +// Where IdentityType is the string that you provide to the PrincipalEntityType +// parameter for this operation. The CognitoUserPoolId and CognitoClientId are +// defined by the Amazon Cognito user pool. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation CreateIdentitySource for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource +func (c *VerifiedPermissions) CreateIdentitySource(input *CreateIdentitySourceInput) (*CreateIdentitySourceOutput, error) { + req, out := c.CreateIdentitySourceRequest(input) + return out, req.Send() +} + +// CreateIdentitySourceWithContext is the same as CreateIdentitySource with the addition of +// the ability to pass a context and additional request options. +// +// See CreateIdentitySource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) CreateIdentitySourceWithContext(ctx aws.Context, input *CreateIdentitySourceInput, opts ...request.Option) (*CreateIdentitySourceOutput, error) { + req, out := c.CreateIdentitySourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreatePolicy = "CreatePolicy" + +// CreatePolicyRequest generates a "aws/request.Request" representing the +// client's request for the CreatePolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreatePolicy for more information on using the CreatePolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreatePolicyRequest method. +// req, resp := client.CreatePolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy +func (c *VerifiedPermissions) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) { + op := &request.Operation{ + Name: opCreatePolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreatePolicyInput{} + } + + output = &CreatePolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreatePolicy API operation for Amazon Verified Permissions. +// +// Creates a Cedar policy and saves it in the specified policy store. You can +// create either a static policy or a policy linked to a policy template. +// +// - To create a static policy, provide the Cedar policy text in the StaticPolicy +// section of the PolicyDefinition. +// +// - To create a policy that is dynamically linked to a policy template, +// specify the policy template ID and the principal and resource to associate +// with this policy in the templateLinked section of the PolicyDefinition. +// If the policy template is ever updated, any policies linked to the policy +// template automatically use the updated template. +// +// Creating a policy causes it to be validated against the schema in the policy +// store. If the policy doesn't pass validation, the operation fails and the +// policy isn't stored. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation CreatePolicy for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy +func (c *VerifiedPermissions) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) { + req, out := c.CreatePolicyRequest(input) + return out, req.Send() +} + +// CreatePolicyWithContext is the same as CreatePolicy with the addition of +// the ability to pass a context and additional request options. +// +// See CreatePolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) { + req, out := c.CreatePolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreatePolicyStore = "CreatePolicyStore" + +// CreatePolicyStoreRequest generates a "aws/request.Request" representing the +// client's request for the CreatePolicyStore operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreatePolicyStore for more information on using the CreatePolicyStore +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreatePolicyStoreRequest method. +// req, resp := client.CreatePolicyStoreRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore +func (c *VerifiedPermissions) CreatePolicyStoreRequest(input *CreatePolicyStoreInput) (req *request.Request, output *CreatePolicyStoreOutput) { + op := &request.Operation{ + Name: opCreatePolicyStore, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreatePolicyStoreInput{} + } + + output = &CreatePolicyStoreOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreatePolicyStore API operation for Amazon Verified Permissions. +// +// Creates a policy store. A policy store is a container for policy resources. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation CreatePolicyStore for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore +func (c *VerifiedPermissions) CreatePolicyStore(input *CreatePolicyStoreInput) (*CreatePolicyStoreOutput, error) { + req, out := c.CreatePolicyStoreRequest(input) + return out, req.Send() +} + +// CreatePolicyStoreWithContext is the same as CreatePolicyStore with the addition of +// the ability to pass a context and additional request options. +// +// See CreatePolicyStore for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) CreatePolicyStoreWithContext(ctx aws.Context, input *CreatePolicyStoreInput, opts ...request.Option) (*CreatePolicyStoreOutput, error) { + req, out := c.CreatePolicyStoreRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreatePolicyTemplate = "CreatePolicyTemplate" + +// CreatePolicyTemplateRequest generates a "aws/request.Request" representing the +// client's request for the CreatePolicyTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreatePolicyTemplate for more information on using the CreatePolicyTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreatePolicyTemplateRequest method. +// req, resp := client.CreatePolicyTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate +func (c *VerifiedPermissions) CreatePolicyTemplateRequest(input *CreatePolicyTemplateInput) (req *request.Request, output *CreatePolicyTemplateOutput) { + op := &request.Operation{ + Name: opCreatePolicyTemplate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreatePolicyTemplateInput{} + } + + output = &CreatePolicyTemplateOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreatePolicyTemplate API operation for Amazon Verified Permissions. +// +// Creates a policy template. A template can use placeholders for the principal +// and resource. A template must be instantiated into a policy by associating +// it with specific principals and resources to use for the placeholders. That +// instantiated policy can then be considered in authorization decisions. The +// instantiated policy works identically to any other policy, except that it +// is dynamically linked to the template. If the template changes, then any +// policies that are linked to that template are immediately updated as well. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation CreatePolicyTemplate for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate +func (c *VerifiedPermissions) CreatePolicyTemplate(input *CreatePolicyTemplateInput) (*CreatePolicyTemplateOutput, error) { + req, out := c.CreatePolicyTemplateRequest(input) + return out, req.Send() +} + +// CreatePolicyTemplateWithContext is the same as CreatePolicyTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See CreatePolicyTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) CreatePolicyTemplateWithContext(ctx aws.Context, input *CreatePolicyTemplateInput, opts ...request.Option) (*CreatePolicyTemplateOutput, error) { + req, out := c.CreatePolicyTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteIdentitySource = "DeleteIdentitySource" + +// DeleteIdentitySourceRequest generates a "aws/request.Request" representing the +// client's request for the DeleteIdentitySource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteIdentitySource for more information on using the DeleteIdentitySource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteIdentitySourceRequest method. +// req, resp := client.DeleteIdentitySourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource +func (c *VerifiedPermissions) DeleteIdentitySourceRequest(input *DeleteIdentitySourceInput) (req *request.Request, output *DeleteIdentitySourceOutput) { + op := &request.Operation{ + Name: opDeleteIdentitySource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteIdentitySourceInput{} + } + + output = &DeleteIdentitySourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteIdentitySource API operation for Amazon Verified Permissions. +// +// Deletes an identity source that references an identity provider (IdP) such +// as Amazon Cognito. After you delete the identity source, you can no longer +// use tokens for identities from that identity source to represent principals +// in authorization queries made using IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html). +// operations. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation DeleteIdentitySource for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource +func (c *VerifiedPermissions) DeleteIdentitySource(input *DeleteIdentitySourceInput) (*DeleteIdentitySourceOutput, error) { + req, out := c.DeleteIdentitySourceRequest(input) + return out, req.Send() +} + +// DeleteIdentitySourceWithContext is the same as DeleteIdentitySource with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteIdentitySource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) DeleteIdentitySourceWithContext(ctx aws.Context, input *DeleteIdentitySourceInput, opts ...request.Option) (*DeleteIdentitySourceOutput, error) { + req, out := c.DeleteIdentitySourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeletePolicy = "DeletePolicy" + +// DeletePolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeletePolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeletePolicy for more information on using the DeletePolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeletePolicyRequest method. +// req, resp := client.DeletePolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy +func (c *VerifiedPermissions) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { + op := &request.Operation{ + Name: opDeletePolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeletePolicyInput{} + } + + output = &DeletePolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeletePolicy API operation for Amazon Verified Permissions. +// +// Deletes the specified policy from the policy store. +// +// This operation is idempotent; if you specify a policy that doesn't exist, +// the request response returns a successful HTTP 200 status code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation DeletePolicy for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy +func (c *VerifiedPermissions) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { + req, out := c.DeletePolicyRequest(input) + return out, req.Send() +} + +// DeletePolicyWithContext is the same as DeletePolicy with the addition of +// the ability to pass a context and additional request options. +// +// See DeletePolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) { + req, out := c.DeletePolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeletePolicyStore = "DeletePolicyStore" + +// DeletePolicyStoreRequest generates a "aws/request.Request" representing the +// client's request for the DeletePolicyStore operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeletePolicyStore for more information on using the DeletePolicyStore +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeletePolicyStoreRequest method. +// req, resp := client.DeletePolicyStoreRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore +func (c *VerifiedPermissions) DeletePolicyStoreRequest(input *DeletePolicyStoreInput) (req *request.Request, output *DeletePolicyStoreOutput) { + op := &request.Operation{ + Name: opDeletePolicyStore, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeletePolicyStoreInput{} + } + + output = &DeletePolicyStoreOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeletePolicyStore API operation for Amazon Verified Permissions. +// +// Deletes the specified policy store. +// +// This operation is idempotent. If you specify a policy store that does not +// exist, the request response will still return a successful HTTP 200 status +// code. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation DeletePolicyStore for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore +func (c *VerifiedPermissions) DeletePolicyStore(input *DeletePolicyStoreInput) (*DeletePolicyStoreOutput, error) { + req, out := c.DeletePolicyStoreRequest(input) + return out, req.Send() +} + +// DeletePolicyStoreWithContext is the same as DeletePolicyStore with the addition of +// the ability to pass a context and additional request options. +// +// See DeletePolicyStore for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) DeletePolicyStoreWithContext(ctx aws.Context, input *DeletePolicyStoreInput, opts ...request.Option) (*DeletePolicyStoreOutput, error) { + req, out := c.DeletePolicyStoreRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeletePolicyTemplate = "DeletePolicyTemplate" + +// DeletePolicyTemplateRequest generates a "aws/request.Request" representing the +// client's request for the DeletePolicyTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeletePolicyTemplate for more information on using the DeletePolicyTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeletePolicyTemplateRequest method. +// req, resp := client.DeletePolicyTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate +func (c *VerifiedPermissions) DeletePolicyTemplateRequest(input *DeletePolicyTemplateInput) (req *request.Request, output *DeletePolicyTemplateOutput) { + op := &request.Operation{ + Name: opDeletePolicyTemplate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeletePolicyTemplateInput{} + } + + output = &DeletePolicyTemplateOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeletePolicyTemplate API operation for Amazon Verified Permissions. +// +// Deletes the specified policy template from the policy store. +// +// This operation also deletes any policies that were created from the specified +// policy template. Those policies are immediately removed from all future API +// responses, and are asynchronously deleted from the policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation DeletePolicyTemplate for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate +func (c *VerifiedPermissions) DeletePolicyTemplate(input *DeletePolicyTemplateInput) (*DeletePolicyTemplateOutput, error) { + req, out := c.DeletePolicyTemplateRequest(input) + return out, req.Send() +} + +// DeletePolicyTemplateWithContext is the same as DeletePolicyTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See DeletePolicyTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) DeletePolicyTemplateWithContext(ctx aws.Context, input *DeletePolicyTemplateInput, opts ...request.Option) (*DeletePolicyTemplateOutput, error) { + req, out := c.DeletePolicyTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetIdentitySource = "GetIdentitySource" + +// GetIdentitySourceRequest generates a "aws/request.Request" representing the +// client's request for the GetIdentitySource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIdentitySource for more information on using the GetIdentitySource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIdentitySourceRequest method. +// req, resp := client.GetIdentitySourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource +func (c *VerifiedPermissions) GetIdentitySourceRequest(input *GetIdentitySourceInput) (req *request.Request, output *GetIdentitySourceOutput) { + op := &request.Operation{ + Name: opGetIdentitySource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetIdentitySourceInput{} + } + + output = &GetIdentitySourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIdentitySource API operation for Amazon Verified Permissions. +// +// Retrieves the details about the specified identity source. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation GetIdentitySource for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource +func (c *VerifiedPermissions) GetIdentitySource(input *GetIdentitySourceInput) (*GetIdentitySourceOutput, error) { + req, out := c.GetIdentitySourceRequest(input) + return out, req.Send() +} + +// GetIdentitySourceWithContext is the same as GetIdentitySource with the addition of +// the ability to pass a context and additional request options. +// +// See GetIdentitySource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) GetIdentitySourceWithContext(ctx aws.Context, input *GetIdentitySourceInput, opts ...request.Option) (*GetIdentitySourceOutput, error) { + req, out := c.GetIdentitySourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetPolicy = "GetPolicy" + +// GetPolicyRequest generates a "aws/request.Request" representing the +// client's request for the GetPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetPolicy for more information on using the GetPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetPolicyRequest method. +// req, resp := client.GetPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy +func (c *VerifiedPermissions) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) { + op := &request.Operation{ + Name: opGetPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetPolicyInput{} + } + + output = &GetPolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetPolicy API operation for Amazon Verified Permissions. +// +// Retrieves information about the specified policy. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation GetPolicy for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy +func (c *VerifiedPermissions) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) { + req, out := c.GetPolicyRequest(input) + return out, req.Send() +} + +// GetPolicyWithContext is the same as GetPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See GetPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) { + req, out := c.GetPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetPolicyStore = "GetPolicyStore" + +// GetPolicyStoreRequest generates a "aws/request.Request" representing the +// client's request for the GetPolicyStore operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetPolicyStore for more information on using the GetPolicyStore +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetPolicyStoreRequest method. +// req, resp := client.GetPolicyStoreRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore +func (c *VerifiedPermissions) GetPolicyStoreRequest(input *GetPolicyStoreInput) (req *request.Request, output *GetPolicyStoreOutput) { + op := &request.Operation{ + Name: opGetPolicyStore, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetPolicyStoreInput{} + } + + output = &GetPolicyStoreOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetPolicyStore API operation for Amazon Verified Permissions. +// +// Retrieves details about a policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation GetPolicyStore for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore +func (c *VerifiedPermissions) GetPolicyStore(input *GetPolicyStoreInput) (*GetPolicyStoreOutput, error) { + req, out := c.GetPolicyStoreRequest(input) + return out, req.Send() +} + +// GetPolicyStoreWithContext is the same as GetPolicyStore with the addition of +// the ability to pass a context and additional request options. +// +// See GetPolicyStore for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) GetPolicyStoreWithContext(ctx aws.Context, input *GetPolicyStoreInput, opts ...request.Option) (*GetPolicyStoreOutput, error) { + req, out := c.GetPolicyStoreRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetPolicyTemplate = "GetPolicyTemplate" + +// GetPolicyTemplateRequest generates a "aws/request.Request" representing the +// client's request for the GetPolicyTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetPolicyTemplate for more information on using the GetPolicyTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetPolicyTemplateRequest method. +// req, resp := client.GetPolicyTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate +func (c *VerifiedPermissions) GetPolicyTemplateRequest(input *GetPolicyTemplateInput) (req *request.Request, output *GetPolicyTemplateOutput) { + op := &request.Operation{ + Name: opGetPolicyTemplate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetPolicyTemplateInput{} + } + + output = &GetPolicyTemplateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetPolicyTemplate API operation for Amazon Verified Permissions. +// +// Retrieve the details for the specified policy template in the specified policy +// store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation GetPolicyTemplate for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate +func (c *VerifiedPermissions) GetPolicyTemplate(input *GetPolicyTemplateInput) (*GetPolicyTemplateOutput, error) { + req, out := c.GetPolicyTemplateRequest(input) + return out, req.Send() +} + +// GetPolicyTemplateWithContext is the same as GetPolicyTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See GetPolicyTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) GetPolicyTemplateWithContext(ctx aws.Context, input *GetPolicyTemplateInput, opts ...request.Option) (*GetPolicyTemplateOutput, error) { + req, out := c.GetPolicyTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetSchema = "GetSchema" + +// GetSchemaRequest generates a "aws/request.Request" representing the +// client's request for the GetSchema operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSchema for more information on using the GetSchema +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSchemaRequest method. +// req, resp := client.GetSchemaRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema +func (c *VerifiedPermissions) GetSchemaRequest(input *GetSchemaInput) (req *request.Request, output *GetSchemaOutput) { + op := &request.Operation{ + Name: opGetSchema, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetSchemaInput{} + } + + output = &GetSchemaOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSchema API operation for Amazon Verified Permissions. +// +// Retrieve the details for the specified schema in the specified policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation GetSchema for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema +func (c *VerifiedPermissions) GetSchema(input *GetSchemaInput) (*GetSchemaOutput, error) { + req, out := c.GetSchemaRequest(input) + return out, req.Send() +} + +// GetSchemaWithContext is the same as GetSchema with the addition of +// the ability to pass a context and additional request options. +// +// See GetSchema for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) GetSchemaWithContext(ctx aws.Context, input *GetSchemaInput, opts ...request.Option) (*GetSchemaOutput, error) { + req, out := c.GetSchemaRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opIsAuthorized = "IsAuthorized" + +// IsAuthorizedRequest generates a "aws/request.Request" representing the +// client's request for the IsAuthorized operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See IsAuthorized for more information on using the IsAuthorized +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the IsAuthorizedRequest method. +// req, resp := client.IsAuthorizedRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized +func (c *VerifiedPermissions) IsAuthorizedRequest(input *IsAuthorizedInput) (req *request.Request, output *IsAuthorizedOutput) { + op := &request.Operation{ + Name: opIsAuthorized, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &IsAuthorizedInput{} + } + + output = &IsAuthorizedOutput{} + req = c.newRequest(op, input, output) + return +} + +// IsAuthorized API operation for Amazon Verified Permissions. +// +// Makes an authorization decision about a service request described in the +// parameters. The information in the parameters can also define additional +// context that Verified Permissions can include in the evaluation. The request +// is evaluated against all matching policies in the specified policy store. +// The result of the decision is either Allow or Deny, along with a list of +// the policies that resulted in the decision. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation IsAuthorized for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized +func (c *VerifiedPermissions) IsAuthorized(input *IsAuthorizedInput) (*IsAuthorizedOutput, error) { + req, out := c.IsAuthorizedRequest(input) + return out, req.Send() +} + +// IsAuthorizedWithContext is the same as IsAuthorized with the addition of +// the ability to pass a context and additional request options. +// +// See IsAuthorized for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) IsAuthorizedWithContext(ctx aws.Context, input *IsAuthorizedInput, opts ...request.Option) (*IsAuthorizedOutput, error) { + req, out := c.IsAuthorizedRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opIsAuthorizedWithToken = "IsAuthorizedWithToken" + +// IsAuthorizedWithTokenRequest generates a "aws/request.Request" representing the +// client's request for the IsAuthorizedWithToken operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See IsAuthorizedWithToken for more information on using the IsAuthorizedWithToken +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the IsAuthorizedWithTokenRequest method. +// req, resp := client.IsAuthorizedWithTokenRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken +func (c *VerifiedPermissions) IsAuthorizedWithTokenRequest(input *IsAuthorizedWithTokenInput) (req *request.Request, output *IsAuthorizedWithTokenOutput) { + op := &request.Operation{ + Name: opIsAuthorizedWithToken, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &IsAuthorizedWithTokenInput{} + } + + output = &IsAuthorizedWithTokenOutput{} + req = c.newRequest(op, input, output) + return +} + +// IsAuthorizedWithToken API operation for Amazon Verified Permissions. +// +// Makes an authorization decision about a service request described in the +// parameters. The principal in this request comes from an external identity +// source. The information in the parameters can also define additional context +// that Verified Permissions can include in the evaluation. The request is evaluated +// against all matching policies in the specified policy store. The result of +// the decision is either Allow or Deny, along with a list of the policies that +// resulted in the decision. +// +// If you delete a Amazon Cognito user pool or user, tokens from that deleted +// pool or that deleted user continue to be usable until they expire. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation IsAuthorizedWithToken for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken +func (c *VerifiedPermissions) IsAuthorizedWithToken(input *IsAuthorizedWithTokenInput) (*IsAuthorizedWithTokenOutput, error) { + req, out := c.IsAuthorizedWithTokenRequest(input) + return out, req.Send() +} + +// IsAuthorizedWithTokenWithContext is the same as IsAuthorizedWithToken with the addition of +// the ability to pass a context and additional request options. +// +// See IsAuthorizedWithToken for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) IsAuthorizedWithTokenWithContext(ctx aws.Context, input *IsAuthorizedWithTokenInput, opts ...request.Option) (*IsAuthorizedWithTokenOutput, error) { + req, out := c.IsAuthorizedWithTokenRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opListIdentitySources = "ListIdentitySources" + +// ListIdentitySourcesRequest generates a "aws/request.Request" representing the +// client's request for the ListIdentitySources operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListIdentitySources for more information on using the ListIdentitySources +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListIdentitySourcesRequest method. +// req, resp := client.ListIdentitySourcesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources +func (c *VerifiedPermissions) ListIdentitySourcesRequest(input *ListIdentitySourcesInput) (req *request.Request, output *ListIdentitySourcesOutput) { + op := &request.Operation{ + Name: opListIdentitySources, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListIdentitySourcesInput{} + } + + output = &ListIdentitySourcesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListIdentitySources API operation for Amazon Verified Permissions. +// +// Returns a paginated list of all of the identity sources defined in the specified +// policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation ListIdentitySources for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources +func (c *VerifiedPermissions) ListIdentitySources(input *ListIdentitySourcesInput) (*ListIdentitySourcesOutput, error) { + req, out := c.ListIdentitySourcesRequest(input) + return out, req.Send() +} + +// ListIdentitySourcesWithContext is the same as ListIdentitySources with the addition of +// the ability to pass a context and additional request options. +// +// See ListIdentitySources for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListIdentitySourcesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, opts ...request.Option) (*ListIdentitySourcesOutput, error) { + req, out := c.ListIdentitySourcesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListIdentitySourcesPages iterates over the pages of a ListIdentitySources operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListIdentitySources method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListIdentitySources operation. +// pageNum := 0 +// err := client.ListIdentitySourcesPages(params, +// func(page *verifiedpermissions.ListIdentitySourcesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *VerifiedPermissions) ListIdentitySourcesPages(input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool) error { + return c.ListIdentitySourcesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListIdentitySourcesPagesWithContext same as ListIdentitySourcesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListIdentitySourcesPagesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListIdentitySourcesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListIdentitySourcesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListIdentitySourcesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListPolicies = "ListPolicies" + +// ListPoliciesRequest generates a "aws/request.Request" representing the +// client's request for the ListPolicies operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListPolicies for more information on using the ListPolicies +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListPoliciesRequest method. +// req, resp := client.ListPoliciesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies +func (c *VerifiedPermissions) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { + op := &request.Operation{ + Name: opListPolicies, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListPoliciesInput{} + } + + output = &ListPoliciesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListPolicies API operation for Amazon Verified Permissions. +// +// Returns a paginated list of all policies stored in the specified policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation ListPolicies for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies +func (c *VerifiedPermissions) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { + req, out := c.ListPoliciesRequest(input) + return out, req.Send() +} + +// ListPoliciesWithContext is the same as ListPolicies with the addition of +// the ability to pass a context and additional request options. +// +// See ListPolicies for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) { + req, out := c.ListPoliciesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListPoliciesPages iterates over the pages of a ListPolicies operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListPolicies method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListPolicies operation. +// pageNum := 0 +// err := client.ListPoliciesPages(params, +// func(page *verifiedpermissions.ListPoliciesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *VerifiedPermissions) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error { + return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListPoliciesPagesWithContext same as ListPoliciesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListPoliciesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListPoliciesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListPolicyStores = "ListPolicyStores" + +// ListPolicyStoresRequest generates a "aws/request.Request" representing the +// client's request for the ListPolicyStores operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListPolicyStores for more information on using the ListPolicyStores +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListPolicyStoresRequest method. +// req, resp := client.ListPolicyStoresRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores +func (c *VerifiedPermissions) ListPolicyStoresRequest(input *ListPolicyStoresInput) (req *request.Request, output *ListPolicyStoresOutput) { + op := &request.Operation{ + Name: opListPolicyStores, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListPolicyStoresInput{} + } + + output = &ListPolicyStoresOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListPolicyStores API operation for Amazon Verified Permissions. +// +// Returns a paginated list of all policy stores in the calling Amazon Web Services +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation ListPolicyStores for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores +func (c *VerifiedPermissions) ListPolicyStores(input *ListPolicyStoresInput) (*ListPolicyStoresOutput, error) { + req, out := c.ListPolicyStoresRequest(input) + return out, req.Send() +} + +// ListPolicyStoresWithContext is the same as ListPolicyStores with the addition of +// the ability to pass a context and additional request options. +// +// See ListPolicyStores for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPolicyStoresWithContext(ctx aws.Context, input *ListPolicyStoresInput, opts ...request.Option) (*ListPolicyStoresOutput, error) { + req, out := c.ListPolicyStoresRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListPolicyStoresPages iterates over the pages of a ListPolicyStores operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListPolicyStores method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListPolicyStores operation. +// pageNum := 0 +// err := client.ListPolicyStoresPages(params, +// func(page *verifiedpermissions.ListPolicyStoresOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *VerifiedPermissions) ListPolicyStoresPages(input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool) error { + return c.ListPolicyStoresPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListPolicyStoresPagesWithContext same as ListPolicyStoresPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPolicyStoresPagesWithContext(ctx aws.Context, input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListPolicyStoresInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListPolicyStoresRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListPolicyStoresOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListPolicyTemplates = "ListPolicyTemplates" + +// ListPolicyTemplatesRequest generates a "aws/request.Request" representing the +// client's request for the ListPolicyTemplates operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListPolicyTemplates for more information on using the ListPolicyTemplates +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListPolicyTemplatesRequest method. +// req, resp := client.ListPolicyTemplatesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates +func (c *VerifiedPermissions) ListPolicyTemplatesRequest(input *ListPolicyTemplatesInput) (req *request.Request, output *ListPolicyTemplatesOutput) { + op := &request.Operation{ + Name: opListPolicyTemplates, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListPolicyTemplatesInput{} + } + + output = &ListPolicyTemplatesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListPolicyTemplates API operation for Amazon Verified Permissions. +// +// Returns a paginated list of all policy templates in the specified policy +// store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation ListPolicyTemplates for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates +func (c *VerifiedPermissions) ListPolicyTemplates(input *ListPolicyTemplatesInput) (*ListPolicyTemplatesOutput, error) { + req, out := c.ListPolicyTemplatesRequest(input) + return out, req.Send() +} + +// ListPolicyTemplatesWithContext is the same as ListPolicyTemplates with the addition of +// the ability to pass a context and additional request options. +// +// See ListPolicyTemplates for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPolicyTemplatesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, opts ...request.Option) (*ListPolicyTemplatesOutput, error) { + req, out := c.ListPolicyTemplatesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListPolicyTemplatesPages iterates over the pages of a ListPolicyTemplates operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListPolicyTemplates method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListPolicyTemplates operation. +// pageNum := 0 +// err := client.ListPolicyTemplatesPages(params, +// func(page *verifiedpermissions.ListPolicyTemplatesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *VerifiedPermissions) ListPolicyTemplatesPages(input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool) error { + return c.ListPolicyTemplatesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListPolicyTemplatesPagesWithContext same as ListPolicyTemplatesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) ListPolicyTemplatesPagesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListPolicyTemplatesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListPolicyTemplatesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListPolicyTemplatesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opPutSchema = "PutSchema" + +// PutSchemaRequest generates a "aws/request.Request" representing the +// client's request for the PutSchema operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutSchema for more information on using the PutSchema +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutSchemaRequest method. +// req, resp := client.PutSchemaRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema +func (c *VerifiedPermissions) PutSchemaRequest(input *PutSchemaInput) (req *request.Request, output *PutSchemaOutput) { + op := &request.Operation{ + Name: opPutSchema, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutSchemaInput{} + } + + output = &PutSchemaOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutSchema API operation for Amazon Verified Permissions. +// +// Creates or updates the policy schema in the specified policy store. The schema +// is used to validate any Cedar policies and policy templates submitted to +// the policy store. Any changes to the schema validate only policies and templates +// submitted after the schema change. Existing policies and templates are not +// re-evaluated against the changed schema. If you later update a policy, then +// it is evaluated against the new schema at that time. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation PutSchema for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema +func (c *VerifiedPermissions) PutSchema(input *PutSchemaInput) (*PutSchemaOutput, error) { + req, out := c.PutSchemaRequest(input) + return out, req.Send() +} + +// PutSchemaWithContext is the same as PutSchema with the addition of +// the ability to pass a context and additional request options. +// +// See PutSchema for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) PutSchemaWithContext(ctx aws.Context, input *PutSchemaInput, opts ...request.Option) (*PutSchemaOutput, error) { + req, out := c.PutSchemaRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateIdentitySource = "UpdateIdentitySource" + +// UpdateIdentitySourceRequest generates a "aws/request.Request" representing the +// client's request for the UpdateIdentitySource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateIdentitySource for more information on using the UpdateIdentitySource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateIdentitySourceRequest method. +// req, resp := client.UpdateIdentitySourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource +func (c *VerifiedPermissions) UpdateIdentitySourceRequest(input *UpdateIdentitySourceInput) (req *request.Request, output *UpdateIdentitySourceOutput) { + op := &request.Operation{ + Name: opUpdateIdentitySource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateIdentitySourceInput{} + } + + output = &UpdateIdentitySourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateIdentitySource API operation for Amazon Verified Permissions. +// +// Updates the specified identity source to use a new identity provider (IdP) +// source, or to change the mapping of identities from the IdP to a different +// principal entity type. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation UpdateIdentitySource for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource +func (c *VerifiedPermissions) UpdateIdentitySource(input *UpdateIdentitySourceInput) (*UpdateIdentitySourceOutput, error) { + req, out := c.UpdateIdentitySourceRequest(input) + return out, req.Send() +} + +// UpdateIdentitySourceWithContext is the same as UpdateIdentitySource with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateIdentitySource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) UpdateIdentitySourceWithContext(ctx aws.Context, input *UpdateIdentitySourceInput, opts ...request.Option) (*UpdateIdentitySourceOutput, error) { + req, out := c.UpdateIdentitySourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdatePolicy = "UpdatePolicy" + +// UpdatePolicyRequest generates a "aws/request.Request" representing the +// client's request for the UpdatePolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdatePolicy for more information on using the UpdatePolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdatePolicyRequest method. +// req, resp := client.UpdatePolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy +func (c *VerifiedPermissions) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput) { + op := &request.Operation{ + Name: opUpdatePolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdatePolicyInput{} + } + + output = &UpdatePolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdatePolicy API operation for Amazon Verified Permissions. +// +// Modifies a Cedar static policy in the specified policy store. You can change +// only certain elements of the UpdatePolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyInput.html#amazonverifiedpermissions-UpdatePolicy-request-UpdatePolicyDefinition) +// parameter. You can directly update only static policies. To change a template-linked +// policy, you must update the template instead, using UpdatePolicyTemplate +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html). +// +// If policy validation is enabled in the policy store, then updating a static +// policy causes Verified Permissions to validate the policy against the schema +// in the policy store. If the updated static policy doesn't pass validation, +// the operation fails and the update isn't stored. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation UpdatePolicy for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ServiceQuotaExceededException +// The request failed because it would cause a service quota to be exceeded. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy +func (c *VerifiedPermissions) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error) { + req, out := c.UpdatePolicyRequest(input) + return out, req.Send() +} + +// UpdatePolicyWithContext is the same as UpdatePolicy with the addition of +// the ability to pass a context and additional request options. +// +// See UpdatePolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error) { + req, out := c.UpdatePolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdatePolicyStore = "UpdatePolicyStore" + +// UpdatePolicyStoreRequest generates a "aws/request.Request" representing the +// client's request for the UpdatePolicyStore operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdatePolicyStore for more information on using the UpdatePolicyStore +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdatePolicyStoreRequest method. +// req, resp := client.UpdatePolicyStoreRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore +func (c *VerifiedPermissions) UpdatePolicyStoreRequest(input *UpdatePolicyStoreInput) (req *request.Request, output *UpdatePolicyStoreOutput) { + op := &request.Operation{ + Name: opUpdatePolicyStore, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdatePolicyStoreInput{} + } + + output = &UpdatePolicyStoreOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdatePolicyStore API operation for Amazon Verified Permissions. +// +// Modifies the validation setting for a policy store. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation UpdatePolicyStore for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore +func (c *VerifiedPermissions) UpdatePolicyStore(input *UpdatePolicyStoreInput) (*UpdatePolicyStoreOutput, error) { + req, out := c.UpdatePolicyStoreRequest(input) + return out, req.Send() +} + +// UpdatePolicyStoreWithContext is the same as UpdatePolicyStore with the addition of +// the ability to pass a context and additional request options. +// +// See UpdatePolicyStore for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) UpdatePolicyStoreWithContext(ctx aws.Context, input *UpdatePolicyStoreInput, opts ...request.Option) (*UpdatePolicyStoreOutput, error) { + req, out := c.UpdatePolicyStoreRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdatePolicyTemplate = "UpdatePolicyTemplate" + +// UpdatePolicyTemplateRequest generates a "aws/request.Request" representing the +// client's request for the UpdatePolicyTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdatePolicyTemplate for more information on using the UpdatePolicyTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdatePolicyTemplateRequest method. +// req, resp := client.UpdatePolicyTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate +func (c *VerifiedPermissions) UpdatePolicyTemplateRequest(input *UpdatePolicyTemplateInput) (req *request.Request, output *UpdatePolicyTemplateOutput) { + op := &request.Operation{ + Name: opUpdatePolicyTemplate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdatePolicyTemplateInput{} + } + + output = &UpdatePolicyTemplateOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdatePolicyTemplate API operation for Amazon Verified Permissions. +// +// Updates the specified policy template. You can update only the description +// and the some elements of the policyBody (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html#amazonverifiedpermissions-UpdatePolicyTemplate-request-policyBody). +// +// Changes you make to the policy template content are immediately reflected +// in authorization decisions that involve all template-linked policies instantiated +// from this template. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Verified Permissions's +// API operation UpdatePolicyTemplate for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +// +// - ConflictException +// The request failed because another request to modify a resource occurred +// at the same. +// +// - AccessDeniedException +// You don't have sufficient access to perform this action. +// +// - ResourceNotFoundException +// The request failed because it references a resource that doesn't exist. +// +// - ThrottlingException +// The request failed because it exceeded a throttling quota. +// +// - InternalServerException +// The request failed because of an internal error. Try your request again later +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate +func (c *VerifiedPermissions) UpdatePolicyTemplate(input *UpdatePolicyTemplateInput) (*UpdatePolicyTemplateOutput, error) { + req, out := c.UpdatePolicyTemplateRequest(input) + return out, req.Send() +} + +// UpdatePolicyTemplateWithContext is the same as UpdatePolicyTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See UpdatePolicyTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *VerifiedPermissions) UpdatePolicyTemplateWithContext(ctx aws.Context, input *UpdatePolicyTemplateInput, opts ...request.Option) (*UpdatePolicyTemplateOutput, error) { + req, out := c.UpdatePolicyTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You don't have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains information about an action for a request for which an authorization +// decision is made. +// +// This data type is used as an request parameter to the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operations. +// +// Example: { "actionId": "", "actionType": "Action" } +type ActionIdentifier struct { + _ struct{} `type:"structure"` + + // The ID of an action. + // + // ActionId is a required field + ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true"` + + // The type of an action. + // + // ActionType is a required field + ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ActionIdentifier) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ActionIdentifier) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ActionIdentifier) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ActionIdentifier"} + if s.ActionId == nil { + invalidParams.Add(request.NewErrParamRequired("ActionId")) + } + if s.ActionId != nil && len(*s.ActionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ActionId", 1)) + } + if s.ActionType == nil { + invalidParams.Add(request.NewErrParamRequired("ActionType")) + } + if s.ActionType != nil && len(*s.ActionType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ActionType", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetActionId sets the ActionId field's value. +func (s *ActionIdentifier) SetActionId(v string) *ActionIdentifier { + s.ActionId = &v + return s +} + +// SetActionType sets the ActionType field's value. +func (s *ActionIdentifier) SetActionType(v string) *ActionIdentifier { + s.ActionType = &v + return s +} + +// The value of an attribute. +// +// Contains information about the runtime context for a request for which an +// authorization decision is made. +// +// This data type is used as a member of the ContextDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html) +// structure which is uses as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operations. +type AttributeValue struct { + _ struct{} `type:"structure"` + + // An attribute value of Boolean (docs.cedarpolicy.comcedar-syntax-datatypes.html#datatype-boolean) + // type. + // + // Example: {"boolean": true} + Boolean *bool `locationName:"boolean" type:"boolean"` + + // An attribute value of type EntityIdentifier (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html). + // + // Example: "entityIdentifier": { "entityId": "", "entityType": ""} + EntityIdentifier *EntityIdentifier `locationName:"entityIdentifier" type:"structure"` + + // An attribute value of Long (docs.cedarpolicy.comcedar-syntax-datatypes.html#datatype-long) + // type. + // + // Example: {"long": 0} + Long *int64 `locationName:"long" type:"long"` + + // An attribute value of Record (docs.cedarpolicy.comcedar-syntax-datatypes.html#datatype-record) + // type. + // + // Example: {"record": { "keyName": {} } } + Record map[string]*AttributeValue `locationName:"record" type:"map"` + + // An attribute value of Set (docs.cedarpolicy.comcedar-syntax-datatypes.html#datatype-set) + // type. + // + // Example: {"set": [ {} ] } + Set []*AttributeValue `locationName:"set" type:"list"` + + // An attribute value of String (docs.cedarpolicy.comcedar-syntax-datatypes.html#datatype-string) + // type. + // + // Example: {"string": "abc"} + String_ *string `locationName:"string" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AttributeValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AttributeValue) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AttributeValue) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AttributeValue"} + if s.EntityIdentifier != nil { + if err := s.EntityIdentifier.Validate(); err != nil { + invalidParams.AddNested("EntityIdentifier", err.(request.ErrInvalidParams)) + } + } + if s.Record != nil { + for i, v := range s.Record { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Record", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Set != nil { + for i, v := range s.Set { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Set", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBoolean sets the Boolean field's value. +func (s *AttributeValue) SetBoolean(v bool) *AttributeValue { + s.Boolean = &v + return s +} + +// SetEntityIdentifier sets the EntityIdentifier field's value. +func (s *AttributeValue) SetEntityIdentifier(v *EntityIdentifier) *AttributeValue { + s.EntityIdentifier = v + return s +} + +// SetLong sets the Long field's value. +func (s *AttributeValue) SetLong(v int64) *AttributeValue { + s.Long = &v + return s +} + +// SetRecord sets the Record field's value. +func (s *AttributeValue) SetRecord(v map[string]*AttributeValue) *AttributeValue { + s.Record = v + return s +} + +// SetSet sets the Set field's value. +func (s *AttributeValue) SetSet(v []*AttributeValue) *AttributeValue { + s.Set = v + return s +} + +// SetString_ sets the String_ field's value. +func (s *AttributeValue) SetString_(v string) *AttributeValue { + s.String_ = &v + return s +} + +// The configuration for an identity source that represents a connection to +// an Amazon Cognito user pool used as an identity provider for Verified Permissions. +// +// This data type is used as a field that is part of an Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html) +// structure that is used as a parameter to the Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html). +// +// Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": +// ["a1b2c3d4e5f6g7h8i9j0kalbmc"]} +type CognitoUserPoolConfiguration struct { + _ struct{} `type:"structure"` + + // The unique application client IDs that are associated with the specified + // Amazon Cognito user pool. + // + // Example: "ClientIds": ["&ExampleCogClientId;"] + ClientIds []*string `locationName:"clientIds" type:"list"` + + // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // of the Amazon Cognito user pool that contains the identities to be authorized. + // + // Example: "UserPoolArn": "cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5" + // + // UserPoolArn is a required field + UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CognitoUserPoolConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CognitoUserPoolConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CognitoUserPoolConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CognitoUserPoolConfiguration"} + if s.UserPoolArn == nil { + invalidParams.Add(request.NewErrParamRequired("UserPoolArn")) + } + if s.UserPoolArn != nil && len(*s.UserPoolArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("UserPoolArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientIds sets the ClientIds field's value. +func (s *CognitoUserPoolConfiguration) SetClientIds(v []*string) *CognitoUserPoolConfiguration { + s.ClientIds = v + return s +} + +// SetUserPoolArn sets the UserPoolArn field's value. +func (s *CognitoUserPoolConfiguration) SetUserPoolArn(v string) *CognitoUserPoolConfiguration { + s.UserPoolArn = &v + return s +} + +// Contains configuration information used when creating a new identity source. +// +// At this time, the only valid member of this structure is a Amazon Cognito +// user pool configuration. +// +// You must specify a userPoolArn, and optionally, a ClientId. +// +// This data type is used as a request parameter for the CreateIdentitySource +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) +// operation. +type Configuration struct { + _ struct{} `type:"structure"` + + // Contains configuration details of a Amazon Cognito user pool that Verified + // Permissions can use as a source of authenticated identities as entities. + // It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // of a Amazon Cognito user pool and one or more application client IDs. + // + // Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds": + // ["a1b2c3d4e5f6g7h8i9j0kalbmc"]}} + CognitoUserPoolConfiguration *CognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Configuration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Configuration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Configuration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Configuration"} + if s.CognitoUserPoolConfiguration != nil { + if err := s.CognitoUserPoolConfiguration.Validate(); err != nil { + invalidParams.AddNested("CognitoUserPoolConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value. +func (s *Configuration) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfiguration) *Configuration { + s.CognitoUserPoolConfiguration = v + return s +} + +// The request failed because another request to modify a resource occurred +// at the same. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` + + // The list of resources referenced with this failed request. + // + // Resources is a required field + Resources []*ResourceConflict `locationName:"resources" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains additional details about the context of the request. Verified Permissions +// evaluates this information in an authorization request as part of the when +// and unless clauses in a policy. +// +// This data type is used as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operations. +// +// Example: "context":{"Context":{"":{"boolean":true},"":{"long":1234}}} +type ContextDefinition struct { + _ struct{} `type:"structure"` + + // An list of attributes that are needed to successfully evaluate an authorization + // request. Each attribute in this array must include a map of a data type and + // its value. + // + // Example: "Context":{"":{"boolean":true},"":{"long":1234}} + ContextMap map[string]*AttributeValue `locationName:"contextMap" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ContextDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ContextDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ContextDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ContextDefinition"} + if s.ContextMap != nil { + for i, v := range s.ContextMap { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextMap", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetContextMap sets the ContextMap field's value. +func (s *ContextDefinition) SetContextMap(v map[string]*AttributeValue) *ContextDefinition { + s.ContextMap = v + return s +} + +type CreateIdentitySourceInput struct { + _ struct{} `type:"structure"` + + // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency + // of the request. This lets you safely retry the request without accidentally + // performing the same operation a second time. Passing the same value to a + // later call to an operation requires that you also pass the same value for + // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_Id). + // + // If you don't provide this value, then Amazon Web Services generates a random + // one for you. + // + // If you retry the operation with the same ClientToken, but with different + // parameters, the retry fails with an IdempotentParameterMismatch error. + ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + + // Specifies the details required to communicate with the identity provider + // (IdP) associated with this identity source. + // + // At this time, the only valid member of this structure is a Amazon Cognito + // user pool configuration. + // + // You must specify a UserPoolArn, and optionally, a ClientId. + // + // Configuration is a required field + Configuration *Configuration `locationName:"configuration" type:"structure" required:"true"` + + // Specifies the ID of the policy store in which you want to store this identity + // source. Only policies and requests made using this policy store can reference + // identities from the identity provider configured in the new identity source. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the namespace and data type of the principals generated for identities + // authenticated by the new identity source. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIdentitySourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIdentitySourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateIdentitySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateIdentitySourceInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) + } + if s.Configuration == nil { + invalidParams.Add(request.NewErrParamRequired("Configuration")) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) + } + if s.Configuration != nil { + if err := s.Configuration.Validate(); err != nil { + invalidParams.AddNested("Configuration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateIdentitySourceInput) SetClientToken(v string) *CreateIdentitySourceInput { + s.ClientToken = &v + return s +} + +// SetConfiguration sets the Configuration field's value. +func (s *CreateIdentitySourceInput) SetConfiguration(v *Configuration) *CreateIdentitySourceInput { + s.Configuration = v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreateIdentitySourceInput) SetPolicyStoreId(v string) *CreateIdentitySourceInput { + s.PolicyStoreId = &v + return s +} + +// SetPrincipalEntityType sets the PrincipalEntityType field's value. +func (s *CreateIdentitySourceInput) SetPrincipalEntityType(v string) *CreateIdentitySourceInput { + s.PrincipalEntityType = &v + return s +} + +type CreateIdentitySourceOutput struct { + _ struct{} `type:"structure"` + + // The date and time the identity source was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique ID of the new identity source. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // The date and time the identity source was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the identity source. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIdentitySourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIdentitySourceOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *CreateIdentitySourceOutput) SetCreatedDate(v time.Time) *CreateIdentitySourceOutput { + s.CreatedDate = &v + return s +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *CreateIdentitySourceOutput) SetIdentitySourceId(v string) *CreateIdentitySourceOutput { + s.IdentitySourceId = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *CreateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *CreateIdentitySourceOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreateIdentitySourceOutput) SetPolicyStoreId(v string) *CreateIdentitySourceOutput { + s.PolicyStoreId = &v + return s +} + +type CreatePolicyInput struct { + _ struct{} `type:"structure"` + + // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency + // of the request. This lets you safely retry the request without accidentally + // performing the same operation a second time. Passing the same value to a + // later call to an operation requires that you also pass the same value for + // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_Id). + // + // If you don't provide this value, then Amazon Web Services generates a random + // one for you. + // + // If you retry the operation with the same ClientToken, but with different + // parameters, the retry fails with an IdempotentParameterMismatch error. + ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + + // A structure that specifies the policy type and content to use for the new + // policy. You must include either a static or a templateLinked element. The + // policy content must be written in the Cedar policy language. + // + // Definition is a required field + Definition *PolicyDefinition `locationName:"definition" type:"structure" required:"true"` + + // Specifies the PolicyStoreId of the policy store you want to store the policy + // in. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreatePolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) + } + if s.Definition == nil { + invalidParams.Add(request.NewErrParamRequired("Definition")) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Definition != nil { + if err := s.Definition.Validate(); err != nil { + invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreatePolicyInput) SetClientToken(v string) *CreatePolicyInput { + s.ClientToken = &v + return s +} + +// SetDefinition sets the Definition field's value. +func (s *CreatePolicyInput) SetDefinition(v *PolicyDefinition) *CreatePolicyInput { + s.Definition = v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreatePolicyInput) SetPolicyStoreId(v string) *CreatePolicyInput { + s.PolicyStoreId = &v + return s +} + +type CreatePolicyOutput struct { + _ struct{} `type:"structure"` + + // The date and time the policy was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time the policy was last updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique ID of the new policy. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // The ID of the policy store that contains the new policy. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The policy type of the new policy. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` + + // The principal specified in the new policy's scope. This response element + // isn't present when principal isn't specified in the policy content. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource specified in the new policy's scope. This response element isn't + // present when the resource isn't specified in the policy content. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *CreatePolicyOutput) SetCreatedDate(v time.Time) *CreatePolicyOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *CreatePolicyOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyId sets the PolicyId field's value. +func (s *CreatePolicyOutput) SetPolicyId(v string) *CreatePolicyOutput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreatePolicyOutput) SetPolicyStoreId(v string) *CreatePolicyOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *CreatePolicyOutput) SetPolicyType(v string) *CreatePolicyOutput { + s.PolicyType = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *CreatePolicyOutput) SetPrincipal(v *EntityIdentifier) *CreatePolicyOutput { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *CreatePolicyOutput) SetResource(v *EntityIdentifier) *CreatePolicyOutput { + s.Resource = v + return s +} + +type CreatePolicyStoreInput struct { + _ struct{} `type:"structure"` + + // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency + // of the request. This lets you safely retry the request without accidentally + // performing the same operation a second time. Passing the same value to a + // later call to an operation requires that you also pass the same value for + // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_Id). + // + // If you don't provide this value, then Amazon Web Services generates a random + // one for you. + // + // If you retry the operation with the same ClientToken, but with different + // parameters, the retry fails with an IdempotentParameterMismatch error. + ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + + // Specifies the validation setting for this policy store. + // + // Currently, the only valid and required value is Mode. + // + // We recommend that you turn on STRICT mode only after you define a schema. + // If a schema doesn't exist, then STRICT mode causes any policy to fail validation, + // and Verified Permissions rejects the policy. You can turn off validation + // by using the UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore). + // Then, when you have a schema defined, use UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) + // again to turn validation back on. + // + // ValidationSettings is a required field + ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyStoreInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyStoreInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreatePolicyStoreInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreatePolicyStoreInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) + } + if s.ValidationSettings == nil { + invalidParams.Add(request.NewErrParamRequired("ValidationSettings")) + } + if s.ValidationSettings != nil { + if err := s.ValidationSettings.Validate(); err != nil { + invalidParams.AddNested("ValidationSettings", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreatePolicyStoreInput) SetClientToken(v string) *CreatePolicyStoreInput { + s.ClientToken = &v + return s +} + +// SetValidationSettings sets the ValidationSettings field's value. +func (s *CreatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *CreatePolicyStoreInput { + s.ValidationSettings = v + return s +} + +type CreatePolicyStoreOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the new policy store. + // + // Arn is a required field + Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` + + // The date and time the policy store was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time the policy store was last updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique ID of the new policy store. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyStoreOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyStoreOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *CreatePolicyStoreOutput) SetArn(v string) *CreatePolicyStoreOutput { + s.Arn = &v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *CreatePolicyStoreOutput) SetCreatedDate(v time.Time) *CreatePolicyStoreOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *CreatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyStoreOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreatePolicyStoreOutput) SetPolicyStoreId(v string) *CreatePolicyStoreOutput { + s.PolicyStoreId = &v + return s +} + +type CreatePolicyTemplateInput struct { + _ struct{} `type:"structure"` + + // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency + // of the request. This lets you safely retry the request without accidentally + // performing the same operation a second time. Passing the same value to a + // later call to an operation requires that you also pass the same value for + // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_Id). + // + // If you don't provide this value, then Amazon Web Services generates a random + // one for you. + // + // If you retry the operation with the same ClientToken, but with different + // parameters, the retry fails with an IdempotentParameterMismatch error. + ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + + // Specifies a description for the policy template. + Description *string `locationName:"description" type:"string"` + + // The ID of the policy store in which to create the policy template. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the content that you want to use for the new policy template, written + // in the Cedar policy language. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyTemplateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyTemplateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreatePolicyTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreatePolicyTemplateInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Statement == nil { + invalidParams.Add(request.NewErrParamRequired("Statement")) + } + if s.Statement != nil && len(*s.Statement) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreatePolicyTemplateInput) SetClientToken(v string) *CreatePolicyTemplateInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreatePolicyTemplateInput) SetDescription(v string) *CreatePolicyTemplateInput { + s.Description = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreatePolicyTemplateInput) SetPolicyStoreId(v string) *CreatePolicyTemplateInput { + s.PolicyStoreId = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *CreatePolicyTemplateInput) SetStatement(v string) *CreatePolicyTemplateInput { + s.Statement = &v + return s +} + +type CreatePolicyTemplateOutput struct { + _ struct{} `type:"structure"` + + // The date and time the policy template was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time the policy template was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the policy template. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The unique ID of the new policy template. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyTemplateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreatePolicyTemplateOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *CreatePolicyTemplateOutput) SetCreatedDate(v time.Time) *CreatePolicyTemplateOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *CreatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyTemplateOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *CreatePolicyTemplateOutput) SetPolicyStoreId(v string) *CreatePolicyTemplateOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *CreatePolicyTemplateOutput) SetPolicyTemplateId(v string) *CreatePolicyTemplateOutput { + s.PolicyTemplateId = &v + return s +} + +type DeleteIdentitySourceInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the identity source that you want to delete. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the identity source that + // you want to delete. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIdentitySourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIdentitySourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteIdentitySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteIdentitySourceInput"} + if s.IdentitySourceId == nil { + invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) + } + if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *DeleteIdentitySourceInput) SetIdentitySourceId(v string) *DeleteIdentitySourceInput { + s.IdentitySourceId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *DeleteIdentitySourceInput) SetPolicyStoreId(v string) *DeleteIdentitySourceInput { + s.PolicyStoreId = &v + return s +} + +type DeleteIdentitySourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIdentitySourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIdentitySourceOutput) GoString() string { + return s.String() +} + +type DeletePolicyInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy that you want to delete. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the policy that you want + // to delete. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeletePolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"} + if s.PolicyId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyId")) + } + if s.PolicyId != nil && len(*s.PolicyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyId sets the PolicyId field's value. +func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *DeletePolicyInput) SetPolicyStoreId(v string) *DeletePolicyInput { + s.PolicyStoreId = &v + return s +} + +type DeletePolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyOutput) GoString() string { + return s.String() +} + +type DeletePolicyStoreInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that you want to delete. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyStoreInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyStoreInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeletePolicyStoreInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeletePolicyStoreInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *DeletePolicyStoreInput) SetPolicyStoreId(v string) *DeletePolicyStoreInput { + s.PolicyStoreId = &v + return s +} + +type DeletePolicyStoreOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyStoreOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyStoreOutput) GoString() string { + return s.String() +} + +type DeletePolicyTemplateInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that contains the policy template that + // you want to delete. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy template that you want to delete. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyTemplateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyTemplateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeletePolicyTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeletePolicyTemplateInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.PolicyTemplateId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) + } + if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *DeletePolicyTemplateInput) SetPolicyStoreId(v string) *DeletePolicyTemplateInput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *DeletePolicyTemplateInput) SetPolicyTemplateId(v string) *DeletePolicyTemplateInput { + s.PolicyTemplateId = &v + return s +} + +type DeletePolicyTemplateOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyTemplateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeletePolicyTemplateOutput) GoString() string { + return s.String() +} + +// Contains information about one of the policies that determined an authorization +// decision. +// +// This data type is used as an element in a response parameter for the IsAuthorized +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operations. +// +// Example: "determiningPolicies":[{"policyId":"SPEXAMPLEabcdefg111111"}] +type DeterminingPolicyItem struct { + _ struct{} `type:"structure"` + + // The Id of a policy that determined to an authorization decision. + // + // Example: "policyId":"SPEXAMPLEabcdefg111111" + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeterminingPolicyItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeterminingPolicyItem) GoString() string { + return s.String() +} + +// SetPolicyId sets the PolicyId field's value. +func (s *DeterminingPolicyItem) SetPolicyId(v string) *DeterminingPolicyItem { + s.PolicyId = &v + return s +} + +// Contains the list of entities to be considered during an authorization request. +// This includes all principals, resources, and actions required to successfully +// evaluate the request. +// +// This data type is used as a field in the response parameter for the IsAuthorized +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) +// operations. +type EntitiesDefinition struct { + _ struct{} `type:"structure"` + + // An array of entities that are needed to successfully evaluate an authorization + // request. Each entity in this array must include an identifier for the entity, + // the attributes of the entity, and a list of any parent entities. + EntityList []*EntityItem `locationName:"entityList" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntitiesDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntitiesDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EntitiesDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EntitiesDefinition"} + if s.EntityList != nil { + for i, v := range s.EntityList { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "EntityList", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEntityList sets the EntityList field's value. +func (s *EntitiesDefinition) SetEntityList(v []*EntityItem) *EntitiesDefinition { + s.EntityList = v + return s +} + +// Contains the identifier of an entity, including its ID and type. +// +// This data type is used as a request parameter for IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) +// operation, and as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html), +// GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html), +// and UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) +// operations. +// +// Example: {"entityId":"string","entityType":"string"} +type EntityIdentifier struct { + _ struct{} `type:"structure"` + + // The identifier of an entity. + // + // "entityId":"identifier" + // + // EntityId is a required field + EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true"` + + // The type of an entity. + // + // Example: "entityType":"typeName" + // + // EntityType is a required field + EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityIdentifier) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityIdentifier) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EntityIdentifier) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EntityIdentifier"} + if s.EntityId == nil { + invalidParams.Add(request.NewErrParamRequired("EntityId")) + } + if s.EntityId != nil && len(*s.EntityId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("EntityId", 1)) + } + if s.EntityType == nil { + invalidParams.Add(request.NewErrParamRequired("EntityType")) + } + if s.EntityType != nil && len(*s.EntityType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("EntityType", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEntityId sets the EntityId field's value. +func (s *EntityIdentifier) SetEntityId(v string) *EntityIdentifier { + s.EntityId = &v + return s +} + +// SetEntityType sets the EntityType field's value. +func (s *EntityIdentifier) SetEntityType(v string) *EntityIdentifier { + s.EntityType = &v + return s +} + +// Contains information about an entity that can be referenced in a Cedar policy. +// +// This data type is used as one of the fields in the EntitiesDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html) +// structure. +// +// { "id": { "entityType": "Photo", "entityId": "VacationPhoto94.jpg" }, "Attributes": +// {}, "Parents": [ { "entityType": "Album", "entityId": "alice_folder" } ] +// } +type EntityItem struct { + _ struct{} `type:"structure"` + + // A list of attributes for the entity. + Attributes map[string]*AttributeValue `locationName:"attributes" type:"map"` + + // The identifier of the entity. + // + // Identifier is a required field + Identifier *EntityIdentifier `locationName:"identifier" type:"structure" required:"true"` + + // The parents in the hierarchy that contains the entity. + Parents []*EntityIdentifier `locationName:"parents" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityItem) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EntityItem) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EntityItem"} + if s.Identifier == nil { + invalidParams.Add(request.NewErrParamRequired("Identifier")) + } + if s.Attributes != nil { + for i, v := range s.Attributes { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Attributes", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Identifier != nil { + if err := s.Identifier.Validate(); err != nil { + invalidParams.AddNested("Identifier", err.(request.ErrInvalidParams)) + } + } + if s.Parents != nil { + for i, v := range s.Parents { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Parents", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAttributes sets the Attributes field's value. +func (s *EntityItem) SetAttributes(v map[string]*AttributeValue) *EntityItem { + s.Attributes = v + return s +} + +// SetIdentifier sets the Identifier field's value. +func (s *EntityItem) SetIdentifier(v *EntityIdentifier) *EntityItem { + s.Identifier = v + return s +} + +// SetParents sets the Parents field's value. +func (s *EntityItem) SetParents(v []*EntityIdentifier) *EntityItem { + s.Parents = v + return s +} + +// Contains information about a principal or resource that can be referenced +// in a Cedar policy. +// +// This data type is used as part of the PolicyFilter (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html) +// structure that is used as a request parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) +// operation.. +type EntityReference struct { + _ struct{} `type:"structure"` + + // The identifier of the entity. It can consist of either an EntityType and + // EntityId, a principal, or a resource. + Identifier *EntityIdentifier `locationName:"identifier" type:"structure"` + + // Used to indicate that a principal or resource is not specified. This can + // be used to search for policies that are not associated with a specific principal + // or resource. + Unspecified *bool `locationName:"unspecified" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityReference) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EntityReference) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EntityReference) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EntityReference"} + if s.Identifier != nil { + if err := s.Identifier.Validate(); err != nil { + invalidParams.AddNested("Identifier", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentifier sets the Identifier field's value. +func (s *EntityReference) SetIdentifier(v *EntityIdentifier) *EntityReference { + s.Identifier = v + return s +} + +// SetUnspecified sets the Unspecified field's value. +func (s *EntityReference) SetUnspecified(v bool) *EntityReference { + s.Unspecified = &v + return s +} + +// Contains a description of an evaluation error. +// +// This data type is used as a request parameter in the IsAuthorized (https://docs.aws.amazon.com/amazon-verified-permissions/latest/APIReference/API_IsAuthorized.html) +// and IsAuthorizedWithToken (https://docs.aws.amazon.com/amazon-verified-permissions/latest/APIReference/API_IsAuthorizedWithToken.html) +// operations. +type EvaluationErrorItem struct { + _ struct{} `type:"structure"` + + // The error description. + // + // ErrorDescription is a required field + ErrorDescription *string `locationName:"errorDescription" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EvaluationErrorItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EvaluationErrorItem) GoString() string { + return s.String() +} + +// SetErrorDescription sets the ErrorDescription field's value. +func (s *EvaluationErrorItem) SetErrorDescription(v string) *EvaluationErrorItem { + s.ErrorDescription = &v + return s +} + +type GetIdentitySourceInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the identity source you want information about. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the identity source you + // want information about. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIdentitySourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIdentitySourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIdentitySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIdentitySourceInput"} + if s.IdentitySourceId == nil { + invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) + } + if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *GetIdentitySourceInput) SetIdentitySourceId(v string) *GetIdentitySourceInput { + s.IdentitySourceId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetIdentitySourceInput) SetPolicyStoreId(v string) *GetIdentitySourceInput { + s.PolicyStoreId = &v + return s +} + +type GetIdentitySourceOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the identity source was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // A structure that describes the configuration of the identity source. + // + // Details is a required field + Details *IdentitySourceDetails `locationName:"details" type:"structure" required:"true"` + + // The ID of the identity source. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // The date and time that the identity source was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the identity source. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The data type of principals generated for identities authenticated by this + // identity source. + // + // PrincipalEntityType is a required field + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIdentitySourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIdentitySourceOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *GetIdentitySourceOutput) SetCreatedDate(v time.Time) *GetIdentitySourceOutput { + s.CreatedDate = &v + return s +} + +// SetDetails sets the Details field's value. +func (s *GetIdentitySourceOutput) SetDetails(v *IdentitySourceDetails) *GetIdentitySourceOutput { + s.Details = v + return s +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *GetIdentitySourceOutput) SetIdentitySourceId(v string) *GetIdentitySourceOutput { + s.IdentitySourceId = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *GetIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *GetIdentitySourceOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetIdentitySourceOutput) SetPolicyStoreId(v string) *GetIdentitySourceOutput { + s.PolicyStoreId = &v + return s +} + +// SetPrincipalEntityType sets the PrincipalEntityType field's value. +func (s *GetIdentitySourceOutput) SetPrincipalEntityType(v string) *GetIdentitySourceOutput { + s.PrincipalEntityType = &v + return s +} + +type GetPolicyInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy you want information about. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the policy that you want + // information about. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"} + if s.PolicyId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyId")) + } + if s.PolicyId != nil && len(*s.PolicyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyId sets the PolicyId field's value. +func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyInput) SetPolicyStoreId(v string) *GetPolicyInput { + s.PolicyStoreId = &v + return s +} + +type GetPolicyOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the policy was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The definition of the requested policy. + // + // Definition is a required field + Definition *PolicyDefinitionDetail `locationName:"definition" type:"structure" required:"true"` + + // The date and time that the policy was last updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique ID of the policy that you want information about. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // The ID of the policy store that contains the policy that you want information + // about. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The type of the policy. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` + + // The principal specified in the policy's scope. This element isn't included + // in the response when Principal isn't present in the policy content. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource specified in the policy's scope. This element isn't included + // in the response when Resource isn't present in the policy content. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *GetPolicyOutput) SetCreatedDate(v time.Time) *GetPolicyOutput { + s.CreatedDate = &v + return s +} + +// SetDefinition sets the Definition field's value. +func (s *GetPolicyOutput) SetDefinition(v *PolicyDefinitionDetail) *GetPolicyOutput { + s.Definition = v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *GetPolicyOutput) SetLastUpdatedDate(v time.Time) *GetPolicyOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyId sets the PolicyId field's value. +func (s *GetPolicyOutput) SetPolicyId(v string) *GetPolicyOutput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyOutput) SetPolicyStoreId(v string) *GetPolicyOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *GetPolicyOutput) SetPolicyType(v string) *GetPolicyOutput { + s.PolicyType = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *GetPolicyOutput) SetPrincipal(v *EntityIdentifier) *GetPolicyOutput { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *GetPolicyOutput) SetResource(v *EntityIdentifier) *GetPolicyOutput { + s.Resource = v + return s +} + +type GetPolicyStoreInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that you want information about. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyStoreInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyStoreInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetPolicyStoreInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetPolicyStoreInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyStoreInput) SetPolicyStoreId(v string) *GetPolicyStoreInput { + s.PolicyStoreId = &v + return s +} + +type GetPolicyStoreOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the policy store. + // + // Arn is a required field + Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` + + // The date and time that the policy store was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the policy store was last updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store; + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The current validation settings for the policy store. + // + // ValidationSettings is a required field + ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyStoreOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyStoreOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *GetPolicyStoreOutput) SetArn(v string) *GetPolicyStoreOutput { + s.Arn = &v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *GetPolicyStoreOutput) SetCreatedDate(v time.Time) *GetPolicyStoreOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *GetPolicyStoreOutput) SetLastUpdatedDate(v time.Time) *GetPolicyStoreOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyStoreOutput) SetPolicyStoreId(v string) *GetPolicyStoreOutput { + s.PolicyStoreId = &v + return s +} + +// SetValidationSettings sets the ValidationSettings field's value. +func (s *GetPolicyStoreOutput) SetValidationSettings(v *ValidationSettings) *GetPolicyStoreOutput { + s.ValidationSettings = v + return s +} + +type GetPolicyTemplateInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that contains the policy template that + // you want information about. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy template that you want information about. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyTemplateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyTemplateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetPolicyTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetPolicyTemplateInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.PolicyTemplateId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) + } + if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyTemplateInput) SetPolicyStoreId(v string) *GetPolicyTemplateInput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *GetPolicyTemplateInput) SetPolicyTemplateId(v string) *GetPolicyTemplateInput { + s.PolicyTemplateId = &v + return s +} + +type GetPolicyTemplateOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the policy template was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The description of the policy template. + Description *string `locationName:"description" type:"string"` + + // The date and time that the policy template was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the policy template. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The ID of the policy template. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` + + // The content of the body of the policy template written in the Cedar policy + // language. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyTemplateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetPolicyTemplateOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *GetPolicyTemplateOutput) SetCreatedDate(v time.Time) *GetPolicyTemplateOutput { + s.CreatedDate = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *GetPolicyTemplateOutput) SetDescription(v string) *GetPolicyTemplateOutput { + s.Description = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *GetPolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *GetPolicyTemplateOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetPolicyTemplateOutput) SetPolicyStoreId(v string) *GetPolicyTemplateOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *GetPolicyTemplateOutput) SetPolicyTemplateId(v string) *GetPolicyTemplateOutput { + s.PolicyTemplateId = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *GetPolicyTemplateOutput) SetStatement(v string) *GetPolicyTemplateOutput { + s.Statement = &v + return s +} + +type GetSchemaInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that contains the schema. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSchemaInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSchemaInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetSchemaInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetSchemaInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetSchemaInput) SetPolicyStoreId(v string) *GetSchemaInput { + s.PolicyStoreId = &v + return s +} + +type GetSchemaOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the schema was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the schema was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the schema. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The body of the schema, written in Cedar schema JSON. + // + // Schema is a required field + Schema *string `locationName:"schema" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSchemaOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSchemaOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *GetSchemaOutput) SetCreatedDate(v time.Time) *GetSchemaOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *GetSchemaOutput) SetLastUpdatedDate(v time.Time) *GetSchemaOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *GetSchemaOutput) SetPolicyStoreId(v string) *GetSchemaOutput { + s.PolicyStoreId = &v + return s +} + +// SetSchema sets the Schema field's value. +func (s *GetSchemaOutput) SetSchema(v string) *GetSchemaOutput { + s.Schema = &v + return s +} + +// A structure that contains configuration of the identity source. +// +// This data type is used as a response parameter for the CreateIdentitySource +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) +// operation. +type IdentitySourceDetails struct { + _ struct{} `type:"structure"` + + // The application client IDs associated with the specified Amazon Cognito user + // pool that are enabled for this identity source. + ClientIds []*string `locationName:"clientIds" type:"list"` + + // The well-known URL that points to this user pool's OIDC discovery endpoint. + // This is a URL string in the following format. This URL replaces the placeholders + // for both the Amazon Web Services Region and the user pool identifier with + // those appropriate for this user pool. + // + // https://cognito-idp..amazonaws.com//.well-known/openid-configuration + DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"` + + // A string that identifies the type of OIDC service represented by this identity + // source. + // + // At this time, the only valid value is cognito. + OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"` + + // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // of the Amazon Cognito user pool whose identities are accessible to this Verified + // Permissions policy store. + UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceDetails) GoString() string { + return s.String() +} + +// SetClientIds sets the ClientIds field's value. +func (s *IdentitySourceDetails) SetClientIds(v []*string) *IdentitySourceDetails { + s.ClientIds = v + return s +} + +// SetDiscoveryUrl sets the DiscoveryUrl field's value. +func (s *IdentitySourceDetails) SetDiscoveryUrl(v string) *IdentitySourceDetails { + s.DiscoveryUrl = &v + return s +} + +// SetOpenIdIssuer sets the OpenIdIssuer field's value. +func (s *IdentitySourceDetails) SetOpenIdIssuer(v string) *IdentitySourceDetails { + s.OpenIdIssuer = &v + return s +} + +// SetUserPoolArn sets the UserPoolArn field's value. +func (s *IdentitySourceDetails) SetUserPoolArn(v string) *IdentitySourceDetails { + s.UserPoolArn = &v + return s +} + +// A structure that defines characteristics of an identity source that you can +// use to filter. +// +// This data type is used as a request parameter for the ListIdentityStores +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) +// operation. +type IdentitySourceFilter struct { + _ struct{} `type:"structure"` + + // The Cedar entity type of the principals returned by the identity provider + // (IdP) associated with this identity source. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceFilter) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *IdentitySourceFilter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "IdentitySourceFilter"} + if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPrincipalEntityType sets the PrincipalEntityType field's value. +func (s *IdentitySourceFilter) SetPrincipalEntityType(v string) *IdentitySourceFilter { + s.PrincipalEntityType = &v + return s +} + +// A structure that defines an identity source. +// +// This data type is used as a request parameter for the ListIdentityStores +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) +// operation. +type IdentitySourceItem struct { + _ struct{} `type:"structure"` + + // The date and time the identity source was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // A structure that contains the details of the associated identity provider + // (IdP). + // + // Details is a required field + Details *IdentitySourceItemDetails `locationName:"details" type:"structure" required:"true"` + + // The unique identifier of the identity source. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // The date and time the identity source was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The identifier of the policy store that contains the identity source. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The Cedar entity type of the principals returned from the IdP associated + // with this identity source. + // + // PrincipalEntityType is a required field + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceItem) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *IdentitySourceItem) SetCreatedDate(v time.Time) *IdentitySourceItem { + s.CreatedDate = &v + return s +} + +// SetDetails sets the Details field's value. +func (s *IdentitySourceItem) SetDetails(v *IdentitySourceItemDetails) *IdentitySourceItem { + s.Details = v + return s +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *IdentitySourceItem) SetIdentitySourceId(v string) *IdentitySourceItem { + s.IdentitySourceId = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *IdentitySourceItem) SetLastUpdatedDate(v time.Time) *IdentitySourceItem { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *IdentitySourceItem) SetPolicyStoreId(v string) *IdentitySourceItem { + s.PolicyStoreId = &v + return s +} + +// SetPrincipalEntityType sets the PrincipalEntityType field's value. +func (s *IdentitySourceItem) SetPrincipalEntityType(v string) *IdentitySourceItem { + s.PrincipalEntityType = &v + return s +} + +// A structure that contains configuration of the identity source. +// +// This data type is used as a response parameter for the CreateIdentitySource +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) +// operation. +type IdentitySourceItemDetails struct { + _ struct{} `type:"structure"` + + // The application client IDs associated with the specified Amazon Cognito user + // pool that are enabled for this identity source. + ClientIds []*string `locationName:"clientIds" type:"list"` + + // The well-known URL that points to this user pool's OIDC discovery endpoint. + // This is a URL string in the following format. This URL replaces the placeholders + // for both the Amazon Web Services Region and the user pool identifier with + // those appropriate for this user pool. + // + // https://cognito-idp..amazonaws.com//.well-known/openid-configuration + DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"` + + // A string that identifies the type of OIDC service represented by this identity + // source. + // + // At this time, the only valid value is cognito. + OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"` + + // The Amazon Cognito user pool whose identities are accessible to this Verified + // Permissions policy store. + UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceItemDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IdentitySourceItemDetails) GoString() string { + return s.String() +} + +// SetClientIds sets the ClientIds field's value. +func (s *IdentitySourceItemDetails) SetClientIds(v []*string) *IdentitySourceItemDetails { + s.ClientIds = v + return s +} + +// SetDiscoveryUrl sets the DiscoveryUrl field's value. +func (s *IdentitySourceItemDetails) SetDiscoveryUrl(v string) *IdentitySourceItemDetails { + s.DiscoveryUrl = &v + return s +} + +// SetOpenIdIssuer sets the OpenIdIssuer field's value. +func (s *IdentitySourceItemDetails) SetOpenIdIssuer(v string) *IdentitySourceItemDetails { + s.OpenIdIssuer = &v + return s +} + +// SetUserPoolArn sets the UserPoolArn field's value. +func (s *IdentitySourceItemDetails) SetUserPoolArn(v string) *IdentitySourceItemDetails { + s.UserPoolArn = &v + return s +} + +// The request failed because of an internal error. Try your request again later +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +type IsAuthorizedInput struct { + _ struct{} `type:"structure"` + + // Specifies the requested action to be authorized. For example, is the principal + // authorized to perform this action on the resource? + Action *ActionIdentifier `locationName:"action" type:"structure"` + + // Specifies additional context that can be used to make more granular authorization + // decisions. + Context *ContextDefinition `locationName:"context" type:"structure"` + + // Specifies the list of entities and their associated attributes that Verified + // Permissions can examine when evaluating the policies. + Entities *EntitiesDefinition `locationName:"entities" type:"structure"` + + // Specifies the ID of the policy store. Policies in this policy store will + // be used to make an authorization decision for the input. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the principal for which the authorization decision is to be made. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // Specifies the resource for which the authorization decision is to be made. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *IsAuthorizedInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "IsAuthorizedInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Action != nil { + if err := s.Action.Validate(); err != nil { + invalidParams.AddNested("Action", err.(request.ErrInvalidParams)) + } + } + if s.Context != nil { + if err := s.Context.Validate(); err != nil { + invalidParams.AddNested("Context", err.(request.ErrInvalidParams)) + } + } + if s.Entities != nil { + if err := s.Entities.Validate(); err != nil { + invalidParams.AddNested("Entities", err.(request.ErrInvalidParams)) + } + } + if s.Principal != nil { + if err := s.Principal.Validate(); err != nil { + invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) + } + } + if s.Resource != nil { + if err := s.Resource.Validate(); err != nil { + invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAction sets the Action field's value. +func (s *IsAuthorizedInput) SetAction(v *ActionIdentifier) *IsAuthorizedInput { + s.Action = v + return s +} + +// SetContext sets the Context field's value. +func (s *IsAuthorizedInput) SetContext(v *ContextDefinition) *IsAuthorizedInput { + s.Context = v + return s +} + +// SetEntities sets the Entities field's value. +func (s *IsAuthorizedInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedInput { + s.Entities = v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *IsAuthorizedInput) SetPolicyStoreId(v string) *IsAuthorizedInput { + s.PolicyStoreId = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *IsAuthorizedInput) SetPrincipal(v *EntityIdentifier) *IsAuthorizedInput { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *IsAuthorizedInput) SetResource(v *EntityIdentifier) *IsAuthorizedInput { + s.Resource = v + return s +} + +type IsAuthorizedOutput struct { + _ struct{} `type:"structure"` + + // An authorization decision that indicates if the authorization request should + // be allowed or denied. + // + // Decision is a required field + Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"` + + // The list of determining policies used to make the authorization decision. + // For example, if there are two matching policies, where one is a forbid and + // the other is a permit, then the forbid policy will be the determining policy. + // In the case of multiple matching permit policies then there would be multiple + // determining policies. In the case that no policies match, and hence the response + // is DENY, there would be no determining policies. + // + // DeterminingPolicies is a required field + DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"` + + // Errors that occurred while making an authorization decision, for example, + // a policy references an Entity or entity Attribute that does not exist in + // the slice. + // + // Errors is a required field + Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedOutput) GoString() string { + return s.String() +} + +// SetDecision sets the Decision field's value. +func (s *IsAuthorizedOutput) SetDecision(v string) *IsAuthorizedOutput { + s.Decision = &v + return s +} + +// SetDeterminingPolicies sets the DeterminingPolicies field's value. +func (s *IsAuthorizedOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedOutput { + s.DeterminingPolicies = v + return s +} + +// SetErrors sets the Errors field's value. +func (s *IsAuthorizedOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedOutput { + s.Errors = v + return s +} + +type IsAuthorizedWithTokenInput struct { + _ struct{} `type:"structure"` + + // Specifies an access token for the principal to be authorized. This token + // is provided to you by the identity provider (IdP) associated with the specified + // identity source. You must specify either an AccessToken or an IdentityToken, + // but not both. + AccessToken *string `locationName:"accessToken" min:"1" type:"string"` + + // Specifies the requested action to be authorized. Is the specified principal + // authorized to perform this action on the specified resource. + Action *ActionIdentifier `locationName:"action" type:"structure"` + + // Specifies additional context that can be used to make more granular authorization + // decisions. + Context *ContextDefinition `locationName:"context" type:"structure"` + + // Specifies the list of entities and their associated attributes that Verified + // Permissions can examine when evaluating the policies. + Entities *EntitiesDefinition `locationName:"entities" type:"structure"` + + // Specifies an identity token for the principal to be authorized. This token + // is provided to you by the identity provider (IdP) associated with the specified + // identity source. You must specify either an AccessToken or an IdentityToken, + // but not both. + IdentityToken *string `locationName:"identityToken" min:"1" type:"string"` + + // Specifies the ID of the policy store. Policies in this policy store will + // be used to make an authorization decision for the input. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the resource for which the authorization decision is made. For + // example, is the principal allowed to perform the action on the resource? + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedWithTokenInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedWithTokenInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *IsAuthorizedWithTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "IsAuthorizedWithTokenInput"} + if s.AccessToken != nil && len(*s.AccessToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AccessToken", 1)) + } + if s.IdentityToken != nil && len(*s.IdentityToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("IdentityToken", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Action != nil { + if err := s.Action.Validate(); err != nil { + invalidParams.AddNested("Action", err.(request.ErrInvalidParams)) + } + } + if s.Context != nil { + if err := s.Context.Validate(); err != nil { + invalidParams.AddNested("Context", err.(request.ErrInvalidParams)) + } + } + if s.Entities != nil { + if err := s.Entities.Validate(); err != nil { + invalidParams.AddNested("Entities", err.(request.ErrInvalidParams)) + } + } + if s.Resource != nil { + if err := s.Resource.Validate(); err != nil { + invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *IsAuthorizedWithTokenInput) SetAccessToken(v string) *IsAuthorizedWithTokenInput { + s.AccessToken = &v + return s +} + +// SetAction sets the Action field's value. +func (s *IsAuthorizedWithTokenInput) SetAction(v *ActionIdentifier) *IsAuthorizedWithTokenInput { + s.Action = v + return s +} + +// SetContext sets the Context field's value. +func (s *IsAuthorizedWithTokenInput) SetContext(v *ContextDefinition) *IsAuthorizedWithTokenInput { + s.Context = v + return s +} + +// SetEntities sets the Entities field's value. +func (s *IsAuthorizedWithTokenInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedWithTokenInput { + s.Entities = v + return s +} + +// SetIdentityToken sets the IdentityToken field's value. +func (s *IsAuthorizedWithTokenInput) SetIdentityToken(v string) *IsAuthorizedWithTokenInput { + s.IdentityToken = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *IsAuthorizedWithTokenInput) SetPolicyStoreId(v string) *IsAuthorizedWithTokenInput { + s.PolicyStoreId = &v + return s +} + +// SetResource sets the Resource field's value. +func (s *IsAuthorizedWithTokenInput) SetResource(v *EntityIdentifier) *IsAuthorizedWithTokenInput { + s.Resource = v + return s +} + +type IsAuthorizedWithTokenOutput struct { + _ struct{} `type:"structure"` + + // An authorization decision that indicates if the authorization request should + // be allowed or denied. + // + // Decision is a required field + Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"` + + // The list of determining policies used to make the authorization decision. + // For example, if there are multiple matching policies, where at least one + // is a forbid policy, then because forbid always overrides permit the forbid + // policies are the determining policies. If all matching policies are permit + // policies, then those policies are the determining policies. When no policies + // match and the response is the default DENY, there are no determining policies. + // + // DeterminingPolicies is a required field + DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"` + + // Errors that occurred while making an authorization decision. For example, + // a policy references an entity or entity attribute that does not exist in + // the slice. + // + // Errors is a required field + Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedWithTokenOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IsAuthorizedWithTokenOutput) GoString() string { + return s.String() +} + +// SetDecision sets the Decision field's value. +func (s *IsAuthorizedWithTokenOutput) SetDecision(v string) *IsAuthorizedWithTokenOutput { + s.Decision = &v + return s +} + +// SetDeterminingPolicies sets the DeterminingPolicies field's value. +func (s *IsAuthorizedWithTokenOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedWithTokenOutput { + s.DeterminingPolicies = v + return s +} + +// SetErrors sets the Errors field's value. +func (s *IsAuthorizedWithTokenOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedWithTokenOutput { + s.Errors = v + return s +} + +type ListIdentitySourcesInput struct { + _ struct{} `type:"structure"` + + // Specifies characteristics of an identity source that you can use to limit + // the output to matching identity sources. + Filters []*IdentitySourceFilter `locationName:"filters" type:"list"` + + // Specifies the total number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // that is specific to the operation. If additional items exist beyond the number + // you specify, the NextToken response element is returned with a value (not + // null). Include the specified value as the NextToken request parameter in + // the next call to the operation to get the next part of the results. Note + // that the service might return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // Specifies that you want to receive the next page of results. Valid only if + // you received a NextToken response in the previous request. If you did, it + // indicates that more output is available. Set this parameter to the value + // provided by the previous call's NextToken response to request the next page + // of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Specifies the ID of the policy store that contains the identity sources that + // you want to list. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListIdentitySourcesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListIdentitySourcesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListIdentitySourcesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListIdentitySourcesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *ListIdentitySourcesInput) SetFilters(v []*IdentitySourceFilter) *ListIdentitySourcesInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListIdentitySourcesInput) SetMaxResults(v int64) *ListIdentitySourcesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListIdentitySourcesInput) SetNextToken(v string) *ListIdentitySourcesInput { + s.NextToken = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *ListIdentitySourcesInput) SetPolicyStoreId(v string) *ListIdentitySourcesInput { + s.PolicyStoreId = &v + return s +} + +type ListIdentitySourcesOutput struct { + _ struct{} `type:"structure"` + + // The list of identity sources stored in the specified policy store. + // + // IdentitySources is a required field + IdentitySources []*IdentitySourceItem `locationName:"identitySources" type:"list" required:"true"` + + // If present, this value indicates that more output is available than is included + // in the current response. Use this value in the NextToken request parameter + // in a subsequent call to the operation to get the next part of the output. + // You should repeat this until the NextToken response element comes back as + // null. This indicates that this is the last page of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListIdentitySourcesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListIdentitySourcesOutput) GoString() string { + return s.String() +} + +// SetIdentitySources sets the IdentitySources field's value. +func (s *ListIdentitySourcesOutput) SetIdentitySources(v []*IdentitySourceItem) *ListIdentitySourcesOutput { + s.IdentitySources = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListIdentitySourcesOutput) SetNextToken(v string) *ListIdentitySourcesOutput { + s.NextToken = &v + return s +} + +type ListPoliciesInput struct { + _ struct{} `type:"structure"` + + // Specifies a filter that limits the response to only policies that match the + // specified criteria. For example, you list only the policies that reference + // a specified principal. + Filter *PolicyFilter `locationName:"filter" type:"structure"` + + // Specifies the total number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // that is specific to the operation. If additional items exist beyond the number + // you specify, the NextToken response element is returned with a value (not + // null). Include the specified value as the NextToken request parameter in + // the next call to the operation to get the next part of the results. Note + // that the service might return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // Specifies that you want to receive the next page of results. Valid only if + // you received a NextToken response in the previous request. If you did, it + // indicates that more output is available. Set this parameter to the value + // provided by the previous call's NextToken response to request the next page + // of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Specifies the ID of the policy store you want to list policies from. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPoliciesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPoliciesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListPoliciesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Filter != nil { + if err := s.Filter.Validate(); err != nil { + invalidParams.AddNested("Filter", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilter sets the Filter field's value. +func (s *ListPoliciesInput) SetFilter(v *PolicyFilter) *ListPoliciesInput { + s.Filter = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput { + s.NextToken = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *ListPoliciesInput) SetPolicyStoreId(v string) *ListPoliciesInput { + s.PolicyStoreId = &v + return s +} + +type ListPoliciesOutput struct { + _ struct{} `type:"structure"` + + // If present, this value indicates that more output is available than is included + // in the current response. Use this value in the NextToken request parameter + // in a subsequent call to the operation to get the next part of the output. + // You should repeat this until the NextToken response element comes back as + // null. This indicates that this is the last page of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Lists all policies that are available in the specified policy store. + // + // Policies is a required field + Policies []*PolicyItem `locationName:"policies" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPoliciesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPoliciesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput { + s.NextToken = &v + return s +} + +// SetPolicies sets the Policies field's value. +func (s *ListPoliciesOutput) SetPolicies(v []*PolicyItem) *ListPoliciesOutput { + s.Policies = v + return s +} + +type ListPolicyStoresInput struct { + _ struct{} `type:"structure"` + + // Specifies the total number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // that is specific to the operation. If additional items exist beyond the number + // you specify, the NextToken response element is returned with a value (not + // null). Include the specified value as the NextToken request parameter in + // the next call to the operation to get the next part of the results. Note + // that the service might return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // Specifies that you want to receive the next page of results. Valid only if + // you received a NextToken response in the previous request. If you did, it + // indicates that more output is available. Set this parameter to the value + // provided by the previous call's NextToken response to request the next page + // of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyStoresInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyStoresInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListPolicyStoresInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListPolicyStoresInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListPolicyStoresInput) SetMaxResults(v int64) *ListPolicyStoresInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPolicyStoresInput) SetNextToken(v string) *ListPolicyStoresInput { + s.NextToken = &v + return s +} + +type ListPolicyStoresOutput struct { + _ struct{} `type:"structure"` + + // If present, this value indicates that more output is available than is included + // in the current response. Use this value in the NextToken request parameter + // in a subsequent call to the operation to get the next part of the output. + // You should repeat this until the NextToken response element comes back as + // null. This indicates that this is the last page of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The list of policy stores in the account. + // + // PolicyStores is a required field + PolicyStores []*PolicyStoreItem `locationName:"policyStores" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyStoresOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyStoresOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPolicyStoresOutput) SetNextToken(v string) *ListPolicyStoresOutput { + s.NextToken = &v + return s +} + +// SetPolicyStores sets the PolicyStores field's value. +func (s *ListPolicyStoresOutput) SetPolicyStores(v []*PolicyStoreItem) *ListPolicyStoresOutput { + s.PolicyStores = v + return s +} + +type ListPolicyTemplatesInput struct { + _ struct{} `type:"structure"` + + // Specifies the total number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // that is specific to the operation. If additional items exist beyond the number + // you specify, the NextToken response element is returned with a value (not + // null). Include the specified value as the NextToken request parameter in + // the next call to the operation to get the next part of the results. Note + // that the service might return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // Specifies that you want to receive the next page of results. Valid only if + // you received a NextToken response in the previous request. If you did, it + // indicates that more output is available. Set this parameter to the value + // provided by the previous call's NextToken response to request the next page + // of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Specifies the ID of the policy store that contains the policy templates you + // want to list. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyTemplatesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyTemplatesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListPolicyTemplatesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListPolicyTemplatesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListPolicyTemplatesInput) SetMaxResults(v int64) *ListPolicyTemplatesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPolicyTemplatesInput) SetNextToken(v string) *ListPolicyTemplatesInput { + s.NextToken = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *ListPolicyTemplatesInput) SetPolicyStoreId(v string) *ListPolicyTemplatesInput { + s.PolicyStoreId = &v + return s +} + +type ListPolicyTemplatesOutput struct { + _ struct{} `type:"structure"` + + // If present, this value indicates that more output is available than is included + // in the current response. Use this value in the NextToken request parameter + // in a subsequent call to the operation to get the next part of the output. + // You should repeat this until the NextToken response element comes back as + // null. This indicates that this is the last page of results. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The list of the policy templates in the specified policy store. + // + // PolicyTemplates is a required field + PolicyTemplates []*PolicyTemplateItem `locationName:"policyTemplates" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyTemplatesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListPolicyTemplatesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListPolicyTemplatesOutput) SetNextToken(v string) *ListPolicyTemplatesOutput { + s.NextToken = &v + return s +} + +// SetPolicyTemplates sets the PolicyTemplates field's value. +func (s *ListPolicyTemplatesOutput) SetPolicyTemplates(v []*PolicyTemplateItem) *ListPolicyTemplatesOutput { + s.PolicyTemplates = v + return s +} + +// A structure that contains the details for a Cedar policy definition. It includes +// the policy type, a description, and a policy body. This is a top level data +// type used to create a policy. +// +// This data type is used as a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) +// operation. This structure must always have either an static or a templateLinked +// element. +type PolicyDefinition struct { + _ struct{} `type:"structure"` + + // A structure that describes a static policy. An static policy doesn't use + // a template or allow placeholders for entities. + Static *StaticPolicyDefinition `locationName:"static" type:"structure"` + + // A structure that describes a policy that was instantiated from a template. + // The template can specify placeholders for principal and resource. When you + // use CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) + // to create a policy from a template, you specify the exact principal and resource + // to use for the instantiated policy. + TemplateLinked *TemplateLinkedPolicyDefinition `locationName:"templateLinked" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PolicyDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PolicyDefinition"} + if s.Static != nil { + if err := s.Static.Validate(); err != nil { + invalidParams.AddNested("Static", err.(request.ErrInvalidParams)) + } + } + if s.TemplateLinked != nil { + if err := s.TemplateLinked.Validate(); err != nil { + invalidParams.AddNested("TemplateLinked", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetStatic sets the Static field's value. +func (s *PolicyDefinition) SetStatic(v *StaticPolicyDefinition) *PolicyDefinition { + s.Static = v + return s +} + +// SetTemplateLinked sets the TemplateLinked field's value. +func (s *PolicyDefinition) SetTemplateLinked(v *TemplateLinkedPolicyDefinition) *PolicyDefinition { + s.TemplateLinked = v + return s +} + +// A structure that describes a policy definition. It must always have either +// an static or a templateLinked element. +// +// This data type is used as a response parameter for the GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html) +// operation. +type PolicyDefinitionDetail struct { + _ struct{} `type:"structure"` + + // Information about a static policy that wasn't created with a policy template. + Static *StaticPolicyDefinitionDetail `locationName:"static" type:"structure"` + + // Information about a template-linked policy that was created by instantiating + // a policy template. + TemplateLinked *TemplateLinkedPolicyDefinitionDetail `locationName:"templateLinked" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinitionDetail) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinitionDetail) GoString() string { + return s.String() +} + +// SetStatic sets the Static field's value. +func (s *PolicyDefinitionDetail) SetStatic(v *StaticPolicyDefinitionDetail) *PolicyDefinitionDetail { + s.Static = v + return s +} + +// SetTemplateLinked sets the TemplateLinked field's value. +func (s *PolicyDefinitionDetail) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionDetail) *PolicyDefinitionDetail { + s.TemplateLinked = v + return s +} + +// A structure that describes a PolicyDefinintion (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html). +// It will always have either an StaticPolicy or a TemplateLinkedPolicy element. +// +// This data type is used as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) +// and ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) +// operations. +type PolicyDefinitionItem struct { + _ struct{} `type:"structure"` + + // Information about a static policy that wasn't created with a policy template. + Static *StaticPolicyDefinitionItem `locationName:"static" type:"structure"` + + // Information about a template-linked policy that was created by instantiating + // a policy template. + TemplateLinked *TemplateLinkedPolicyDefinitionItem `locationName:"templateLinked" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinitionItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyDefinitionItem) GoString() string { + return s.String() +} + +// SetStatic sets the Static field's value. +func (s *PolicyDefinitionItem) SetStatic(v *StaticPolicyDefinitionItem) *PolicyDefinitionItem { + s.Static = v + return s +} + +// SetTemplateLinked sets the TemplateLinked field's value. +func (s *PolicyDefinitionItem) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionItem) *PolicyDefinitionItem { + s.TemplateLinked = v + return s +} + +// Contains information about a filter to refine policies returned in a query. +// +// This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) +// operation. +type PolicyFilter struct { + _ struct{} `type:"structure"` + + // Filters the output to only template-linked policies that were instantiated + // from the specified policy template. + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string"` + + // Filters the output to only policies of the specified type. + PolicyType *string `locationName:"policyType" type:"string" enum:"PolicyType"` + + // Filters the output to only policies that reference the specified principal. + Principal *EntityReference `locationName:"principal" type:"structure"` + + // Filters the output to only policies that reference the specified resource. + Resource *EntityReference `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyFilter) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PolicyFilter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PolicyFilter"} + if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) + } + if s.Principal != nil { + if err := s.Principal.Validate(); err != nil { + invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) + } + } + if s.Resource != nil { + if err := s.Resource.Validate(); err != nil { + invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *PolicyFilter) SetPolicyTemplateId(v string) *PolicyFilter { + s.PolicyTemplateId = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *PolicyFilter) SetPolicyType(v string) *PolicyFilter { + s.PolicyType = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *PolicyFilter) SetPrincipal(v *EntityReference) *PolicyFilter { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *PolicyFilter) SetResource(v *EntityReference) *PolicyFilter { + s.Resource = v + return s +} + +// Contains information about a policy. +// +// This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) +// operation. +type PolicyItem struct { + _ struct{} `type:"structure"` + + // The date and time the policy was created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The policy definition of an item in the list of policies returned. + // + // Definition is a required field + Definition *PolicyDefinitionItem `locationName:"definition" type:"structure" required:"true"` + + // The date and time the policy was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The identifier of the policy you want information about. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // The identifier of the PolicyStore where the policy you want information about + // is stored. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The type of the policy. This is one of the following values: + // + // * static + // + // * templateLinked + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` + + // The principal associated with the policy. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource associated with the policy. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyItem) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *PolicyItem) SetCreatedDate(v time.Time) *PolicyItem { + s.CreatedDate = &v + return s +} + +// SetDefinition sets the Definition field's value. +func (s *PolicyItem) SetDefinition(v *PolicyDefinitionItem) *PolicyItem { + s.Definition = v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *PolicyItem) SetLastUpdatedDate(v time.Time) *PolicyItem { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyId sets the PolicyId field's value. +func (s *PolicyItem) SetPolicyId(v string) *PolicyItem { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *PolicyItem) SetPolicyStoreId(v string) *PolicyItem { + s.PolicyStoreId = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *PolicyItem) SetPolicyType(v string) *PolicyItem { + s.PolicyType = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *PolicyItem) SetPrincipal(v *EntityIdentifier) *PolicyItem { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *PolicyItem) SetResource(v *EntityIdentifier) *PolicyItem { + s.Resource = v + return s +} + +// Contains information about a policy store. +// +// This data type is used as a response parameter for the ListPolicyStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html) +// operation. +type PolicyStoreItem struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the policy store. + // + // Arn is a required field + Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` + + // The date and time the policy was created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique identifier of the policy store. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyStoreItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyStoreItem) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *PolicyStoreItem) SetArn(v string) *PolicyStoreItem { + s.Arn = &v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *PolicyStoreItem) SetCreatedDate(v time.Time) *PolicyStoreItem { + s.CreatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *PolicyStoreItem) SetPolicyStoreId(v string) *PolicyStoreItem { + s.PolicyStoreId = &v + return s +} + +// Contains details about a policy template +// +// This data type is used as a response parameter for the ListPolicyTemplates +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html) +// operation. +type PolicyTemplateItem struct { + _ struct{} `type:"structure"` + + // The date and time that the policy template was created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The description attached to the policy template. + Description *string `locationName:"description" type:"string"` + + // The date and time that the policy template was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The unique identifier of the policy store that contains the template. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The unique identifier of the policy template. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyTemplateItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PolicyTemplateItem) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *PolicyTemplateItem) SetCreatedDate(v time.Time) *PolicyTemplateItem { + s.CreatedDate = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *PolicyTemplateItem) SetDescription(v string) *PolicyTemplateItem { + s.Description = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *PolicyTemplateItem) SetLastUpdatedDate(v time.Time) *PolicyTemplateItem { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *PolicyTemplateItem) SetPolicyStoreId(v string) *PolicyTemplateItem { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *PolicyTemplateItem) SetPolicyTemplateId(v string) *PolicyTemplateItem { + s.PolicyTemplateId = &v + return s +} + +type PutSchemaInput struct { + _ struct{} `type:"structure"` + + // Specifies the definition of the schema to be stored. The schema definition + // must be written in Cedar schema JSON. + // + // Definition is a required field + Definition *SchemaDefinition `locationName:"definition" type:"structure" required:"true"` + + // Specifies the ID of the policy store in which to place the schema. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutSchemaInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutSchemaInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutSchemaInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutSchemaInput"} + if s.Definition == nil { + invalidParams.Add(request.NewErrParamRequired("Definition")) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Definition != nil { + if err := s.Definition.Validate(); err != nil { + invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDefinition sets the Definition field's value. +func (s *PutSchemaInput) SetDefinition(v *SchemaDefinition) *PutSchemaInput { + s.Definition = v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *PutSchemaInput) SetPolicyStoreId(v string) *PutSchemaInput { + s.PolicyStoreId = &v + return s +} + +type PutSchemaOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the schema was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the schema was last updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // Identifies the namespaces of the entities referenced by this schema. + // + // Namespaces is a required field + Namespaces []*string `locationName:"namespaces" type:"list" required:"true"` + + // The unique ID of the policy store that contains the schema. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutSchemaOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutSchemaOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *PutSchemaOutput) SetCreatedDate(v time.Time) *PutSchemaOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *PutSchemaOutput) SetLastUpdatedDate(v time.Time) *PutSchemaOutput { + s.LastUpdatedDate = &v + return s +} + +// SetNamespaces sets the Namespaces field's value. +func (s *PutSchemaOutput) SetNamespaces(v []*string) *PutSchemaOutput { + s.Namespaces = v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *PutSchemaOutput) SetPolicyStoreId(v string) *PutSchemaOutput { + s.PolicyStoreId = &v + return s +} + +// Contains information about a resource conflict. +type ResourceConflict struct { + _ struct{} `type:"structure"` + + // The unique identifier of the resource involved in a conflict. + // + // ResourceId is a required field + ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + + // The type of the resource involved in a conflict. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceConflict) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceConflict) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *ResourceConflict) SetResourceId(v string) *ResourceConflict { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *ResourceConflict) SetResourceType(v string) *ResourceConflict { + s.ResourceType = &v + return s +} + +// The request failed because it references a resource that doesn't exist. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` + + // The unique ID of the resource referenced in the failed request. + // + // ResourceId is a required field + ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + + // The resource type of the resource referenced in the failed request. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains a list of principal types, resource types, and actions that can +// be specified in policies stored in the same policy store. If the validation +// mode for the policy store is set to STRICT, then policies that can't be validated +// by this schema are rejected by Verified Permissions and can't be stored in +// the policy store. +type SchemaDefinition struct { + _ struct{} `type:"structure"` + + // A JSON string representation of the schema supported by applications that + // use this policy store. For more information, see Policy store schema (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) + // in the Amazon Verified Permissions User Guide. + CedarJson *string `locationName:"cedarJson" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SchemaDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SchemaDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SchemaDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SchemaDefinition"} + if s.CedarJson != nil && len(*s.CedarJson) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CedarJson", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCedarJson sets the CedarJson field's value. +func (s *SchemaDefinition) SetCedarJson(v string) *SchemaDefinition { + s.CedarJson = &v + return s +} + +// The request failed because it would cause a service quota to be exceeded. +type ServiceQuotaExceededException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` + + // The quota code recognized by the Amazon Web Services Service Quotas service. + QuotaCode *string `locationName:"quotaCode" type:"string"` + + // The unique ID of the resource referenced in the failed request. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The resource type of the resource referenced in the failed request. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` + + // The code for the Amazon Web Service that owns the quota. + ServiceCode *string `locationName:"serviceCode" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceQuotaExceededException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceQuotaExceededException) GoString() string { + return s.String() +} + +func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error { + return &ServiceQuotaExceededException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ServiceQuotaExceededException) Code() string { + return "ServiceQuotaExceededException" +} + +// Message returns the exception's message. +func (s *ServiceQuotaExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ServiceQuotaExceededException) OrigErr() error { + return nil +} + +func (s *ServiceQuotaExceededException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ServiceQuotaExceededException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ServiceQuotaExceededException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains information about a static policy. +// +// This data type is used as a field that is part of the PolicyDefinitionDetail +// (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html) +// type. +type StaticPolicyDefinition struct { + _ struct{} `type:"structure"` + + // The description of the static policy. + Description *string `locationName:"description" type:"string"` + + // The policy content of the static policy, written in the Cedar policy language. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StaticPolicyDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StaticPolicyDefinition"} + if s.Statement == nil { + invalidParams.Add(request.NewErrParamRequired("Statement")) + } + if s.Statement != nil && len(*s.Statement) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *StaticPolicyDefinition) SetDescription(v string) *StaticPolicyDefinition { + s.Description = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *StaticPolicyDefinition) SetStatement(v string) *StaticPolicyDefinition { + s.Statement = &v + return s +} + +// A structure that contains details about a static policy. It includes the +// description and policy body. +// +// This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) +// structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) +// operation. +type StaticPolicyDefinitionDetail struct { + _ struct{} `type:"structure"` + + // A description of the static policy. + Description *string `locationName:"description" type:"string"` + + // The content of the static policy written in the Cedar policy language. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinitionDetail) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinitionDetail) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *StaticPolicyDefinitionDetail) SetDescription(v string) *StaticPolicyDefinitionDetail { + s.Description = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *StaticPolicyDefinitionDetail) SetStatement(v string) *StaticPolicyDefinitionDetail { + s.Statement = &v + return s +} + +// A structure that contains details about a static policy. It includes the +// description and policy statement. +// +// This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) +// structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) +// operation. +type StaticPolicyDefinitionItem struct { + _ struct{} `type:"structure"` + + // A description of the static policy. + Description *string `locationName:"description" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinitionItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StaticPolicyDefinitionItem) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *StaticPolicyDefinitionItem) SetDescription(v string) *StaticPolicyDefinitionItem { + s.Description = &v + return s +} + +// Contains information about a policy created by instantiating a policy template. +type TemplateLinkedPolicyDefinition struct { + _ struct{} `type:"structure"` + + // The unique identifier of the policy template used to create this policy. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` + + // The principal associated with this template-linked policy. Verified Permissions + // substitutes this principal for the ?principal placeholder in the policy template + // when it evaluates an authorization request. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource associated with this template-linked policy. Verified Permissions + // substitutes this resource for the ?resource placeholder in the policy template + // when it evaluates an authorization request. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TemplateLinkedPolicyDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TemplateLinkedPolicyDefinition"} + if s.PolicyTemplateId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) + } + if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) + } + if s.Principal != nil { + if err := s.Principal.Validate(); err != nil { + invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) + } + } + if s.Resource != nil { + if err := s.Resource.Validate(); err != nil { + invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *TemplateLinkedPolicyDefinition) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinition { + s.PolicyTemplateId = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *TemplateLinkedPolicyDefinition) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinition { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *TemplateLinkedPolicyDefinition) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinition { + s.Resource = v + return s +} + +// Contains information about a policy that was +// +// created by instantiating a policy template. +// +// This +type TemplateLinkedPolicyDefinitionDetail struct { + _ struct{} `type:"structure"` + + // The unique identifier of the policy template used to create this policy. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` + + // The principal associated with this template-linked policy. Verified Permissions + // substitutes this principal for the ?principal placeholder in the policy template + // when it evaluates an authorization request. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource associated with this template-linked policy. Verified Permissions + // substitutes this resource for the ?resource placeholder in the policy template + // when it evaluates an authorization request. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinitionDetail) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinitionDetail) GoString() string { + return s.String() +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *TemplateLinkedPolicyDefinitionDetail) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionDetail { + s.PolicyTemplateId = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *TemplateLinkedPolicyDefinitionDetail) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *TemplateLinkedPolicyDefinitionDetail) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail { + s.Resource = v + return s +} + +// Contains information about a policy created by instantiating a policy template. +// +// This +type TemplateLinkedPolicyDefinitionItem struct { + _ struct{} `type:"structure"` + + // The unique identifier of the policy template used to create this policy. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` + + // The principal associated with this template-linked policy. Verified Permissions + // substitutes this principal for the ?principal placeholder in the policy template + // when it evaluates an authorization request. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource associated with this template-linked policy. Verified Permissions + // substitutes this resource for the ?resource placeholder in the policy template + // when it evaluates an authorization request. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinitionItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TemplateLinkedPolicyDefinitionItem) GoString() string { + return s.String() +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *TemplateLinkedPolicyDefinitionItem) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionItem { + s.PolicyTemplateId = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *TemplateLinkedPolicyDefinitionItem) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *TemplateLinkedPolicyDefinitionItem) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem { + s.Resource = v + return s +} + +// The request failed because it exceeded a throttling quota. +type ThrottlingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` + + // The quota code recognized by the Amazon Web Services Service Quotas service. + QuotaCode *string `locationName:"quotaCode" type:"string"` + + // The code for the Amazon Web Service that owns the quota. + ServiceCode *string `locationName:"serviceCode" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) GoString() string { + return s.String() +} + +func newErrorThrottlingException(v protocol.ResponseMetadata) error { + return &ThrottlingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ThrottlingException) Code() string { + return "ThrottlingException" +} + +// Message returns the exception's message. +func (s *ThrottlingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ThrottlingException) OrigErr() error { + return nil +} + +func (s *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ThrottlingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ThrottlingException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains configuration details of a Amazon Cognito user pool for use with +// an identity source. +type UpdateCognitoUserPoolConfiguration struct { + _ struct{} `type:"structure"` + + // The client ID of an app client that is configured for the specified Amazon + // Cognito user pool. + ClientIds []*string `locationName:"clientIds" type:"list"` + + // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // of the Amazon Cognito user pool associated with this identity source. + // + // UserPoolArn is a required field + UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateCognitoUserPoolConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateCognitoUserPoolConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateCognitoUserPoolConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateCognitoUserPoolConfiguration"} + if s.UserPoolArn == nil { + invalidParams.Add(request.NewErrParamRequired("UserPoolArn")) + } + if s.UserPoolArn != nil && len(*s.UserPoolArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("UserPoolArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientIds sets the ClientIds field's value. +func (s *UpdateCognitoUserPoolConfiguration) SetClientIds(v []*string) *UpdateCognitoUserPoolConfiguration { + s.ClientIds = v + return s +} + +// SetUserPoolArn sets the UserPoolArn field's value. +func (s *UpdateCognitoUserPoolConfiguration) SetUserPoolArn(v string) *UpdateCognitoUserPoolConfiguration { + s.UserPoolArn = &v + return s +} + +// Contains an updated configuration to replace the configuration in an existing +// identity source. +// +// At this time, the only valid member of this structure is a Amazon Cognito +// user pool configuration. +// +// You must specify a userPoolArn, and optionally, a ClientId. +type UpdateConfiguration struct { + _ struct{} `type:"structure"` + + // Contains configuration details of a Amazon Cognito user pool. + CognitoUserPoolConfiguration *UpdateCognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateConfiguration"} + if s.CognitoUserPoolConfiguration != nil { + if err := s.CognitoUserPoolConfiguration.Validate(); err != nil { + invalidParams.AddNested("CognitoUserPoolConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value. +func (s *UpdateConfiguration) SetCognitoUserPoolConfiguration(v *UpdateCognitoUserPoolConfiguration) *UpdateConfiguration { + s.CognitoUserPoolConfiguration = v + return s +} + +type UpdateIdentitySourceInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the identity source that you want to update. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the identity source that + // you want to update. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the data type of principals generated for identities authenticated + // by the identity source. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` + + // Specifies the details required to communicate with the identity provider + // (IdP) associated with this identity source. + // + // At this time, the only valid member of this structure is a Amazon Cognito + // user pool configuration. + // + // You must specify a userPoolArn, and optionally, a ClientId. + // + // UpdateConfiguration is a required field + UpdateConfiguration *UpdateConfiguration `locationName:"updateConfiguration" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateIdentitySourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateIdentitySourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateIdentitySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateIdentitySourceInput"} + if s.IdentitySourceId == nil { + invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) + } + if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) + } + if s.UpdateConfiguration == nil { + invalidParams.Add(request.NewErrParamRequired("UpdateConfiguration")) + } + if s.UpdateConfiguration != nil { + if err := s.UpdateConfiguration.Validate(); err != nil { + invalidParams.AddNested("UpdateConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *UpdateIdentitySourceInput) SetIdentitySourceId(v string) *UpdateIdentitySourceInput { + s.IdentitySourceId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdateIdentitySourceInput) SetPolicyStoreId(v string) *UpdateIdentitySourceInput { + s.PolicyStoreId = &v + return s +} + +// SetPrincipalEntityType sets the PrincipalEntityType field's value. +func (s *UpdateIdentitySourceInput) SetPrincipalEntityType(v string) *UpdateIdentitySourceInput { + s.PrincipalEntityType = &v + return s +} + +// SetUpdateConfiguration sets the UpdateConfiguration field's value. +func (s *UpdateIdentitySourceInput) SetUpdateConfiguration(v *UpdateConfiguration) *UpdateIdentitySourceInput { + s.UpdateConfiguration = v + return s +} + +type UpdateIdentitySourceOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the updated identity source was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the updated identity source. + // + // IdentitySourceId is a required field + IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` + + // The date and time that the identity source was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the updated identity source. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateIdentitySourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateIdentitySourceOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *UpdateIdentitySourceOutput) SetCreatedDate(v time.Time) *UpdateIdentitySourceOutput { + s.CreatedDate = &v + return s +} + +// SetIdentitySourceId sets the IdentitySourceId field's value. +func (s *UpdateIdentitySourceOutput) SetIdentitySourceId(v string) *UpdateIdentitySourceOutput { + s.IdentitySourceId = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *UpdateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *UpdateIdentitySourceOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdateIdentitySourceOutput) SetPolicyStoreId(v string) *UpdateIdentitySourceOutput { + s.PolicyStoreId = &v + return s +} + +// Contains information about updates to be applied to a policy. +// +// This data type is used as a request parameter in the UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) +// operation. +type UpdatePolicyDefinition struct { + _ struct{} `type:"structure"` + + // Contains details about the updates to be applied to a static policy. + Static *UpdateStaticPolicyDefinition `locationName:"static" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdatePolicyDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyDefinition"} + if s.Static != nil { + if err := s.Static.Validate(); err != nil { + invalidParams.AddNested("Static", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetStatic sets the Static field's value. +func (s *UpdatePolicyDefinition) SetStatic(v *UpdateStaticPolicyDefinition) *UpdatePolicyDefinition { + s.Static = v + return s +} + +type UpdatePolicyInput struct { + _ struct{} `type:"structure"` + + // Specifies the updated policy content that you want to replace on the specified + // policy. The content must be valid Cedar policy language text. + // + // You can change only the following elements from the policy definition: + // + // * The action referenced by the policy. + // + // * Any conditional clauses, such as when or unless clauses. + // + // You can't change the following elements: + // + // * Changing from static to templateLinked. + // + // * Changing the effect of the policy from permit or forbid. + // + // * The principal referenced by the policy. + // + // * The resource referenced by the policy. + // + // Definition is a required field + Definition *UpdatePolicyDefinition `locationName:"definition" type:"structure" required:"true"` + + // Specifies the ID of the policy that you want to update. To find this value, + // you can use ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html). + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy store that contains the policy that you want + // to update. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdatePolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyInput"} + if s.Definition == nil { + invalidParams.Add(request.NewErrParamRequired("Definition")) + } + if s.PolicyId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyId")) + } + if s.PolicyId != nil && len(*s.PolicyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) + } + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.Definition != nil { + if err := s.Definition.Validate(); err != nil { + invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDefinition sets the Definition field's value. +func (s *UpdatePolicyInput) SetDefinition(v *UpdatePolicyDefinition) *UpdatePolicyInput { + s.Definition = v + return s +} + +// SetPolicyId sets the PolicyId field's value. +func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyInput) SetPolicyStoreId(v string) *UpdatePolicyInput { + s.PolicyStoreId = &v + return s +} + +type UpdatePolicyOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the policy was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the policy was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy that was updated. + // + // PolicyId is a required field + PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` + + // The ID of the policy store that contains the policy that was updated. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The type of the policy that was updated. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` + + // The principal specified in the policy's scope. This element isn't included + // in the response when Principal isn't present in the policy content. + Principal *EntityIdentifier `locationName:"principal" type:"structure"` + + // The resource specified in the policy's scope. This element isn't included + // in the response when Resource isn't present in the policy content. + Resource *EntityIdentifier `locationName:"resource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *UpdatePolicyOutput) SetCreatedDate(v time.Time) *UpdatePolicyOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *UpdatePolicyOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyId sets the PolicyId field's value. +func (s *UpdatePolicyOutput) SetPolicyId(v string) *UpdatePolicyOutput { + s.PolicyId = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyOutput) SetPolicyStoreId(v string) *UpdatePolicyOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *UpdatePolicyOutput) SetPolicyType(v string) *UpdatePolicyOutput { + s.PolicyType = &v + return s +} + +// SetPrincipal sets the Principal field's value. +func (s *UpdatePolicyOutput) SetPrincipal(v *EntityIdentifier) *UpdatePolicyOutput { + s.Principal = v + return s +} + +// SetResource sets the Resource field's value. +func (s *UpdatePolicyOutput) SetResource(v *EntityIdentifier) *UpdatePolicyOutput { + s.Resource = v + return s +} + +type UpdatePolicyStoreInput struct { + _ struct{} `type:"structure"` + + // Specifies the ID of the policy store that you want to update + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // A structure that defines the validation settings that want to enable for + // the policy store. + // + // ValidationSettings is a required field + ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyStoreInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyStoreInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdatePolicyStoreInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyStoreInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.ValidationSettings == nil { + invalidParams.Add(request.NewErrParamRequired("ValidationSettings")) + } + if s.ValidationSettings != nil { + if err := s.ValidationSettings.Validate(); err != nil { + invalidParams.AddNested("ValidationSettings", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyStoreInput) SetPolicyStoreId(v string) *UpdatePolicyStoreInput { + s.PolicyStoreId = &v + return s +} + +// SetValidationSettings sets the ValidationSettings field's value. +func (s *UpdatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *UpdatePolicyStoreInput { + s.ValidationSettings = v + return s +} + +type UpdatePolicyStoreOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // of the updated policy store. + // + // Arn is a required field + Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` + + // The date and time that the policy store was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the policy store was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the updated policy store. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyStoreOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyStoreOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *UpdatePolicyStoreOutput) SetArn(v string) *UpdatePolicyStoreOutput { + s.Arn = &v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *UpdatePolicyStoreOutput) SetCreatedDate(v time.Time) *UpdatePolicyStoreOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *UpdatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyStoreOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyStoreOutput) SetPolicyStoreId(v string) *UpdatePolicyStoreOutput { + s.PolicyStoreId = &v + return s +} + +type UpdatePolicyTemplateInput struct { + _ struct{} `type:"structure"` + + // Specifies a new description to apply to the policy template. + Description *string `locationName:"description" type:"string"` + + // Specifies the ID of the policy store that contains the policy template that + // you want to update. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // Specifies the ID of the policy template that you want to update. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` + + // Specifies new statement content written in Cedar policy language to replace + // the current body of the policy template. + // + // You can change only the following elements of the policy body: + // + // * The action referenced by the policy template. + // + // * Any conditional clauses, such as when or unless clauses. + // + // You can't change the following elements: + // + // * The effect (permit or forbid) of the policy template. + // + // * The principal referenced by the policy template. + // + // * The resource referenced by the policy template. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyTemplateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyTemplateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdatePolicyTemplateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyTemplateInput"} + if s.PolicyStoreId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) + } + if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) + } + if s.PolicyTemplateId == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) + } + if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) + } + if s.Statement == nil { + invalidParams.Add(request.NewErrParamRequired("Statement")) + } + if s.Statement != nil && len(*s.Statement) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdatePolicyTemplateInput) SetDescription(v string) *UpdatePolicyTemplateInput { + s.Description = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyTemplateInput) SetPolicyStoreId(v string) *UpdatePolicyTemplateInput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *UpdatePolicyTemplateInput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateInput { + s.PolicyTemplateId = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *UpdatePolicyTemplateInput) SetStatement(v string) *UpdatePolicyTemplateInput { + s.Statement = &v + return s +} + +type UpdatePolicyTemplateOutput struct { + _ struct{} `type:"structure"` + + // The date and time that the policy template was originally created. + // + // CreatedDate is a required field + CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The date and time that the policy template was most recently updated. + // + // LastUpdatedDate is a required field + LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` + + // The ID of the policy store that contains the updated policy template. + // + // PolicyStoreId is a required field + PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` + + // The ID of the updated policy template. + // + // PolicyTemplateId is a required field + PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyTemplateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdatePolicyTemplateOutput) GoString() string { + return s.String() +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *UpdatePolicyTemplateOutput) SetCreatedDate(v time.Time) *UpdatePolicyTemplateOutput { + s.CreatedDate = &v + return s +} + +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *UpdatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyTemplateOutput { + s.LastUpdatedDate = &v + return s +} + +// SetPolicyStoreId sets the PolicyStoreId field's value. +func (s *UpdatePolicyTemplateOutput) SetPolicyStoreId(v string) *UpdatePolicyTemplateOutput { + s.PolicyStoreId = &v + return s +} + +// SetPolicyTemplateId sets the PolicyTemplateId field's value. +func (s *UpdatePolicyTemplateOutput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateOutput { + s.PolicyTemplateId = &v + return s +} + +// Contains information about an update to a static policy. +type UpdateStaticPolicyDefinition struct { + _ struct{} `type:"structure"` + + // Specifies the description to be added to or replaced on the static policy. + Description *string `locationName:"description" type:"string"` + + // Specifies the Cedar policy language text to be added to or replaced on the + // static policy. + // + // You can change only the following elements from the original content: + // + // * The action referenced by the policy. + // + // * Any conditional clauses, such as when or unless clauses. + // + // You can't change the following elements: + // + // * Changing from StaticPolicy to TemplateLinkedPolicy. + // + // * The effect (permit or forbid) of the policy. + // + // * The principal referenced by the policy. + // + // * The resource referenced by the policy. + // + // Statement is a required field + Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateStaticPolicyDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateStaticPolicyDefinition) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateStaticPolicyDefinition) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateStaticPolicyDefinition"} + if s.Statement == nil { + invalidParams.Add(request.NewErrParamRequired("Statement")) + } + if s.Statement != nil && len(*s.Statement) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdateStaticPolicyDefinition) SetDescription(v string) *UpdateStaticPolicyDefinition { + s.Description = &v + return s +} + +// SetStatement sets the Statement field's value. +func (s *UpdateStaticPolicyDefinition) SetStatement(v string) *UpdateStaticPolicyDefinition { + s.Statement = &v + return s +} + +// The request failed because one or more input parameters don't satisfy their +// constraint requirements. The output is provided as a list of fields and a +// reason for each field that isn't valid. +// +// The possible reasons include the following: +// +// - UnrecognizedEntityType The policy includes an entity type that isn't +// found in the schema. +// +// - UnrecognizedActionId The policy includes an action id that isn't found +// in the schema. +// +// - InvalidActionApplication The policy includes an action that, according +// to the schema, doesn't support the specified principal and resource. +// +// - UnexpectedType The policy included an operand that isn't a valid type +// for the specified operation. +// +// - IncompatibleTypes The types of elements included in a set, or the types +// of expressions used in an if...then...else clause aren't compatible in +// this context. +// +// - MissingAttribute The policy attempts to access a record or entity attribute +// that isn't specified in the schema. Test for the existence of the attribute +// first before attempting to access its value. For more information, see +// the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - UnsafeOptionalAttributeAccess The policy attempts to access a record +// or entity attribute that is optional and isn't guaranteed to be present. +// Test for the existence of the attribute first before attempting to access +// its value. For more information, see the has (presence of attribute test) +// operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) +// in the Cedar Policy Language Guide. +// +// - ImpossiblePolicy Cedar has determined that a policy condition always +// evaluates to false. If the policy is always false, it can never apply +// to any query, and so it can never affect an authorization decision. +// +// - WrongNumberArguments The policy references an extension type with the +// wrong number of arguments. +// +// - FunctionArgumentValidationError Cedar couldn't parse the argument passed +// to an extension type. For example, a string that is to be parsed as an +// IPv4 address can contain only digits and the period character. +type ValidationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The list of fields that aren't valid. + FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) GoString() string { + return s.String() +} + +func newErrorValidationException(v protocol.ResponseMetadata) error { + return &ValidationException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ValidationException) Code() string { + return "ValidationException" +} + +// Message returns the exception's message. +func (s *ValidationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ValidationException) OrigErr() error { + return nil +} + +func (s *ValidationException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ValidationException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ValidationException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Details about a field that failed policy validation. +type ValidationExceptionField struct { + _ struct{} `type:"structure"` + + // Describes the policy validation error. + // + // Message is a required field + Message *string `locationName:"message" type:"string" required:"true"` + + // The path to the specific element that Verified Permissions found to be not + // valid. + // + // Path is a required field + Path *string `locationName:"path" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationExceptionField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationExceptionField) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField { + s.Message = &v + return s +} + +// SetPath sets the Path field's value. +func (s *ValidationExceptionField) SetPath(v string) *ValidationExceptionField { + s.Path = &v + return s +} + +// A structure that contains Cedar policy validation settings for the policy +// store. The validation mode determines which validation failures that Cedar +// considers serious enough to block acceptance of a new or edited static policy +// or policy template. +// +// This data type is used as a request parameter in the CreatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html) +// and UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html) +// operations. +type ValidationSettings struct { + _ struct{} `type:"structure"` + + // The validation mode currently configured for this policy store. The valid + // values are: + // + // * OFF – Neither Verified Permissions nor Cedar perform any validation + // on policies. No validation errors are reported by either service. + // + // * STRICT – Requires a schema to be present in the policy store. Cedar + // performs validation on all submitted new or updated static policies and + // policy templates. Any that fail validation are rejected and Cedar doesn't + // store them in the policy store. + // + // If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions + // rejects all static policies and policy templates because there is no schema + // to validate against. + // + // To submit a static policy or policy template without a schema, you must turn + // off validation. + // + // Mode is a required field + Mode *string `locationName:"mode" type:"string" required:"true" enum:"ValidationMode"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationSettings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationSettings) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ValidationSettings) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ValidationSettings"} + if s.Mode == nil { + invalidParams.Add(request.NewErrParamRequired("Mode")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMode sets the Mode field's value. +func (s *ValidationSettings) SetMode(v string) *ValidationSettings { + s.Mode = &v + return s +} + +const ( + // DecisionAllow is a Decision enum value + DecisionAllow = "ALLOW" + + // DecisionDeny is a Decision enum value + DecisionDeny = "DENY" +) + +// Decision_Values returns all elements of the Decision enum +func Decision_Values() []string { + return []string{ + DecisionAllow, + DecisionDeny, + } +} + +const ( + // OpenIdIssuerCognito is a OpenIdIssuer enum value + OpenIdIssuerCognito = "COGNITO" +) + +// OpenIdIssuer_Values returns all elements of the OpenIdIssuer enum +func OpenIdIssuer_Values() []string { + return []string{ + OpenIdIssuerCognito, + } +} + +const ( + // PolicyTypeStatic is a PolicyType enum value + PolicyTypeStatic = "STATIC" + + // PolicyTypeTemplateLinked is a PolicyType enum value + PolicyTypeTemplateLinked = "TEMPLATE_LINKED" +) + +// PolicyType_Values returns all elements of the PolicyType enum +func PolicyType_Values() []string { + return []string{ + PolicyTypeStatic, + PolicyTypeTemplateLinked, + } +} + +const ( + // ResourceTypeIdentitySource is a ResourceType enum value + ResourceTypeIdentitySource = "IDENTITY_SOURCE" + + // ResourceTypePolicyStore is a ResourceType enum value + ResourceTypePolicyStore = "POLICY_STORE" + + // ResourceTypePolicy is a ResourceType enum value + ResourceTypePolicy = "POLICY" + + // ResourceTypePolicyTemplate is a ResourceType enum value + ResourceTypePolicyTemplate = "POLICY_TEMPLATE" + + // ResourceTypeSchema is a ResourceType enum value + ResourceTypeSchema = "SCHEMA" +) + +// ResourceType_Values returns all elements of the ResourceType enum +func ResourceType_Values() []string { + return []string{ + ResourceTypeIdentitySource, + ResourceTypePolicyStore, + ResourceTypePolicy, + ResourceTypePolicyTemplate, + ResourceTypeSchema, + } +} + +const ( + // ValidationModeOff is a ValidationMode enum value + ValidationModeOff = "OFF" + + // ValidationModeStrict is a ValidationMode enum value + ValidationModeStrict = "STRICT" +) + +// ValidationMode_Values returns all elements of the ValidationMode enum +func ValidationMode_Values() []string { + return []string{ + ValidationModeOff, + ValidationModeStrict, + } +} diff --git a/service/verifiedpermissions/doc.go b/service/verifiedpermissions/doc.go new file mode 100644 index 00000000000..ddf0446baae --- /dev/null +++ b/service/verifiedpermissions/doc.go @@ -0,0 +1,82 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package verifiedpermissions provides the client and types for making API +// requests to Amazon Verified Permissions. +// +// Amazon Verified Permissions is a permissions management service from Amazon +// Web Services. You can use Verified Permissions to manage permissions for +// your application, and authorize user access based on those permissions. Using +// Verified Permissions, application developers can grant access based on information +// about the users, resources, and requested actions. You can also evaluate +// additional information like group membership, attributes of the resources, +// and session context, such as time of request and IP addresses. Verified Permissions +// manages these permissions by letting you create and store authorization policies +// for your applications, such as consumer-facing web sites and enterprise business +// systems. +// +// Verified Permissions uses Cedar as the policy language to express your permission +// requirements. Cedar supports both role-based access control (RBAC) and attribute-based +// access control (ABAC) authorization models. +// +// For more information about configuring, administering, and using Amazon Verified +// Permissions in your applications, see the Amazon Verified Permissions User +// Guide (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/). +// +// For more information about the Cedar policy language, see the Cedar Policy +// Language Guide (docs.cedarpolicy.com). +// +// When you write Cedar policies that reference principals, resources and actions, +// you can define the unique identifiers used for each of those elements. We +// strongly recommend that you follow these best practices: +// +// - Use values like universally unique identifiers (UUIDs) for all principal +// and resource identifiers. For example, if user jane leaves the company, +// and you later let someone else use the name jane, then that new user automatically +// gets access to everything granted by policies that still reference User::"jane". +// Cedar can’t distinguish between the new user and the old. This applies +// to both principal and resource identifiers. Always use identifiers that +// are guaranteed unique and never reused to ensure that you don’t unintentionally +// grant access because of the presence of an old identifier in a policy. +// Where you use a UUID for an entity, we recommend that you follow it with +// the // comment specifier and the ‘friendly’ name of your entity. This +// helps to make your policies easier to understand. For example: principal +// == User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111", // alice +// +// - Do not include personally identifying, confidential, or sensitive information +// as part of the unique identifier for your principals or resources. These +// identifiers are included in log entries shared in CloudTrail trails. +// +// Several operations return structures that appear similar, but have different +// purposes. As new functionality is added to the product, the structure used +// in a parameter of one operation might need to change in a way that wouldn't +// make sense for the same parameter in a different operation. To help you understand +// the purpose of each, the following naming convention is used for the structures: +// +// - Parameters that end in Detail are used in Get operations. +// +// - Parameters that end in Item are used in List operations. +// +// - Parameters that use neither suffix are used in the mutating (create +// and update) operations. +// +// See https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01 for more information on this service. +// +// See verifiedpermissions package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/ +// +// # Using the Client +// +// To contact Amazon Verified Permissions with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the Amazon Verified Permissions client VerifiedPermissions for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/#New +package verifiedpermissions diff --git a/service/verifiedpermissions/errors.go b/service/verifiedpermissions/errors.go new file mode 100644 index 00000000000..606833d137a --- /dev/null +++ b/service/verifiedpermissions/errors.go @@ -0,0 +1,107 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package verifiedpermissions + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You don't have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeConflictException for service response error code + // "ConflictException". + // + // The request failed because another request to modify a resource occurred + // at the same. + ErrCodeConflictException = "ConflictException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // The request failed because of an internal error. Try your request again later + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The request failed because it references a resource that doesn't exist. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeServiceQuotaExceededException for service response error code + // "ServiceQuotaExceededException". + // + // The request failed because it would cause a service quota to be exceeded. + ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException" + + // ErrCodeThrottlingException for service response error code + // "ThrottlingException". + // + // The request failed because it exceeded a throttling quota. + ErrCodeThrottlingException = "ThrottlingException" + + // ErrCodeValidationException for service response error code + // "ValidationException". + // + // The request failed because one or more input parameters don't satisfy their + // constraint requirements. The output is provided as a list of fields and a + // reason for each field that isn't valid. + // + // The possible reasons include the following: + // + // * UnrecognizedEntityType The policy includes an entity type that isn't + // found in the schema. + // + // * UnrecognizedActionId The policy includes an action id that isn't found + // in the schema. + // + // * InvalidActionApplication The policy includes an action that, according + // to the schema, doesn't support the specified principal and resource. + // + // * UnexpectedType The policy included an operand that isn't a valid type + // for the specified operation. + // + // * IncompatibleTypes The types of elements included in a set, or the types + // of expressions used in an if...then...else clause aren't compatible in + // this context. + // + // * MissingAttribute The policy attempts to access a record or entity attribute + // that isn't specified in the schema. Test for the existence of the attribute + // first before attempting to access its value. For more information, see + // the has (presence of attribute test) operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) + // in the Cedar Policy Language Guide. + // + // * UnsafeOptionalAttributeAccess The policy attempts to access a record + // or entity attribute that is optional and isn't guaranteed to be present. + // Test for the existence of the attribute first before attempting to access + // its value. For more information, see the has (presence of attribute test) + // operator (docs.cedarpolicy.comsyntax-operators.html#has-presence-of-attribute-test) + // in the Cedar Policy Language Guide. + // + // * ImpossiblePolicy Cedar has determined that a policy condition always + // evaluates to false. If the policy is always false, it can never apply + // to any query, and so it can never affect an authorization decision. + // + // * WrongNumberArguments The policy references an extension type with the + // wrong number of arguments. + // + // * FunctionArgumentValidationError Cedar couldn't parse the argument passed + // to an extension type. For example, a string that is to be parsed as an + // IPv4 address can contain only digits and the period character. + ErrCodeValidationException = "ValidationException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "ConflictException": newErrorConflictException, + "InternalServerException": newErrorInternalServerException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "ServiceQuotaExceededException": newErrorServiceQuotaExceededException, + "ThrottlingException": newErrorThrottlingException, + "ValidationException": newErrorValidationException, +} diff --git a/service/verifiedpermissions/service.go b/service/verifiedpermissions/service.go new file mode 100644 index 00000000000..ea486acc408 --- /dev/null +++ b/service/verifiedpermissions/service.go @@ -0,0 +1,108 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package verifiedpermissions + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" +) + +// VerifiedPermissions provides the API operation methods for making requests to +// Amazon Verified Permissions. See this package's package overview docs +// for details on the service. +// +// VerifiedPermissions methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type VerifiedPermissions struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "VerifiedPermissions" // Name of service. + EndpointsID = "verifiedpermissions" // ID to lookup a service endpoint with. + ServiceID = "VerifiedPermissions" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the VerifiedPermissions client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a VerifiedPermissions client from just a session. +// svc := verifiedpermissions.New(mySession) +// +// // Create a VerifiedPermissions client with additional configuration +// svc := verifiedpermissions.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *VerifiedPermissions { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "verifiedpermissions" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *VerifiedPermissions { + svc := &VerifiedPermissions{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2021-12-01", + ResolvedRegion: resolvedRegion, + JSONVersion: "1.0", + TargetPrefix: "VerifiedPermissions", + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a VerifiedPermissions operation and runs any +// custom request initialization. +func (c *VerifiedPermissions) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/service/verifiedpermissions/verifiedpermissionsiface/interface.go b/service/verifiedpermissions/verifiedpermissionsiface/interface.go new file mode 100644 index 00000000000..641471b96f2 --- /dev/null +++ b/service/verifiedpermissions/verifiedpermissionsiface/interface.go @@ -0,0 +1,172 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package verifiedpermissionsiface provides an interface to enable mocking the Amazon Verified Permissions service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package verifiedpermissionsiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/verifiedpermissions" +) + +// VerifiedPermissionsAPI provides an interface to enable mocking the +// verifiedpermissions.VerifiedPermissions service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // Amazon Verified Permissions. +// func myFunc(svc verifiedpermissionsiface.VerifiedPermissionsAPI) bool { +// // Make svc.CreateIdentitySource request +// } +// +// func main() { +// sess := session.New() +// svc := verifiedpermissions.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockVerifiedPermissionsClient struct { +// verifiedpermissionsiface.VerifiedPermissionsAPI +// } +// func (m *mockVerifiedPermissionsClient) CreateIdentitySource(input *verifiedpermissions.CreateIdentitySourceInput) (*verifiedpermissions.CreateIdentitySourceOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockVerifiedPermissionsClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type VerifiedPermissionsAPI interface { + CreateIdentitySource(*verifiedpermissions.CreateIdentitySourceInput) (*verifiedpermissions.CreateIdentitySourceOutput, error) + CreateIdentitySourceWithContext(aws.Context, *verifiedpermissions.CreateIdentitySourceInput, ...request.Option) (*verifiedpermissions.CreateIdentitySourceOutput, error) + CreateIdentitySourceRequest(*verifiedpermissions.CreateIdentitySourceInput) (*request.Request, *verifiedpermissions.CreateIdentitySourceOutput) + + CreatePolicy(*verifiedpermissions.CreatePolicyInput) (*verifiedpermissions.CreatePolicyOutput, error) + CreatePolicyWithContext(aws.Context, *verifiedpermissions.CreatePolicyInput, ...request.Option) (*verifiedpermissions.CreatePolicyOutput, error) + CreatePolicyRequest(*verifiedpermissions.CreatePolicyInput) (*request.Request, *verifiedpermissions.CreatePolicyOutput) + + CreatePolicyStore(*verifiedpermissions.CreatePolicyStoreInput) (*verifiedpermissions.CreatePolicyStoreOutput, error) + CreatePolicyStoreWithContext(aws.Context, *verifiedpermissions.CreatePolicyStoreInput, ...request.Option) (*verifiedpermissions.CreatePolicyStoreOutput, error) + CreatePolicyStoreRequest(*verifiedpermissions.CreatePolicyStoreInput) (*request.Request, *verifiedpermissions.CreatePolicyStoreOutput) + + CreatePolicyTemplate(*verifiedpermissions.CreatePolicyTemplateInput) (*verifiedpermissions.CreatePolicyTemplateOutput, error) + CreatePolicyTemplateWithContext(aws.Context, *verifiedpermissions.CreatePolicyTemplateInput, ...request.Option) (*verifiedpermissions.CreatePolicyTemplateOutput, error) + CreatePolicyTemplateRequest(*verifiedpermissions.CreatePolicyTemplateInput) (*request.Request, *verifiedpermissions.CreatePolicyTemplateOutput) + + DeleteIdentitySource(*verifiedpermissions.DeleteIdentitySourceInput) (*verifiedpermissions.DeleteIdentitySourceOutput, error) + DeleteIdentitySourceWithContext(aws.Context, *verifiedpermissions.DeleteIdentitySourceInput, ...request.Option) (*verifiedpermissions.DeleteIdentitySourceOutput, error) + DeleteIdentitySourceRequest(*verifiedpermissions.DeleteIdentitySourceInput) (*request.Request, *verifiedpermissions.DeleteIdentitySourceOutput) + + DeletePolicy(*verifiedpermissions.DeletePolicyInput) (*verifiedpermissions.DeletePolicyOutput, error) + DeletePolicyWithContext(aws.Context, *verifiedpermissions.DeletePolicyInput, ...request.Option) (*verifiedpermissions.DeletePolicyOutput, error) + DeletePolicyRequest(*verifiedpermissions.DeletePolicyInput) (*request.Request, *verifiedpermissions.DeletePolicyOutput) + + DeletePolicyStore(*verifiedpermissions.DeletePolicyStoreInput) (*verifiedpermissions.DeletePolicyStoreOutput, error) + DeletePolicyStoreWithContext(aws.Context, *verifiedpermissions.DeletePolicyStoreInput, ...request.Option) (*verifiedpermissions.DeletePolicyStoreOutput, error) + DeletePolicyStoreRequest(*verifiedpermissions.DeletePolicyStoreInput) (*request.Request, *verifiedpermissions.DeletePolicyStoreOutput) + + DeletePolicyTemplate(*verifiedpermissions.DeletePolicyTemplateInput) (*verifiedpermissions.DeletePolicyTemplateOutput, error) + DeletePolicyTemplateWithContext(aws.Context, *verifiedpermissions.DeletePolicyTemplateInput, ...request.Option) (*verifiedpermissions.DeletePolicyTemplateOutput, error) + DeletePolicyTemplateRequest(*verifiedpermissions.DeletePolicyTemplateInput) (*request.Request, *verifiedpermissions.DeletePolicyTemplateOutput) + + GetIdentitySource(*verifiedpermissions.GetIdentitySourceInput) (*verifiedpermissions.GetIdentitySourceOutput, error) + GetIdentitySourceWithContext(aws.Context, *verifiedpermissions.GetIdentitySourceInput, ...request.Option) (*verifiedpermissions.GetIdentitySourceOutput, error) + GetIdentitySourceRequest(*verifiedpermissions.GetIdentitySourceInput) (*request.Request, *verifiedpermissions.GetIdentitySourceOutput) + + GetPolicy(*verifiedpermissions.GetPolicyInput) (*verifiedpermissions.GetPolicyOutput, error) + GetPolicyWithContext(aws.Context, *verifiedpermissions.GetPolicyInput, ...request.Option) (*verifiedpermissions.GetPolicyOutput, error) + GetPolicyRequest(*verifiedpermissions.GetPolicyInput) (*request.Request, *verifiedpermissions.GetPolicyOutput) + + GetPolicyStore(*verifiedpermissions.GetPolicyStoreInput) (*verifiedpermissions.GetPolicyStoreOutput, error) + GetPolicyStoreWithContext(aws.Context, *verifiedpermissions.GetPolicyStoreInput, ...request.Option) (*verifiedpermissions.GetPolicyStoreOutput, error) + GetPolicyStoreRequest(*verifiedpermissions.GetPolicyStoreInput) (*request.Request, *verifiedpermissions.GetPolicyStoreOutput) + + GetPolicyTemplate(*verifiedpermissions.GetPolicyTemplateInput) (*verifiedpermissions.GetPolicyTemplateOutput, error) + GetPolicyTemplateWithContext(aws.Context, *verifiedpermissions.GetPolicyTemplateInput, ...request.Option) (*verifiedpermissions.GetPolicyTemplateOutput, error) + GetPolicyTemplateRequest(*verifiedpermissions.GetPolicyTemplateInput) (*request.Request, *verifiedpermissions.GetPolicyTemplateOutput) + + GetSchema(*verifiedpermissions.GetSchemaInput) (*verifiedpermissions.GetSchemaOutput, error) + GetSchemaWithContext(aws.Context, *verifiedpermissions.GetSchemaInput, ...request.Option) (*verifiedpermissions.GetSchemaOutput, error) + GetSchemaRequest(*verifiedpermissions.GetSchemaInput) (*request.Request, *verifiedpermissions.GetSchemaOutput) + + IsAuthorized(*verifiedpermissions.IsAuthorizedInput) (*verifiedpermissions.IsAuthorizedOutput, error) + IsAuthorizedWithContext(aws.Context, *verifiedpermissions.IsAuthorizedInput, ...request.Option) (*verifiedpermissions.IsAuthorizedOutput, error) + IsAuthorizedRequest(*verifiedpermissions.IsAuthorizedInput) (*request.Request, *verifiedpermissions.IsAuthorizedOutput) + + IsAuthorizedWithToken(*verifiedpermissions.IsAuthorizedWithTokenInput) (*verifiedpermissions.IsAuthorizedWithTokenOutput, error) + IsAuthorizedWithTokenWithContext(aws.Context, *verifiedpermissions.IsAuthorizedWithTokenInput, ...request.Option) (*verifiedpermissions.IsAuthorizedWithTokenOutput, error) + IsAuthorizedWithTokenRequest(*verifiedpermissions.IsAuthorizedWithTokenInput) (*request.Request, *verifiedpermissions.IsAuthorizedWithTokenOutput) + + ListIdentitySources(*verifiedpermissions.ListIdentitySourcesInput) (*verifiedpermissions.ListIdentitySourcesOutput, error) + ListIdentitySourcesWithContext(aws.Context, *verifiedpermissions.ListIdentitySourcesInput, ...request.Option) (*verifiedpermissions.ListIdentitySourcesOutput, error) + ListIdentitySourcesRequest(*verifiedpermissions.ListIdentitySourcesInput) (*request.Request, *verifiedpermissions.ListIdentitySourcesOutput) + + ListIdentitySourcesPages(*verifiedpermissions.ListIdentitySourcesInput, func(*verifiedpermissions.ListIdentitySourcesOutput, bool) bool) error + ListIdentitySourcesPagesWithContext(aws.Context, *verifiedpermissions.ListIdentitySourcesInput, func(*verifiedpermissions.ListIdentitySourcesOutput, bool) bool, ...request.Option) error + + ListPolicies(*verifiedpermissions.ListPoliciesInput) (*verifiedpermissions.ListPoliciesOutput, error) + ListPoliciesWithContext(aws.Context, *verifiedpermissions.ListPoliciesInput, ...request.Option) (*verifiedpermissions.ListPoliciesOutput, error) + ListPoliciesRequest(*verifiedpermissions.ListPoliciesInput) (*request.Request, *verifiedpermissions.ListPoliciesOutput) + + ListPoliciesPages(*verifiedpermissions.ListPoliciesInput, func(*verifiedpermissions.ListPoliciesOutput, bool) bool) error + ListPoliciesPagesWithContext(aws.Context, *verifiedpermissions.ListPoliciesInput, func(*verifiedpermissions.ListPoliciesOutput, bool) bool, ...request.Option) error + + ListPolicyStores(*verifiedpermissions.ListPolicyStoresInput) (*verifiedpermissions.ListPolicyStoresOutput, error) + ListPolicyStoresWithContext(aws.Context, *verifiedpermissions.ListPolicyStoresInput, ...request.Option) (*verifiedpermissions.ListPolicyStoresOutput, error) + ListPolicyStoresRequest(*verifiedpermissions.ListPolicyStoresInput) (*request.Request, *verifiedpermissions.ListPolicyStoresOutput) + + ListPolicyStoresPages(*verifiedpermissions.ListPolicyStoresInput, func(*verifiedpermissions.ListPolicyStoresOutput, bool) bool) error + ListPolicyStoresPagesWithContext(aws.Context, *verifiedpermissions.ListPolicyStoresInput, func(*verifiedpermissions.ListPolicyStoresOutput, bool) bool, ...request.Option) error + + ListPolicyTemplates(*verifiedpermissions.ListPolicyTemplatesInput) (*verifiedpermissions.ListPolicyTemplatesOutput, error) + ListPolicyTemplatesWithContext(aws.Context, *verifiedpermissions.ListPolicyTemplatesInput, ...request.Option) (*verifiedpermissions.ListPolicyTemplatesOutput, error) + ListPolicyTemplatesRequest(*verifiedpermissions.ListPolicyTemplatesInput) (*request.Request, *verifiedpermissions.ListPolicyTemplatesOutput) + + ListPolicyTemplatesPages(*verifiedpermissions.ListPolicyTemplatesInput, func(*verifiedpermissions.ListPolicyTemplatesOutput, bool) bool) error + ListPolicyTemplatesPagesWithContext(aws.Context, *verifiedpermissions.ListPolicyTemplatesInput, func(*verifiedpermissions.ListPolicyTemplatesOutput, bool) bool, ...request.Option) error + + PutSchema(*verifiedpermissions.PutSchemaInput) (*verifiedpermissions.PutSchemaOutput, error) + PutSchemaWithContext(aws.Context, *verifiedpermissions.PutSchemaInput, ...request.Option) (*verifiedpermissions.PutSchemaOutput, error) + PutSchemaRequest(*verifiedpermissions.PutSchemaInput) (*request.Request, *verifiedpermissions.PutSchemaOutput) + + UpdateIdentitySource(*verifiedpermissions.UpdateIdentitySourceInput) (*verifiedpermissions.UpdateIdentitySourceOutput, error) + UpdateIdentitySourceWithContext(aws.Context, *verifiedpermissions.UpdateIdentitySourceInput, ...request.Option) (*verifiedpermissions.UpdateIdentitySourceOutput, error) + UpdateIdentitySourceRequest(*verifiedpermissions.UpdateIdentitySourceInput) (*request.Request, *verifiedpermissions.UpdateIdentitySourceOutput) + + UpdatePolicy(*verifiedpermissions.UpdatePolicyInput) (*verifiedpermissions.UpdatePolicyOutput, error) + UpdatePolicyWithContext(aws.Context, *verifiedpermissions.UpdatePolicyInput, ...request.Option) (*verifiedpermissions.UpdatePolicyOutput, error) + UpdatePolicyRequest(*verifiedpermissions.UpdatePolicyInput) (*request.Request, *verifiedpermissions.UpdatePolicyOutput) + + UpdatePolicyStore(*verifiedpermissions.UpdatePolicyStoreInput) (*verifiedpermissions.UpdatePolicyStoreOutput, error) + UpdatePolicyStoreWithContext(aws.Context, *verifiedpermissions.UpdatePolicyStoreInput, ...request.Option) (*verifiedpermissions.UpdatePolicyStoreOutput, error) + UpdatePolicyStoreRequest(*verifiedpermissions.UpdatePolicyStoreInput) (*request.Request, *verifiedpermissions.UpdatePolicyStoreOutput) + + UpdatePolicyTemplate(*verifiedpermissions.UpdatePolicyTemplateInput) (*verifiedpermissions.UpdatePolicyTemplateOutput, error) + UpdatePolicyTemplateWithContext(aws.Context, *verifiedpermissions.UpdatePolicyTemplateInput, ...request.Option) (*verifiedpermissions.UpdatePolicyTemplateOutput, error) + UpdatePolicyTemplateRequest(*verifiedpermissions.UpdatePolicyTemplateInput) (*request.Request, *verifiedpermissions.UpdatePolicyTemplateOutput) +} + +var _ VerifiedPermissionsAPI = (*verifiedpermissions.VerifiedPermissions)(nil) diff --git a/service/wafv2/api.go b/service/wafv2/api.go index 5a2d96c22e1..d3c9eecbbdc 100644 --- a/service/wafv2/api.go +++ b/service/wafv2/api.go @@ -6367,11 +6367,148 @@ func (s *APIKeySummary) SetVersion(v int64) *APIKeySummary { return s } +// Details for your use of the account creation fraud prevention managed rule +// group, AWSManagedRulesACFPRuleSet. This configuration is used in ManagedRuleGroupConfig. +type AWSManagedRulesACFPRuleSet struct { + _ struct{} `type:"structure"` + + // The path of the account creation endpoint for your application. This is the + // page on your website that accepts the completed registration form for a new + // user. This page must accept POST requests. + // + // For example, for the URL https://example.com/web/signup, you would provide + // the path /web/signup. + // + // CreationPath is a required field + CreationPath *string `min:"1" type:"string" required:"true"` + + // Allow the use of regular expressions in the registration page path and the + // account creation path. + EnableRegexInPath *bool `type:"boolean"` + + // The path of the account registration endpoint for your application. This + // is the page on your website that presents the registration form to new users. + // + // This page must accept GET text/html requests. + // + // For example, for the URL https://example.com/web/register, you would provide + // the path /web/register. + // + // RegistrationPagePath is a required field + RegistrationPagePath *string `min:"1" type:"string" required:"true"` + + // The criteria for inspecting account creation requests, used by the ACFP rule + // group to validate and track account creation attempts. + // + // RequestInspection is a required field + RequestInspection *RequestInspectionACFP `type:"structure" required:"true"` + + // The criteria for inspecting responses to account creation requests, used + // by the ACFP rule group to track account creation success rates. + // + // Response inspection is available only in web ACLs that protect Amazon CloudFront + // distributions. + // + // The ACFP rule group evaluates the responses that your protected resources + // send back to client account creation attempts, keeping count of successful + // and failed attempts from each IP address and client session. Using this information, + // the rule group labels and mitigates requests from client sessions and IP + // addresses that have had too many successful account creation attempts in + // a short amount of time. + ResponseInspection *ResponseInspection `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AWSManagedRulesACFPRuleSet) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AWSManagedRulesACFPRuleSet) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AWSManagedRulesACFPRuleSet) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AWSManagedRulesACFPRuleSet"} + if s.CreationPath == nil { + invalidParams.Add(request.NewErrParamRequired("CreationPath")) + } + if s.CreationPath != nil && len(*s.CreationPath) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CreationPath", 1)) + } + if s.RegistrationPagePath == nil { + invalidParams.Add(request.NewErrParamRequired("RegistrationPagePath")) + } + if s.RegistrationPagePath != nil && len(*s.RegistrationPagePath) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RegistrationPagePath", 1)) + } + if s.RequestInspection == nil { + invalidParams.Add(request.NewErrParamRequired("RequestInspection")) + } + if s.RequestInspection != nil { + if err := s.RequestInspection.Validate(); err != nil { + invalidParams.AddNested("RequestInspection", err.(request.ErrInvalidParams)) + } + } + if s.ResponseInspection != nil { + if err := s.ResponseInspection.Validate(); err != nil { + invalidParams.AddNested("ResponseInspection", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCreationPath sets the CreationPath field's value. +func (s *AWSManagedRulesACFPRuleSet) SetCreationPath(v string) *AWSManagedRulesACFPRuleSet { + s.CreationPath = &v + return s +} + +// SetEnableRegexInPath sets the EnableRegexInPath field's value. +func (s *AWSManagedRulesACFPRuleSet) SetEnableRegexInPath(v bool) *AWSManagedRulesACFPRuleSet { + s.EnableRegexInPath = &v + return s +} + +// SetRegistrationPagePath sets the RegistrationPagePath field's value. +func (s *AWSManagedRulesACFPRuleSet) SetRegistrationPagePath(v string) *AWSManagedRulesACFPRuleSet { + s.RegistrationPagePath = &v + return s +} + +// SetRequestInspection sets the RequestInspection field's value. +func (s *AWSManagedRulesACFPRuleSet) SetRequestInspection(v *RequestInspectionACFP) *AWSManagedRulesACFPRuleSet { + s.RequestInspection = v + return s +} + +// SetResponseInspection sets the ResponseInspection field's value. +func (s *AWSManagedRulesACFPRuleSet) SetResponseInspection(v *ResponseInspection) *AWSManagedRulesACFPRuleSet { + s.ResponseInspection = v + return s +} + // Details for your use of the account takeover prevention managed rule group, // AWSManagedRulesATPRuleSet. This configuration is used in ManagedRuleGroupConfig. type AWSManagedRulesATPRuleSet struct { _ struct{} `type:"structure"` + // Allow the use of regular expressions in the login page path. + EnableRegexInPath *bool `type:"boolean"` + // The path of the login endpoint for your application. For example, for the // URL https://example.com/web/login, you would provide the path /web/login. // @@ -6387,15 +6524,15 @@ type AWSManagedRulesATPRuleSet struct { // The criteria for inspecting responses to login requests, used by the ATP // rule group to track login failure rates. // + // Response inspection is available only in web ACLs that protect Amazon CloudFront + // distributions. + // // The ATP rule group evaluates the responses that your protected resources // send back to client login attempts, keeping count of successful and failed - // attempts from each IP address and client session. Using this information, + // attempts for each IP address and client session. Using this information, // the rule group labels and mitigates requests from client sessions and IP - // addresses that submit too many failed login attempts in a short amount of - // time. - // - // Response inspection is available only in web ACLs that protect Amazon CloudFront - // distributions. + // addresses that have had too many failed login attempts in a short amount + // of time. ResponseInspection *ResponseInspection `type:"structure"` } @@ -6440,6 +6577,12 @@ func (s *AWSManagedRulesATPRuleSet) Validate() error { return nil } +// SetEnableRegexInPath sets the EnableRegexInPath field's value. +func (s *AWSManagedRulesATPRuleSet) SetEnableRegexInPath(v bool) *AWSManagedRulesATPRuleSet { + s.EnableRegexInPath = &v + return s +} + // SetLoginPath sets the LoginPath field's value. func (s *AWSManagedRulesATPRuleSet) SetLoginPath(v string) *AWSManagedRulesATPRuleSet { s.LoginPath = &v @@ -6563,6 +6706,76 @@ func (s *ActionCondition) SetAction(v string) *ActionCondition { return s } +// The name of a field in the request payload that contains part or all of your +// customer's primary physical address. +// +// This data type is used in the RequestInspectionACFP data type. +type AddressField struct { + _ struct{} `type:"structure"` + + // The name of a single primary address field. + // + // How you specify the address fields depends on the request inspection payload + // type. + // + // * For JSON payloads, specify the field identifiers in JSON pointer syntax. + // For information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "primaryaddressline1": "THE_ADDRESS1", "primaryaddressline2": + // "THE_ADDRESS2", "primaryaddressline3": "THE_ADDRESS3" } }, the address + // field idenfiers are /form/primaryaddressline1, /form/primaryaddressline2, + // and /form/primaryaddressline3. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named primaryaddressline1, primaryaddressline2, + // and primaryaddressline3, the address fields identifiers are primaryaddressline1, + // primaryaddressline2, and primaryaddressline3. + // + // Identifier is a required field + Identifier *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AddressField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AddressField) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AddressField) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AddressField"} + if s.Identifier == nil { + invalidParams.Add(request.NewErrParamRequired("Identifier")) + } + if s.Identifier != nil && len(*s.Identifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Identifier", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentifier sets the Identifier field's value. +func (s *AddressField) SetIdentifier(v string) *AddressField { + s.Identifier = &v + return s +} + // Inspect all of the elements that WAF has parsed and extracted from the web // request component that you've identified in your FieldToMatch specifications. // @@ -10714,6 +10927,72 @@ func (s DisassociateWebACLOutput) GoString() string { return s.String() } +// The name of the field in the request payload that contains your customer's +// email. +// +// This data type is used in the RequestInspectionACFP data type. +type EmailField struct { + _ struct{} `type:"structure"` + + // The name of the email field. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "email": "THE_EMAIL" } }, the email field specification is + // /form/email. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named email1, the email field + // specification is email1. + // + // Identifier is a required field + Identifier *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EmailField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EmailField) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EmailField) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EmailField"} + if s.Identifier == nil { + invalidParams.Add(request.NewErrParamRequired("Identifier")) + } + if s.Identifier != nil && len(*s.Identifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Identifier", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentifier sets the Identifier field's value. +func (s *EmailField) SetIdentifier(v string) *EmailField { + s.Identifier = &v + return s +} + // Specifies a single rule in a rule group whose action you want to override // to Count. // @@ -10817,9 +11096,8 @@ type FieldToMatch struct { // Inspect a string containing the list of the request's header names, ordered // as they appear in the web request that WAF receives for inspection. WAF generates // the string and then uses that as the field to match component in its inspection. - // WAF separates the header names in the string using commas and no added spaces. - // - // Matches against the header order string are case insensitive. + // WAF separates the header names in the string using colons and no added spaces, + // for example host:user-agent:accept:authorization:referer. HeaderOrder *HeaderOrder `type:"structure"` // Inspect the request headers. You must configure scope and pattern matching @@ -13021,10 +13299,11 @@ type GetWebACLOutput struct { // The URL to use in SDK integrations with Amazon Web Services managed rule // groups. For example, you can use the integration SDKs with the account takeover - // prevention managed rule group AWSManagedRulesATPRuleSet. This is only populated - // if you are using a rule group in your web ACL that integrates with your applications - // in this way. For more information, see WAF client application integration - // (https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html) + // prevention managed rule group AWSManagedRulesATPRuleSet and the account creation + // fraud prevention managed rule group AWSManagedRulesACFPRuleSet. This is only + // populated if you are using a rule group in your web ACL that integrates with + // your applications in this way. For more information, see WAF client application + // integration (https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html) // in the WAF Developer Guide. ApplicationIntegrationURL *string `type:"string"` @@ -13289,9 +13568,8 @@ func (s *HeaderMatchPattern) SetIncludedHeaders(v []*string) *HeaderMatchPattern // Inspect a string containing the list of the request's header names, ordered // as they appear in the web request that WAF receives for inspection. WAF generates // the string and then uses that as the field to match component in its inspection. -// WAF separates the header names in the string using commas and no added spaces. -// -// Matches against the header order string are case insensitive. +// WAF separates the header names in the string using colons and no added spaces, +// for example host:user-agent:accept:authorization:referer. type HeaderOrder struct { _ struct{} `type:"structure"` @@ -15994,12 +16272,18 @@ type LoggingConfiguration struct { // modify or delete the configuration. ManagedByFirewallManager *bool `type:"boolean"` - // The parts of the request that you want to keep out of the logs. For example, - // if you redact the SingleHeader field, the HEADER field in the logs will be - // REDACTED. + // The parts of the request that you want to keep out of the logs. + // + // For example, if you redact the SingleHeader field, the HEADER field in the + // logs will be REDACTED for all rules that use the SingleHeader FieldToMatch + // setting. + // + // Redaction applies only to the component that's specified in the rule's FieldToMatch + // setting, so the SingleHeader redaction doesn't apply to rules that use the + // Headers FieldToMatch. // // You can specify only the following fields for redaction: UriPath, QueryString, - // SingleHeader, Method, and JsonBody. + // SingleHeader, and Method. RedactedFields []*FieldToMatch `type:"list"` // The Amazon Resource Name (ARN) of the web ACL that you want to associate @@ -16294,18 +16578,39 @@ func (s *ManagedProductDescriptor) SetVendorName(v string) *ManagedProductDescri // Additional information that's used by a managed rule group. Many managed // rule groups don't require this. // -// Use the AWSManagedRulesATPRuleSet configuration object for the account takeover -// prevention managed rule group, to provide information such as the sign-in -// page of your application and the type of content to accept or reject from -// the client. +// The rule groups used for intelligent threat mitigation require additional +// configuration: +// +// - Use the AWSManagedRulesACFPRuleSet configuration object to configure +// the account creation fraud prevention managed rule group. The configuration +// includes the registration and sign-up pages of your application and the +// locations in the account creation request payload of data, such as the +// user email and phone number fields. +// +// - Use the AWSManagedRulesATPRuleSet configuration object to configure +// the account takeover prevention managed rule group. The configuration +// includes the sign-in page of your application and the locations in the +// login request payload of data such as the username and password. // -// Use the AWSManagedRulesBotControlRuleSet configuration object to configure -// the protection level that you want the Bot Control rule group to use. +// - Use the AWSManagedRulesBotControlRuleSet configuration object to configure +// the protection level that you want the Bot Control rule group to use. // // For example specifications, see the examples section of CreateWebACL. type ManagedRuleGroupConfig struct { _ struct{} `type:"structure"` + // Additional configuration for using the account creation fraud prevention + // (ACFP) managed rule group, AWSManagedRulesACFPRuleSet. Use this to provide + // account creation request information to the rule group. For web ACLs that + // protect CloudFront distributions, use this to also provide the information + // about how your distribution responds to account creation requests. + // + // For information about using the ACFP managed rule group, see WAF Fraud Control + // account creation fraud prevention (ACFP) rule group (https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) + // and WAF Fraud Control account creation fraud prevention (ACFP) (https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) + // in the WAF Developer Guide. + AWSManagedRulesACFPRuleSet *AWSManagedRulesACFPRuleSet `type:"structure"` + // Additional configuration for using the account takeover prevention (ATP) // managed rule group, AWSManagedRulesATPRuleSet. Use this to provide login // request information to the rule group. For web ACLs that protect CloudFront @@ -16336,22 +16641,22 @@ type ManagedRuleGroupConfig struct { LoginPath *string `min:"1" deprecated:"true" type:"string"` // - // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet - // RequestInspection. + // Instead of this setting, provide your configuration under the request inspection + // configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet. // // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PasswordField PasswordField *PasswordField `deprecated:"true" type:"structure"` // - // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet - // RequestInspection. + // Instead of this setting, provide your configuration under the request inspection + // configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet. // // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PayloadType PayloadType *string `deprecated:"true" type:"string" enum:"PayloadType"` // - // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet - // RequestInspection. + // Instead of this setting, provide your configuration under the request inspection + // configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet. // // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection UsernameField UsernameField *UsernameField `deprecated:"true" type:"structure"` @@ -16381,6 +16686,11 @@ func (s *ManagedRuleGroupConfig) Validate() error { if s.LoginPath != nil && len(*s.LoginPath) < 1 { invalidParams.Add(request.NewErrParamMinLen("LoginPath", 1)) } + if s.AWSManagedRulesACFPRuleSet != nil { + if err := s.AWSManagedRulesACFPRuleSet.Validate(); err != nil { + invalidParams.AddNested("AWSManagedRulesACFPRuleSet", err.(request.ErrInvalidParams)) + } + } if s.AWSManagedRulesATPRuleSet != nil { if err := s.AWSManagedRulesATPRuleSet.Validate(); err != nil { invalidParams.AddNested("AWSManagedRulesATPRuleSet", err.(request.ErrInvalidParams)) @@ -16408,6 +16718,12 @@ func (s *ManagedRuleGroupConfig) Validate() error { return nil } +// SetAWSManagedRulesACFPRuleSet sets the AWSManagedRulesACFPRuleSet field's value. +func (s *ManagedRuleGroupConfig) SetAWSManagedRulesACFPRuleSet(v *AWSManagedRulesACFPRuleSet) *ManagedRuleGroupConfig { + s.AWSManagedRulesACFPRuleSet = v + return s +} + // SetAWSManagedRulesATPRuleSet sets the AWSManagedRulesATPRuleSet field's value. func (s *ManagedRuleGroupConfig) SetAWSManagedRulesATPRuleSet(v *AWSManagedRulesATPRuleSet) *ManagedRuleGroupConfig { s.AWSManagedRulesATPRuleSet = v @@ -16453,9 +16769,10 @@ func (s *ManagedRuleGroupConfig) SetUsernameField(v *UsernameField) *ManagedRule // within a rule. // // You are charged additional fees when you use the WAF Bot Control managed -// rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account -// takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For -// more information, see WAF Pricing (http://aws.amazon.com/waf/pricing/). +// rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account +// takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or +// the WAF Fraud Control account creation fraud prevention (ACFP) managed rule +// group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing (http://aws.amazon.com/waf/pricing/). type ManagedRuleGroupStatement struct { _ struct{} `type:"structure"` @@ -16468,13 +16785,22 @@ type ManagedRuleGroupStatement struct { // Additional information that's used by a managed rule group. Many managed // rule groups don't require this. // - // Use the AWSManagedRulesATPRuleSet configuration object for the account takeover - // prevention managed rule group, to provide information such as the sign-in - // page of your application and the type of content to accept or reject from - // the client. + // The rule groups used for intelligent threat mitigation require additional + // configuration: + // + // * Use the AWSManagedRulesACFPRuleSet configuration object to configure + // the account creation fraud prevention managed rule group. The configuration + // includes the registration and sign-up pages of your application and the + // locations in the account creation request payload of data, such as the + // user email and phone number fields. // - // Use the AWSManagedRulesBotControlRuleSet configuration object to configure - // the protection level that you want the Bot Control rule group to use. + // * Use the AWSManagedRulesATPRuleSet configuration object to configure + // the account takeover prevention managed rule group. The configuration + // includes the sign-in page of your application and the locations in the + // login request payload of data such as the username and password. + // + // * Use the AWSManagedRulesBotControlRuleSet configuration object to configure + // the protection level that you want the Bot Control rule group to use. ManagedRuleGroupConfigs []*ManagedRuleGroupConfig `type:"list"` // The name of the managed rule group. You use this, along with the vendor name, @@ -17387,12 +17713,28 @@ func (s *OverrideAction) SetNone(v *NoneAction) *OverrideAction { return s } -// Details about your login page password field for request inspection, used -// in the AWSManagedRulesATPRuleSet RequestInspection configuration. +// The name of the field in the request payload that contains your customer's +// password. +// +// This data type is used in the RequestInspection and RequestInspectionACFP +// data types. type PasswordField struct { _ struct{} `type:"structure"` - // The name of the password field. For example /form/password. + // The name of the password field. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "password": "THE_PASSWORD" } }, the password field specification + // is /form/password. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named password1, the password + // field specification is password1. // // Identifier is a required field Identifier *string `min:"1" type:"string" required:"true"` @@ -17438,6 +17780,75 @@ func (s *PasswordField) SetIdentifier(v string) *PasswordField { return s } +// The name of a field in the request payload that contains part or all of your +// customer's primary phone number. +// +// This data type is used in the RequestInspectionACFP data type. +type PhoneNumberField struct { + _ struct{} `type:"structure"` + + // The name of a single primary phone number field. + // + // How you specify the phone number fields depends on the request inspection + // payload type. + // + // * For JSON payloads, specify the field identifiers in JSON pointer syntax. + // For information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "primaryphoneline1": "THE_PHONE1", "primaryphoneline2": "THE_PHONE2", + // "primaryphoneline3": "THE_PHONE3" } }, the phone number field identifiers + // are /form/primaryphoneline1, /form/primaryphoneline2, and /form/primaryphoneline3. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named primaryphoneline1, primaryphoneline2, + // and primaryphoneline3, the phone number field identifiers are primaryphoneline1, + // primaryphoneline2, and primaryphoneline3. + // + // Identifier is a required field + Identifier *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PhoneNumberField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PhoneNumberField) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PhoneNumberField) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PhoneNumberField"} + if s.Identifier == nil { + invalidParams.Add(request.NewErrParamRequired("Identifier")) + } + if s.Identifier != nil && len(*s.Identifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Identifier", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetIdentifier sets the Identifier field's value. +func (s *PhoneNumberField) SetIdentifier(v string) *PhoneNumberField { + s.Identifier = &v + return s +} + type PutLoggingConfigurationInput struct { _ struct{} `type:"structure"` @@ -19397,22 +19808,21 @@ func (s *RequestBodyAssociatedResourceTypeConfig) SetDefaultSizeInspectionLimit( type RequestInspection struct { _ struct{} `type:"structure"` - // Details about your login page password field. + // The name of the field in the request payload that contains your customer's + // password. // - // How you specify this depends on the payload type. + // How you specify this depends on the request inspection payload type. // // * For JSON payloads, specify the field name in JSON pointer syntax. For // information about the JSON Pointer syntax, see the Internet Engineering // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload - // { "login": { "username": "THE_USERNAME", "password": "THE_PASSWORD" } - // }, the username field specification is /login/username and the password - // field specification is /login/password. + // { "form": { "password": "THE_PASSWORD" } }, the password field specification + // is /form/password. // // * For form encoded payload types, use the HTML form names. For example, - // for an HTML form with input elements named username1 and password1, the - // username field specification is username1 and the password field specification - // is password1. + // for an HTML form with the input element named password1, the password + // field specification is password1. // // PasswordField is a required field PasswordField *PasswordField `type:"structure" required:"true"` @@ -19422,22 +19832,21 @@ type RequestInspection struct { // PayloadType is a required field PayloadType *string `type:"string" required:"true" enum:"PayloadType"` - // Details about your login page username field. + // The name of the field in the request payload that contains your customer's + // username. // - // How you specify this depends on the payload type. + // How you specify this depends on the request inspection payload type. // // * For JSON payloads, specify the field name in JSON pointer syntax. For // information about the JSON Pointer syntax, see the Internet Engineering // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload - // { "login": { "username": "THE_USERNAME", "password": "THE_PASSWORD" } - // }, the username field specification is /login/username and the password - // field specification is /login/password. + // { "form": { "username": "THE_USERNAME" } }, the username field specification + // is /form/username. // // * For form encoded payload types, use the HTML form names. For example, - // for an HTML form with input elements named username1 and password1, the - // username field specification is username1 and the password field specification - // is password1. + // for an HTML form with the input element named username1, the username + // field specification is username1 // // UsernameField is a required field UsernameField *UsernameField `type:"structure" required:"true"` @@ -19508,40 +19917,261 @@ func (s *RequestInspection) SetUsernameField(v *UsernameField) *RequestInspectio return s } -// The criteria for inspecting responses to login requests, used by the ATP -// rule group to track login failure rates. +// The criteria for inspecting account creation requests, used by the ACFP rule +// group to validate and track account creation attempts. // -// The ATP rule group evaluates the responses that your protected resources -// send back to client login attempts, keeping count of successful and failed -// attempts from each IP address and client session. Using this information, -// the rule group labels and mitigates requests from client sessions and IP -// addresses that submit too many failed login attempts in a short amount of -// time. +// This is part of the AWSManagedRulesACFPRuleSet configuration in ManagedRuleGroupConfig. +// +// In these settings, you specify how your application accepts account creation +// attempts by providing the request payload type and the names of the fields +// within the request body where the username, password, email, and primary +// address and phone number fields are provided. +type RequestInspectionACFP struct { + _ struct{} `type:"structure"` + + // The names of the fields in the request payload that contain your customer's + // primary physical address. + // + // Order the address fields in the array exactly as they are ordered in the + // request payload. + // + // How you specify the address fields depends on the request inspection payload + // type. + // + // * For JSON payloads, specify the field identifiers in JSON pointer syntax. + // For information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "primaryaddressline1": "THE_ADDRESS1", "primaryaddressline2": + // "THE_ADDRESS2", "primaryaddressline3": "THE_ADDRESS3" } }, the address + // field idenfiers are /form/primaryaddressline1, /form/primaryaddressline2, + // and /form/primaryaddressline3. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named primaryaddressline1, primaryaddressline2, + // and primaryaddressline3, the address fields identifiers are primaryaddressline1, + // primaryaddressline2, and primaryaddressline3. + AddressFields []*AddressField `type:"list"` + + // The name of the field in the request payload that contains your customer's + // email. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "email": "THE_EMAIL" } }, the email field specification is + // /form/email. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named email1, the email field + // specification is email1. + EmailField *EmailField `type:"structure"` + + // The name of the field in the request payload that contains your customer's + // password. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "password": "THE_PASSWORD" } }, the password field specification + // is /form/password. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named password1, the password + // field specification is password1. + PasswordField *PasswordField `type:"structure"` + + // The payload type for your account creation endpoint, either JSON or form + // encoded. + // + // PayloadType is a required field + PayloadType *string `type:"string" required:"true" enum:"PayloadType"` + + // The names of the fields in the request payload that contain your customer's + // primary phone number. + // + // Order the phone number fields in the array exactly as they are ordered in + // the request payload. + // + // How you specify the phone number fields depends on the request inspection + // payload type. + // + // * For JSON payloads, specify the field identifiers in JSON pointer syntax. + // For information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "primaryphoneline1": "THE_PHONE1", "primaryphoneline2": "THE_PHONE2", + // "primaryphoneline3": "THE_PHONE3" } }, the phone number field identifiers + // are /form/primaryphoneline1, /form/primaryphoneline2, and /form/primaryphoneline3. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named primaryphoneline1, primaryphoneline2, + // and primaryphoneline3, the phone number field identifiers are primaryphoneline1, + // primaryphoneline2, and primaryphoneline3. + PhoneNumberFields []*PhoneNumberField `type:"list"` + + // The name of the field in the request payload that contains your customer's + // username. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "username": "THE_USERNAME" } }, the username field specification + // is /form/username. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named username1, the username + // field specification is username1 + UsernameField *UsernameField `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestInspectionACFP) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestInspectionACFP) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RequestInspectionACFP) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RequestInspectionACFP"} + if s.PayloadType == nil { + invalidParams.Add(request.NewErrParamRequired("PayloadType")) + } + if s.AddressFields != nil { + for i, v := range s.AddressFields { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AddressFields", i), err.(request.ErrInvalidParams)) + } + } + } + if s.EmailField != nil { + if err := s.EmailField.Validate(); err != nil { + invalidParams.AddNested("EmailField", err.(request.ErrInvalidParams)) + } + } + if s.PasswordField != nil { + if err := s.PasswordField.Validate(); err != nil { + invalidParams.AddNested("PasswordField", err.(request.ErrInvalidParams)) + } + } + if s.PhoneNumberFields != nil { + for i, v := range s.PhoneNumberFields { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PhoneNumberFields", i), err.(request.ErrInvalidParams)) + } + } + } + if s.UsernameField != nil { + if err := s.UsernameField.Validate(); err != nil { + invalidParams.AddNested("UsernameField", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddressFields sets the AddressFields field's value. +func (s *RequestInspectionACFP) SetAddressFields(v []*AddressField) *RequestInspectionACFP { + s.AddressFields = v + return s +} + +// SetEmailField sets the EmailField field's value. +func (s *RequestInspectionACFP) SetEmailField(v *EmailField) *RequestInspectionACFP { + s.EmailField = v + return s +} + +// SetPasswordField sets the PasswordField field's value. +func (s *RequestInspectionACFP) SetPasswordField(v *PasswordField) *RequestInspectionACFP { + s.PasswordField = v + return s +} + +// SetPayloadType sets the PayloadType field's value. +func (s *RequestInspectionACFP) SetPayloadType(v string) *RequestInspectionACFP { + s.PayloadType = &v + return s +} + +// SetPhoneNumberFields sets the PhoneNumberFields field's value. +func (s *RequestInspectionACFP) SetPhoneNumberFields(v []*PhoneNumberField) *RequestInspectionACFP { + s.PhoneNumberFields = v + return s +} + +// SetUsernameField sets the UsernameField field's value. +func (s *RequestInspectionACFP) SetUsernameField(v *UsernameField) *RequestInspectionACFP { + s.UsernameField = v + return s +} + +// The criteria for inspecting responses to login requests and account creation +// requests, used by the ATP and ACFP rule groups to track login and account +// creation success and failure rates. // // Response inspection is available only in web ACLs that protect Amazon CloudFront // distributions. // -// This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig. +// The rule groups evaluates the responses that your protected resources send +// back to client login and account creation attempts, keeping count of successful +// and failed attempts from each IP address and client session. Using this information, +// the rule group labels and mitigates requests from client sessions and IP +// addresses with too much suspicious activity in a short amount of time. +// +// This is part of the AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet +// configurations in ManagedRuleGroupConfig. // -// Enable login response inspection by configuring exactly one component of -// the response to inspect. You can't configure more than one. If you don't -// configure any of the response inspection options, response inspection is -// disabled. +// Enable response inspection by configuring exactly one component of the response +// to inspect, for example, Header or StatusCode. You can't configure more than +// one component for inspection. If you don't configure any of the response +// inspection options, response inspection is disabled. type ResponseInspection struct { _ struct{} `type:"structure"` - // Configures inspection of the response body. WAF can inspect the first 65,536 - // bytes (64 KB) of the response body. + // Configures inspection of the response body for success and failure indicators. + // WAF can inspect the first 65,536 bytes (64 KB) of the response body. BodyContains *ResponseInspectionBodyContains `type:"structure"` - // Configures inspection of the response header. + // Configures inspection of the response header for success and failure indicators. Header *ResponseInspectionHeader `type:"structure"` - // Configures inspection of the response JSON. WAF can inspect the first 65,536 - // bytes (64 KB) of the response JSON. + // Configures inspection of the response JSON for success and failure indicators. + // WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. Json *ResponseInspectionJson `type:"structure"` - // Configures inspection of the response status code. + // Configures inspection of the response status code for success and failure + // indicators. StatusCode *ResponseInspectionStatusCode `type:"structure"` } @@ -19619,30 +20249,30 @@ func (s *ResponseInspection) SetStatusCode(v *ResponseInspectionStatusCode) *Res // Configures inspection of the response body. WAF can inspect the first 65,536 // bytes (64 KB) of the response body. This is part of the ResponseInspection -// configuration for AWSManagedRulesATPRuleSet. +// configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet. // // Response inspection is available only in web ACLs that protect Amazon CloudFront // distributions. type ResponseInspectionBodyContains struct { _ struct{} `type:"structure"` - // Strings in the body of the response that indicate a failed login attempt. - // To be counted as a failed login, the string can be anywhere in the body and - // must be an exact match, including case. Each string must be unique among - // the success and failure strings. + // Strings in the body of the response that indicate a failed login or account + // creation attempt. To be counted as a failure, the string can be anywhere + // in the body and must be an exact match, including case. Each string must + // be unique among the success and failure strings. // - // JSON example: "FailureStrings": [ "Login failed" ] + // JSON example: "FailureStrings": [ "Request failed" ] // // FailureStrings is a required field FailureStrings []*string `min:"1" type:"list" required:"true"` - // Strings in the body of the response that indicate a successful login attempt. - // To be counted as a successful login, the string can be anywhere in the body - // and must be an exact match, including case. Each string must be unique among - // the success and failure strings. + // Strings in the body of the response that indicate a successful login or account + // creation attempt. To be counted as a success, the string can be anywhere + // in the body and must be an exact match, including case. Each string must + // be unique among the success and failure strings. // - // JSON example: "SuccessStrings": [ "Login successful", "Welcome to our site!" - // ] + // JSON examples: "SuccessStrings": [ "Login successful" ] and "SuccessStrings": + // [ "Account creation successful", "Welcome to our site!" ] // // SuccessStrings is a required field SuccessStrings []*string `min:"1" type:"list" required:"true"` @@ -19701,7 +20331,7 @@ func (s *ResponseInspectionBodyContains) SetSuccessStrings(v []*string) *Respons } // Configures inspection of the response header. This is part of the ResponseInspection -// configuration for AWSManagedRulesATPRuleSet. +// configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet. // // Response inspection is available only in web ACLs that protect Amazon CloudFront // distributions. @@ -19709,11 +20339,12 @@ type ResponseInspectionHeader struct { _ struct{} `type:"structure"` // Values in the response header with the specified name that indicate a failed - // login attempt. To be counted as a failed login, the value must be an exact - // match, including case. Each value must be unique among the success and failure - // values. + // login or account creation attempt. To be counted as a failure, the value + // must be an exact match, including case. Each value must be unique among the + // success and failure values. // - // JSON example: "FailureValues": [ "LoginFailed", "Failed login" ] + // JSON examples: "FailureValues": [ "LoginFailed", "Failed login" ] and "FailureValues": + // [ "AccountCreationFailed" ] // // FailureValues is a required field FailureValues []*string `min:"1" type:"list" required:"true"` @@ -19721,17 +20352,18 @@ type ResponseInspectionHeader struct { // The name of the header to match against. The name must be an exact match, // including case. // - // JSON example: "Name": [ "LoginResult" ] + // JSON example: "Name": [ "RequestResult" ] // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // Values in the response header with the specified name that indicate a successful - // login attempt. To be counted as a successful login, the value must be an - // exact match, including case. Each value must be unique among the success - // and failure values. + // login or account creation attempt. To be counted as a success, the value + // must be an exact match, including case. Each value must be unique among the + // success and failure values. // - // JSON example: "SuccessValues": [ "LoginPassed", "Successful login" ] + // JSON examples: "SuccessValues": [ "LoginPassed", "Successful login" ] and + // "SuccessValues": [ "AccountCreated", "Successful account creation" ] // // SuccessValues is a required field SuccessValues []*string `min:"1" type:"list" required:"true"` @@ -19803,7 +20435,7 @@ func (s *ResponseInspectionHeader) SetSuccessValues(v []*string) *ResponseInspec // Configures inspection of the response JSON. WAF can inspect the first 65,536 // bytes (64 KB) of the response JSON. This is part of the ResponseInspection -// configuration for AWSManagedRulesATPRuleSet. +// configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet. // // Response inspection is available only in web ACLs that protect Amazon CloudFront // distributions. @@ -19811,9 +20443,9 @@ type ResponseInspectionJson struct { _ struct{} `type:"structure"` // Values for the specified identifier in the response JSON that indicate a - // failed login attempt. To be counted as a failed login, the value must be - // an exact match, including case. Each value must be unique among the success - // and failure values. + // failed login or account creation attempt. To be counted as a failure, the + // value must be an exact match, including case. Each value must be unique among + // the success and failure values. // // JSON example: "FailureValues": [ "False", "Failed" ] // @@ -19823,15 +20455,16 @@ type ResponseInspectionJson struct { // The identifier for the value to match against in the JSON. The identifier // must be an exact match, including case. // - // JSON example: "Identifier": [ "/login/success" ] + // JSON examples: "Identifier": [ "/login/success" ] and "Identifier": [ "/sign-up/success" + // ] // // Identifier is a required field Identifier *string `min:"1" type:"string" required:"true"` // Values for the specified identifier in the response JSON that indicate a - // successful login attempt. To be counted as a successful login, the value - // must be an exact match, including case. Each value must be unique among the - // success and failure values. + // successful login or account creation attempt. To be counted as a success, + // the value must be an exact match, including case. Each value must be unique + // among the success and failure values. // // JSON example: "SuccessValues": [ "True", "Succeeded" ] // @@ -19904,25 +20537,27 @@ func (s *ResponseInspectionJson) SetSuccessValues(v []*string) *ResponseInspecti } // Configures inspection of the response status code. This is part of the ResponseInspection -// configuration for AWSManagedRulesATPRuleSet. +// configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet. // // Response inspection is available only in web ACLs that protect Amazon CloudFront // distributions. type ResponseInspectionStatusCode struct { _ struct{} `type:"structure"` - // Status codes in the response that indicate a failed login attempt. To be - // counted as a failed login, the response status code must match one of these. - // Each code must be unique among the success and failure status codes. + // Status codes in the response that indicate a failed login or account creation + // attempt. To be counted as a failure, the response status code must match + // one of these. Each code must be unique among the success and failure status + // codes. // // JSON example: "FailureCodes": [ 400, 404 ] // // FailureCodes is a required field FailureCodes []*int64 `min:"1" type:"list" required:"true"` - // Status codes in the response that indicate a successful login attempt. To - // be counted as a successful login, the response status code must match one - // of these. Each code must be unique among the success and failure status codes. + // Status codes in the response that indicate a successful login or account + // creation attempt. To be counted as a success, the response status code must + // match one of these. Each code must be unique among the success and failure + // status codes. // // JSON example: "SuccessCodes": [ 200, 201 ] // @@ -21390,9 +22025,10 @@ type Statement struct { // within a rule. // // You are charged additional fees when you use the WAF Bot Control managed - // rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account - // takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For - // more information, see WAF Pricing (http://aws.amazon.com/waf/pricing/). + // rule group AWSManagedRulesBotControlRuleSet, the WAF Fraud Control account + // takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet, or + // the WAF Fraud Control account creation fraud prevention (ACFP) managed rule + // group AWSManagedRulesACFPRuleSet. For more information, see WAF Pricing (http://aws.amazon.com/waf/pricing/). ManagedRuleGroupStatement *ManagedRuleGroupStatement `type:"structure"` // A logical rule statement used to negate the results of another rule statement. @@ -23507,12 +24143,28 @@ func (s UriPath) GoString() string { return s.String() } -// Details about your login page username field for request inspection, used -// in the AWSManagedRulesATPRuleSet RequestInspection configuration. +// The name of the field in the request payload that contains your customer's +// username. +// +// This data type is used in the RequestInspection and RequestInspectionACFP +// data types. type UsernameField struct { _ struct{} `type:"structure"` - // The name of the username field. For example /form/username. + // The name of the username field. + // + // How you specify this depends on the request inspection payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "form": { "username": "THE_USERNAME" } }, the username field specification + // is /form/username. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with the input element named username1, the username + // field specification is username1 // // Identifier is a required field Identifier *string `min:"1" type:"string" required:"true"` @@ -26960,6 +27612,9 @@ const ( // ParameterExceptionFieldCustomKeys is a ParameterExceptionField enum value ParameterExceptionFieldCustomKeys = "CUSTOM_KEYS" + + // ParameterExceptionFieldAcpRuleSetResponseInspection is a ParameterExceptionField enum value + ParameterExceptionFieldAcpRuleSetResponseInspection = "ACP_RULE_SET_RESPONSE_INSPECTION" ) // ParameterExceptionField_Values returns all elements of the ParameterExceptionField enum @@ -27034,6 +27689,7 @@ func ParameterExceptionField_Values() []string { ParameterExceptionFieldAssociatedResourceType, ParameterExceptionFieldScopeDown, ParameterExceptionFieldCustomKeys, + ParameterExceptionFieldAcpRuleSetResponseInspection, } } diff --git a/service/wellarchitected/api.go b/service/wellarchitected/api.go index 615254ce8f8..1ccd29c24a7 100644 --- a/service/wellarchitected/api.go +++ b/service/wellarchitected/api.go @@ -118,6 +118,101 @@ func (c *WellArchitected) AssociateLensesWithContext(ctx aws.Context, input *Ass return out, req.Send() } +const opAssociateProfiles = "AssociateProfiles" + +// AssociateProfilesRequest generates a "aws/request.Request" representing the +// client's request for the AssociateProfiles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateProfiles for more information on using the AssociateProfiles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateProfilesRequest method. +// req, resp := client.AssociateProfilesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/AssociateProfiles +func (c *WellArchitected) AssociateProfilesRequest(input *AssociateProfilesInput) (req *request.Request, output *AssociateProfilesOutput) { + op := &request.Operation{ + Name: opAssociateProfiles, + HTTPMethod: "PATCH", + HTTPPath: "/workloads/{WorkloadId}/associateProfiles", + } + + if input == nil { + input = &AssociateProfilesInput{} + } + + output = &AssociateProfilesOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// AssociateProfiles API operation for AWS Well-Architected Tool. +// +// Associate a profile with a workload. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation AssociateProfiles for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/AssociateProfiles +func (c *WellArchitected) AssociateProfiles(input *AssociateProfilesInput) (*AssociateProfilesOutput, error) { + req, out := c.AssociateProfilesRequest(input) + return out, req.Send() +} + +// AssociateProfilesWithContext is the same as AssociateProfiles with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateProfiles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) AssociateProfilesWithContext(ctx aws.Context, input *AssociateProfilesInput, opts ...request.Option) (*AssociateProfilesOutput, error) { + req, out := c.AssociateProfilesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateLensShare = "CreateLensShare" // CreateLensShareRequest generates a "aws/request.Request" representing the @@ -438,6 +533,197 @@ func (c *WellArchitected) CreateMilestoneWithContext(ctx aws.Context, input *Cre return out, req.Send() } +const opCreateProfile = "CreateProfile" + +// CreateProfileRequest generates a "aws/request.Request" representing the +// client's request for the CreateProfile operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateProfile for more information on using the CreateProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateProfileRequest method. +// req, resp := client.CreateProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/CreateProfile +func (c *WellArchitected) CreateProfileRequest(input *CreateProfileInput) (req *request.Request, output *CreateProfileOutput) { + op := &request.Operation{ + Name: opCreateProfile, + HTTPMethod: "POST", + HTTPPath: "/profiles", + } + + if input == nil { + input = &CreateProfileInput{} + } + + output = &CreateProfileOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateProfile API operation for AWS Well-Architected Tool. +// +// Create a profile. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation CreateProfile for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - ServiceQuotaExceededException +// The user has reached their resource quota. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/CreateProfile +func (c *WellArchitected) CreateProfile(input *CreateProfileInput) (*CreateProfileOutput, error) { + req, out := c.CreateProfileRequest(input) + return out, req.Send() +} + +// CreateProfileWithContext is the same as CreateProfile with the addition of +// the ability to pass a context and additional request options. +// +// See CreateProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) CreateProfileWithContext(ctx aws.Context, input *CreateProfileInput, opts ...request.Option) (*CreateProfileOutput, error) { + req, out := c.CreateProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateProfileShare = "CreateProfileShare" + +// CreateProfileShareRequest generates a "aws/request.Request" representing the +// client's request for the CreateProfileShare operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateProfileShare for more information on using the CreateProfileShare +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateProfileShareRequest method. +// req, resp := client.CreateProfileShareRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/CreateProfileShare +func (c *WellArchitected) CreateProfileShareRequest(input *CreateProfileShareInput) (req *request.Request, output *CreateProfileShareOutput) { + op := &request.Operation{ + Name: opCreateProfileShare, + HTTPMethod: "POST", + HTTPPath: "/profiles/{ProfileArn}/shares", + } + + if input == nil { + input = &CreateProfileShareInput{} + } + + output = &CreateProfileShareOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateProfileShare API operation for AWS Well-Architected Tool. +// +// Create a profile share. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation CreateProfileShare for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ServiceQuotaExceededException +// The user has reached their resource quota. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/CreateProfileShare +func (c *WellArchitected) CreateProfileShare(input *CreateProfileShareInput) (*CreateProfileShareOutput, error) { + req, out := c.CreateProfileShareRequest(input) + return out, req.Send() +} + +// CreateProfileShareWithContext is the same as CreateProfileShare with the addition of +// the ability to pass a context and additional request options. +// +// See CreateProfileShare for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) CreateProfileShareWithContext(ctx aws.Context, input *CreateProfileShareInput, opts ...request.Option) (*CreateProfileShareOutput, error) { + req, out := c.CreateProfileShareRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateWorkload = "CreateWorkload" // CreateWorkloadRequest generates a "aws/request.Request" representing the @@ -869,58 +1155,66 @@ func (c *WellArchitected) DeleteLensShareWithContext(ctx aws.Context, input *Del return out, req.Send() } -const opDeleteWorkload = "DeleteWorkload" +const opDeleteProfile = "DeleteProfile" -// DeleteWorkloadRequest generates a "aws/request.Request" representing the -// client's request for the DeleteWorkload operation. The "output" return +// DeleteProfileRequest generates a "aws/request.Request" representing the +// client's request for the DeleteProfile operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteWorkload for more information on using the DeleteWorkload +// See DeleteProfile for more information on using the DeleteProfile // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteWorkloadRequest method. -// req, resp := client.DeleteWorkloadRequest(params) +// // Example sending a request using the DeleteProfileRequest method. +// req, resp := client.DeleteProfileRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkload -func (c *WellArchitected) DeleteWorkloadRequest(input *DeleteWorkloadInput) (req *request.Request, output *DeleteWorkloadOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteProfile +func (c *WellArchitected) DeleteProfileRequest(input *DeleteProfileInput) (req *request.Request, output *DeleteProfileOutput) { op := &request.Operation{ - Name: opDeleteWorkload, + Name: opDeleteProfile, HTTPMethod: "DELETE", - HTTPPath: "/workloads/{WorkloadId}", + HTTPPath: "/profiles/{ProfileArn}", } if input == nil { - input = &DeleteWorkloadInput{} + input = &DeleteProfileInput{} } - output = &DeleteWorkloadOutput{} + output = &DeleteProfileOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteWorkload API operation for AWS Well-Architected Tool. +// DeleteProfile API operation for AWS Well-Architected Tool. // -// Delete an existing workload. +// Delete a profile. +// +// # Disclaimer +// +// By sharing your profile with other Amazon Web Services accounts, you acknowledge +// that Amazon Web Services will make your profile available to those other +// accounts. Those other accounts may continue to access and use your shared +// profile even if you delete the profile from your own Amazon Web Services +// account or terminate your Amazon Web Services account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation DeleteWorkload for usage and error information. +// API operation DeleteProfile for usage and error information. // // Returned Error Types: // @@ -942,62 +1236,252 @@ func (c *WellArchitected) DeleteWorkloadRequest(input *DeleteWorkloadInput) (req // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkload -func (c *WellArchitected) DeleteWorkload(input *DeleteWorkloadInput) (*DeleteWorkloadOutput, error) { - req, out := c.DeleteWorkloadRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteProfile +func (c *WellArchitected) DeleteProfile(input *DeleteProfileInput) (*DeleteProfileOutput, error) { + req, out := c.DeleteProfileRequest(input) return out, req.Send() } -// DeleteWorkloadWithContext is the same as DeleteWorkload with the addition of +// DeleteProfileWithContext is the same as DeleteProfile with the addition of // the ability to pass a context and additional request options. // -// See DeleteWorkload for details on how to use this API operation. +// See DeleteProfile for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) DeleteWorkloadWithContext(ctx aws.Context, input *DeleteWorkloadInput, opts ...request.Option) (*DeleteWorkloadOutput, error) { - req, out := c.DeleteWorkloadRequest(input) +func (c *WellArchitected) DeleteProfileWithContext(ctx aws.Context, input *DeleteProfileInput, opts ...request.Option) (*DeleteProfileOutput, error) { + req, out := c.DeleteProfileRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteWorkloadShare = "DeleteWorkloadShare" +const opDeleteProfileShare = "DeleteProfileShare" -// DeleteWorkloadShareRequest generates a "aws/request.Request" representing the -// client's request for the DeleteWorkloadShare operation. The "output" return +// DeleteProfileShareRequest generates a "aws/request.Request" representing the +// client's request for the DeleteProfileShare operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteWorkloadShare for more information on using the DeleteWorkloadShare +// See DeleteProfileShare for more information on using the DeleteProfileShare // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteWorkloadShareRequest method. -// req, resp := client.DeleteWorkloadShareRequest(params) +// // Example sending a request using the DeleteProfileShareRequest method. +// req, resp := client.DeleteProfileShareRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkloadShare -func (c *WellArchitected) DeleteWorkloadShareRequest(input *DeleteWorkloadShareInput) (req *request.Request, output *DeleteWorkloadShareOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteProfileShare +func (c *WellArchitected) DeleteProfileShareRequest(input *DeleteProfileShareInput) (req *request.Request, output *DeleteProfileShareOutput) { op := &request.Operation{ - Name: opDeleteWorkloadShare, + Name: opDeleteProfileShare, HTTPMethod: "DELETE", - HTTPPath: "/workloads/{WorkloadId}/shares/{ShareId}", + HTTPPath: "/profiles/{ProfileArn}/shares/{ShareId}", } if input == nil { - input = &DeleteWorkloadShareInput{} + input = &DeleteProfileShareInput{} + } + + output = &DeleteProfileShareOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteProfileShare API operation for AWS Well-Architected Tool. +// +// Delete a profile share. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation DeleteProfileShare for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteProfileShare +func (c *WellArchitected) DeleteProfileShare(input *DeleteProfileShareInput) (*DeleteProfileShareOutput, error) { + req, out := c.DeleteProfileShareRequest(input) + return out, req.Send() +} + +// DeleteProfileShareWithContext is the same as DeleteProfileShare with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteProfileShare for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) DeleteProfileShareWithContext(ctx aws.Context, input *DeleteProfileShareInput, opts ...request.Option) (*DeleteProfileShareOutput, error) { + req, out := c.DeleteProfileShareRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteWorkload = "DeleteWorkload" + +// DeleteWorkloadRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkload operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteWorkload for more information on using the DeleteWorkload +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteWorkloadRequest method. +// req, resp := client.DeleteWorkloadRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkload +func (c *WellArchitected) DeleteWorkloadRequest(input *DeleteWorkloadInput) (req *request.Request, output *DeleteWorkloadOutput) { + op := &request.Operation{ + Name: opDeleteWorkload, + HTTPMethod: "DELETE", + HTTPPath: "/workloads/{WorkloadId}", + } + + if input == nil { + input = &DeleteWorkloadInput{} + } + + output = &DeleteWorkloadOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteWorkload API operation for AWS Well-Architected Tool. +// +// Delete an existing workload. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation DeleteWorkload for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkload +func (c *WellArchitected) DeleteWorkload(input *DeleteWorkloadInput) (*DeleteWorkloadOutput, error) { + req, out := c.DeleteWorkloadRequest(input) + return out, req.Send() +} + +// DeleteWorkloadWithContext is the same as DeleteWorkload with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteWorkload for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) DeleteWorkloadWithContext(ctx aws.Context, input *DeleteWorkloadInput, opts ...request.Option) (*DeleteWorkloadOutput, error) { + req, out := c.DeleteWorkloadRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteWorkloadShare = "DeleteWorkloadShare" + +// DeleteWorkloadShareRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkloadShare operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteWorkloadShare for more information on using the DeleteWorkloadShare +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteWorkloadShareRequest method. +// req, resp := client.DeleteWorkloadShareRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DeleteWorkloadShare +func (c *WellArchitected) DeleteWorkloadShareRequest(input *DeleteWorkloadShareInput) (req *request.Request, output *DeleteWorkloadShareOutput) { + op := &request.Operation{ + Name: opDeleteWorkloadShare, + HTTPMethod: "DELETE", + HTTPPath: "/workloads/{WorkloadId}/shares/{ShareId}", + } + + if input == nil { + input = &DeleteWorkloadShareInput{} } output = &DeleteWorkloadShareOutput{} @@ -1159,6 +1643,101 @@ func (c *WellArchitected) DisassociateLensesWithContext(ctx aws.Context, input * return out, req.Send() } +const opDisassociateProfiles = "DisassociateProfiles" + +// DisassociateProfilesRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateProfiles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateProfiles for more information on using the DisassociateProfiles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateProfilesRequest method. +// req, resp := client.DisassociateProfilesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DisassociateProfiles +func (c *WellArchitected) DisassociateProfilesRequest(input *DisassociateProfilesInput) (req *request.Request, output *DisassociateProfilesOutput) { + op := &request.Operation{ + Name: opDisassociateProfiles, + HTTPMethod: "PATCH", + HTTPPath: "/workloads/{WorkloadId}/disassociateProfiles", + } + + if input == nil { + input = &DisassociateProfilesInput{} + } + + output = &DisassociateProfilesOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DisassociateProfiles API operation for AWS Well-Architected Tool. +// +// Disassociate a profile from a workload. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation DisassociateProfiles for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/DisassociateProfiles +func (c *WellArchitected) DisassociateProfiles(input *DisassociateProfilesInput) (*DisassociateProfilesOutput, error) { + req, out := c.DisassociateProfilesRequest(input) + return out, req.Send() +} + +// DisassociateProfilesWithContext is the same as DisassociateProfiles with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateProfiles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) DisassociateProfilesWithContext(ctx aws.Context, input *DisassociateProfilesInput, opts ...request.Option) (*DisassociateProfilesOutput, error) { + req, out := c.DisassociateProfilesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opExportLens = "ExportLens" // ExportLensRequest generates a "aws/request.Request" representing the @@ -1963,17 +2542,199 @@ func (c *WellArchitected) GetMilestoneWithContext(ctx aws.Context, input *GetMil return out, req.Send() } -const opGetWorkload = "GetWorkload" +const opGetProfile = "GetProfile" -// GetWorkloadRequest generates a "aws/request.Request" representing the -// client's request for the GetWorkload operation. The "output" return +// GetProfileRequest generates a "aws/request.Request" representing the +// client's request for the GetProfile operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetWorkload for more information on using the GetWorkload +// See GetProfile for more information on using the GetProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetProfileRequest method. +// req, resp := client.GetProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/GetProfile +func (c *WellArchitected) GetProfileRequest(input *GetProfileInput) (req *request.Request, output *GetProfileOutput) { + op := &request.Operation{ + Name: opGetProfile, + HTTPMethod: "GET", + HTTPPath: "/profiles/{ProfileArn}", + } + + if input == nil { + input = &GetProfileInput{} + } + + output = &GetProfileOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetProfile API operation for AWS Well-Architected Tool. +// +// Get profile information. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation GetProfile for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/GetProfile +func (c *WellArchitected) GetProfile(input *GetProfileInput) (*GetProfileOutput, error) { + req, out := c.GetProfileRequest(input) + return out, req.Send() +} + +// GetProfileWithContext is the same as GetProfile with the addition of +// the ability to pass a context and additional request options. +// +// See GetProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) GetProfileWithContext(ctx aws.Context, input *GetProfileInput, opts ...request.Option) (*GetProfileOutput, error) { + req, out := c.GetProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetProfileTemplate = "GetProfileTemplate" + +// GetProfileTemplateRequest generates a "aws/request.Request" representing the +// client's request for the GetProfileTemplate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetProfileTemplate for more information on using the GetProfileTemplate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetProfileTemplateRequest method. +// req, resp := client.GetProfileTemplateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/GetProfileTemplate +func (c *WellArchitected) GetProfileTemplateRequest(input *GetProfileTemplateInput) (req *request.Request, output *GetProfileTemplateOutput) { + op := &request.Operation{ + Name: opGetProfileTemplate, + HTTPMethod: "GET", + HTTPPath: "/profileTemplate", + } + + if input == nil { + input = &GetProfileTemplateInput{} + } + + output = &GetProfileTemplateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetProfileTemplate API operation for AWS Well-Architected Tool. +// +// Get profile template. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation GetProfileTemplate for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/GetProfileTemplate +func (c *WellArchitected) GetProfileTemplate(input *GetProfileTemplateInput) (*GetProfileTemplateOutput, error) { + req, out := c.GetProfileTemplateRequest(input) + return out, req.Send() +} + +// GetProfileTemplateWithContext is the same as GetProfileTemplate with the addition of +// the ability to pass a context and additional request options. +// +// See GetProfileTemplate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) GetProfileTemplateWithContext(ctx aws.Context, input *GetProfileTemplateInput, opts ...request.Option) (*GetProfileTemplateOutput, error) { + req, out := c.GetProfileTemplateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetWorkload = "GetWorkload" + +// GetWorkloadRequest generates a "aws/request.Request" representing the +// client's request for the GetWorkload operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetWorkload for more information on using the GetWorkload // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration @@ -3500,36 +4261,36 @@ func (c *WellArchitected) ListNotificationsPagesWithContext(ctx aws.Context, inp return p.Err() } -const opListShareInvitations = "ListShareInvitations" +const opListProfileNotifications = "ListProfileNotifications" -// ListShareInvitationsRequest generates a "aws/request.Request" representing the -// client's request for the ListShareInvitations operation. The "output" return +// ListProfileNotificationsRequest generates a "aws/request.Request" representing the +// client's request for the ListProfileNotifications operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListShareInvitations for more information on using the ListShareInvitations +// See ListProfileNotifications for more information on using the ListProfileNotifications // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListShareInvitationsRequest method. -// req, resp := client.ListShareInvitationsRequest(params) +// // Example sending a request using the ListProfileNotificationsRequest method. +// req, resp := client.ListProfileNotificationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListShareInvitations -func (c *WellArchitected) ListShareInvitationsRequest(input *ListShareInvitationsInput) (req *request.Request, output *ListShareInvitationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfileNotifications +func (c *WellArchitected) ListProfileNotificationsRequest(input *ListProfileNotificationsInput) (req *request.Request, output *ListProfileNotificationsOutput) { op := &request.Operation{ - Name: opListShareInvitations, + Name: opListProfileNotifications, HTTPMethod: "GET", - HTTPPath: "/shareInvitations", + HTTPPath: "/profileNotifications/", Paginator: &request.Paginator{ InputTokens: []string{"NextToken"}, OutputTokens: []string{"NextToken"}, @@ -3539,24 +4300,24 @@ func (c *WellArchitected) ListShareInvitationsRequest(input *ListShareInvitation } if input == nil { - input = &ListShareInvitationsInput{} + input = &ListProfileNotificationsInput{} } - output = &ListShareInvitationsOutput{} + output = &ListProfileNotificationsOutput{} req = c.newRequest(op, input, output) return } -// ListShareInvitations API operation for AWS Well-Architected Tool. +// ListProfileNotifications API operation for AWS Well-Architected Tool. // -// List the workload invitations. +// List profile notifications. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation ListShareInvitations for usage and error information. +// API operation ListProfileNotifications for usage and error information. // // Returned Error Types: // @@ -3572,64 +4333,64 @@ func (c *WellArchitected) ListShareInvitationsRequest(input *ListShareInvitation // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListShareInvitations -func (c *WellArchitected) ListShareInvitations(input *ListShareInvitationsInput) (*ListShareInvitationsOutput, error) { - req, out := c.ListShareInvitationsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfileNotifications +func (c *WellArchitected) ListProfileNotifications(input *ListProfileNotificationsInput) (*ListProfileNotificationsOutput, error) { + req, out := c.ListProfileNotificationsRequest(input) return out, req.Send() } -// ListShareInvitationsWithContext is the same as ListShareInvitations with the addition of +// ListProfileNotificationsWithContext is the same as ListProfileNotifications with the addition of // the ability to pass a context and additional request options. // -// See ListShareInvitations for details on how to use this API operation. +// See ListProfileNotifications for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListShareInvitationsWithContext(ctx aws.Context, input *ListShareInvitationsInput, opts ...request.Option) (*ListShareInvitationsOutput, error) { - req, out := c.ListShareInvitationsRequest(input) +func (c *WellArchitected) ListProfileNotificationsWithContext(ctx aws.Context, input *ListProfileNotificationsInput, opts ...request.Option) (*ListProfileNotificationsOutput, error) { + req, out := c.ListProfileNotificationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListShareInvitationsPages iterates over the pages of a ListShareInvitations operation, +// ListProfileNotificationsPages iterates over the pages of a ListProfileNotifications operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListShareInvitations method for more information on how to use this operation. +// See ListProfileNotifications method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListShareInvitations operation. +// // Example iterating over at most 3 pages of a ListProfileNotifications operation. // pageNum := 0 -// err := client.ListShareInvitationsPages(params, -// func(page *wellarchitected.ListShareInvitationsOutput, lastPage bool) bool { +// err := client.ListProfileNotificationsPages(params, +// func(page *wellarchitected.ListProfileNotificationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *WellArchitected) ListShareInvitationsPages(input *ListShareInvitationsInput, fn func(*ListShareInvitationsOutput, bool) bool) error { - return c.ListShareInvitationsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *WellArchitected) ListProfileNotificationsPages(input *ListProfileNotificationsInput, fn func(*ListProfileNotificationsOutput, bool) bool) error { + return c.ListProfileNotificationsPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListShareInvitationsPagesWithContext same as ListShareInvitationsPages except +// ListProfileNotificationsPagesWithContext same as ListProfileNotificationsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListShareInvitationsPagesWithContext(ctx aws.Context, input *ListShareInvitationsInput, fn func(*ListShareInvitationsOutput, bool) bool, opts ...request.Option) error { +func (c *WellArchitected) ListProfileNotificationsPagesWithContext(ctx aws.Context, input *ListProfileNotificationsInput, fn func(*ListProfileNotificationsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListShareInvitationsInput + var inCpy *ListProfileNotificationsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListShareInvitationsRequest(inCpy) + req, _ := c.ListProfileNotificationsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -3637,7 +4398,7 @@ func (c *WellArchitected) ListShareInvitationsPagesWithContext(ctx aws.Context, } for p.Next() { - if !fn(p.Page().(*ListShareInvitationsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListProfileNotificationsOutput), !p.HasNextPage()) { break } } @@ -3645,120 +4406,184 @@ func (c *WellArchitected) ListShareInvitationsPagesWithContext(ctx aws.Context, return p.Err() } -const opListTagsForResource = "ListTagsForResource" +const opListProfileShares = "ListProfileShares" -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return +// ListProfileSharesRequest generates a "aws/request.Request" representing the +// client's request for the ListProfileShares operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsForResource for more information on using the ListTagsForResource +// See ListProfileShares for more information on using the ListProfileShares // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) +// // Example sending a request using the ListProfileSharesRequest method. +// req, resp := client.ListProfileSharesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListTagsForResource -func (c *WellArchitected) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfileShares +func (c *WellArchitected) ListProfileSharesRequest(input *ListProfileSharesInput) (req *request.Request, output *ListProfileSharesOutput) { op := &request.Operation{ - Name: opListTagsForResource, + Name: opListProfileShares, HTTPMethod: "GET", - HTTPPath: "/tags/{WorkloadArn}", + HTTPPath: "/profiles/{ProfileArn}/shares", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &ListTagsForResourceInput{} + input = &ListProfileSharesInput{} } - output = &ListTagsForResourceOutput{} + output = &ListProfileSharesOutput{} req = c.newRequest(op, input, output) return } -// ListTagsForResource API operation for AWS Well-Architected Tool. -// -// List the tags for a resource. +// ListProfileShares API operation for AWS Well-Architected Tool. // -// The WorkloadArn parameter can be either a workload ARN or a custom lens ARN. +// List profile shares. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation ListTagsForResource for usage and error information. +// API operation ListProfileShares for usage and error information. // // Returned Error Types: // +// - ValidationException +// The user input is not valid. +// // - InternalServerException // There is a problem with the Well-Architected Tool API service. // // - ResourceNotFoundException // The requested resource was not found. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListTagsForResource -func (c *WellArchitected) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfileShares +func (c *WellArchitected) ListProfileShares(input *ListProfileSharesInput) (*ListProfileSharesOutput, error) { + req, out := c.ListProfileSharesRequest(input) return out, req.Send() } -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// ListProfileSharesWithContext is the same as ListProfileShares with the addition of // the ability to pass a context and additional request options. // -// See ListTagsForResource for details on how to use this API operation. +// See ListProfileShares for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +func (c *WellArchitected) ListProfileSharesWithContext(ctx aws.Context, input *ListProfileSharesInput, opts ...request.Option) (*ListProfileSharesOutput, error) { + req, out := c.ListProfileSharesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListWorkloadShares = "ListWorkloadShares" +// ListProfileSharesPages iterates over the pages of a ListProfileShares operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListProfileShares method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListProfileShares operation. +// pageNum := 0 +// err := client.ListProfileSharesPages(params, +// func(page *wellarchitected.ListProfileSharesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *WellArchitected) ListProfileSharesPages(input *ListProfileSharesInput, fn func(*ListProfileSharesOutput, bool) bool) error { + return c.ListProfileSharesPagesWithContext(aws.BackgroundContext(), input, fn) +} -// ListWorkloadSharesRequest generates a "aws/request.Request" representing the -// client's request for the ListWorkloadShares operation. The "output" return +// ListProfileSharesPagesWithContext same as ListProfileSharesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) ListProfileSharesPagesWithContext(ctx aws.Context, input *ListProfileSharesInput, fn func(*ListProfileSharesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListProfileSharesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListProfileSharesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListProfileSharesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListProfiles = "ListProfiles" + +// ListProfilesRequest generates a "aws/request.Request" representing the +// client's request for the ListProfiles operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListWorkloadShares for more information on using the ListWorkloadShares +// See ListProfiles for more information on using the ListProfiles // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListWorkloadSharesRequest method. -// req, resp := client.ListWorkloadSharesRequest(params) +// // Example sending a request using the ListProfilesRequest method. +// req, resp := client.ListProfilesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloadShares -func (c *WellArchitected) ListWorkloadSharesRequest(input *ListWorkloadSharesInput) (req *request.Request, output *ListWorkloadSharesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfiles +func (c *WellArchitected) ListProfilesRequest(input *ListProfilesInput) (req *request.Request, output *ListProfilesOutput) { op := &request.Operation{ - Name: opListWorkloadShares, + Name: opListProfiles, HTTPMethod: "GET", - HTTPPath: "/workloads/{WorkloadId}/shares", + HTTPPath: "/profileSummaries", Paginator: &request.Paginator{ InputTokens: []string{"NextToken"}, OutputTokens: []string{"NextToken"}, @@ -3768,24 +4593,24 @@ func (c *WellArchitected) ListWorkloadSharesRequest(input *ListWorkloadSharesInp } if input == nil { - input = &ListWorkloadSharesInput{} + input = &ListProfilesInput{} } - output = &ListWorkloadSharesOutput{} + output = &ListProfilesOutput{} req = c.newRequest(op, input, output) return } -// ListWorkloadShares API operation for AWS Well-Architected Tool. +// ListProfiles API operation for AWS Well-Architected Tool. // -// List the workload shares associated with the workload. +// List profiles. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation ListWorkloadShares for usage and error information. +// API operation ListProfiles for usage and error information. // // Returned Error Types: // @@ -3795,73 +4620,70 @@ func (c *WellArchitected) ListWorkloadSharesRequest(input *ListWorkloadSharesInp // - InternalServerException // There is a problem with the Well-Architected Tool API service. // -// - ResourceNotFoundException -// The requested resource was not found. -// // - AccessDeniedException // User does not have sufficient access to perform this action. // // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloadShares -func (c *WellArchitected) ListWorkloadShares(input *ListWorkloadSharesInput) (*ListWorkloadSharesOutput, error) { - req, out := c.ListWorkloadSharesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListProfiles +func (c *WellArchitected) ListProfiles(input *ListProfilesInput) (*ListProfilesOutput, error) { + req, out := c.ListProfilesRequest(input) return out, req.Send() } -// ListWorkloadSharesWithContext is the same as ListWorkloadShares with the addition of +// ListProfilesWithContext is the same as ListProfiles with the addition of // the ability to pass a context and additional request options. // -// See ListWorkloadShares for details on how to use this API operation. +// See ListProfiles for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListWorkloadSharesWithContext(ctx aws.Context, input *ListWorkloadSharesInput, opts ...request.Option) (*ListWorkloadSharesOutput, error) { - req, out := c.ListWorkloadSharesRequest(input) +func (c *WellArchitected) ListProfilesWithContext(ctx aws.Context, input *ListProfilesInput, opts ...request.Option) (*ListProfilesOutput, error) { + req, out := c.ListProfilesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListWorkloadSharesPages iterates over the pages of a ListWorkloadShares operation, +// ListProfilesPages iterates over the pages of a ListProfiles operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListWorkloadShares method for more information on how to use this operation. +// See ListProfiles method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListWorkloadShares operation. +// // Example iterating over at most 3 pages of a ListProfiles operation. // pageNum := 0 -// err := client.ListWorkloadSharesPages(params, -// func(page *wellarchitected.ListWorkloadSharesOutput, lastPage bool) bool { +// err := client.ListProfilesPages(params, +// func(page *wellarchitected.ListProfilesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *WellArchitected) ListWorkloadSharesPages(input *ListWorkloadSharesInput, fn func(*ListWorkloadSharesOutput, bool) bool) error { - return c.ListWorkloadSharesPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *WellArchitected) ListProfilesPages(input *ListProfilesInput, fn func(*ListProfilesOutput, bool) bool) error { + return c.ListProfilesPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListWorkloadSharesPagesWithContext same as ListWorkloadSharesPages except +// ListProfilesPagesWithContext same as ListProfilesPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListWorkloadSharesPagesWithContext(ctx aws.Context, input *ListWorkloadSharesInput, fn func(*ListWorkloadSharesOutput, bool) bool, opts ...request.Option) error { +func (c *WellArchitected) ListProfilesPagesWithContext(ctx aws.Context, input *ListProfilesInput, fn func(*ListProfilesOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListWorkloadSharesInput + var inCpy *ListProfilesInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListWorkloadSharesRequest(inCpy) + req, _ := c.ListProfilesRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -3869,7 +4691,7 @@ func (c *WellArchitected) ListWorkloadSharesPagesWithContext(ctx aws.Context, in } for p.Next() { - if !fn(p.Page().(*ListWorkloadSharesOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListProfilesOutput), !p.HasNextPage()) { break } } @@ -3877,36 +4699,36 @@ func (c *WellArchitected) ListWorkloadSharesPagesWithContext(ctx aws.Context, in return p.Err() } -const opListWorkloads = "ListWorkloads" +const opListShareInvitations = "ListShareInvitations" -// ListWorkloadsRequest generates a "aws/request.Request" representing the -// client's request for the ListWorkloads operation. The "output" return +// ListShareInvitationsRequest generates a "aws/request.Request" representing the +// client's request for the ListShareInvitations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListWorkloads for more information on using the ListWorkloads +// See ListShareInvitations for more information on using the ListShareInvitations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListWorkloadsRequest method. -// req, resp := client.ListWorkloadsRequest(params) +// // Example sending a request using the ListShareInvitationsRequest method. +// req, resp := client.ListShareInvitationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloads -func (c *WellArchitected) ListWorkloadsRequest(input *ListWorkloadsInput) (req *request.Request, output *ListWorkloadsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListShareInvitations +func (c *WellArchitected) ListShareInvitationsRequest(input *ListShareInvitationsInput) (req *request.Request, output *ListShareInvitationsOutput) { op := &request.Operation{ - Name: opListWorkloads, - HTTPMethod: "POST", - HTTPPath: "/workloadsSummaries", + Name: opListShareInvitations, + HTTPMethod: "GET", + HTTPPath: "/shareInvitations", Paginator: &request.Paginator{ InputTokens: []string{"NextToken"}, OutputTokens: []string{"NextToken"}, @@ -3916,24 +4738,24 @@ func (c *WellArchitected) ListWorkloadsRequest(input *ListWorkloadsInput) (req * } if input == nil { - input = &ListWorkloadsInput{} + input = &ListShareInvitationsInput{} } - output = &ListWorkloadsOutput{} + output = &ListShareInvitationsOutput{} req = c.newRequest(op, input, output) return } -// ListWorkloads API operation for AWS Well-Architected Tool. +// ListShareInvitations API operation for AWS Well-Architected Tool. // -// Paginated list of workloads. +// List the workload invitations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation ListWorkloads for usage and error information. +// API operation ListShareInvitations for usage and error information. // // Returned Error Types: // @@ -3949,64 +4771,64 @@ func (c *WellArchitected) ListWorkloadsRequest(input *ListWorkloadsInput) (req * // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloads -func (c *WellArchitected) ListWorkloads(input *ListWorkloadsInput) (*ListWorkloadsOutput, error) { - req, out := c.ListWorkloadsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListShareInvitations +func (c *WellArchitected) ListShareInvitations(input *ListShareInvitationsInput) (*ListShareInvitationsOutput, error) { + req, out := c.ListShareInvitationsRequest(input) return out, req.Send() } -// ListWorkloadsWithContext is the same as ListWorkloads with the addition of +// ListShareInvitationsWithContext is the same as ListShareInvitations with the addition of // the ability to pass a context and additional request options. // -// See ListWorkloads for details on how to use this API operation. +// See ListShareInvitations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListWorkloadsWithContext(ctx aws.Context, input *ListWorkloadsInput, opts ...request.Option) (*ListWorkloadsOutput, error) { - req, out := c.ListWorkloadsRequest(input) +func (c *WellArchitected) ListShareInvitationsWithContext(ctx aws.Context, input *ListShareInvitationsInput, opts ...request.Option) (*ListShareInvitationsOutput, error) { + req, out := c.ListShareInvitationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListWorkloadsPages iterates over the pages of a ListWorkloads operation, +// ListShareInvitationsPages iterates over the pages of a ListShareInvitations operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListWorkloads method for more information on how to use this operation. +// See ListShareInvitations method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListWorkloads operation. +// // Example iterating over at most 3 pages of a ListShareInvitations operation. // pageNum := 0 -// err := client.ListWorkloadsPages(params, -// func(page *wellarchitected.ListWorkloadsOutput, lastPage bool) bool { +// err := client.ListShareInvitationsPages(params, +// func(page *wellarchitected.ListShareInvitationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *WellArchitected) ListWorkloadsPages(input *ListWorkloadsInput, fn func(*ListWorkloadsOutput, bool) bool) error { - return c.ListWorkloadsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *WellArchitected) ListShareInvitationsPages(input *ListShareInvitationsInput, fn func(*ListShareInvitationsOutput, bool) bool) error { + return c.ListShareInvitationsPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListWorkloadsPagesWithContext same as ListWorkloadsPages except +// ListShareInvitationsPagesWithContext same as ListShareInvitationsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) ListWorkloadsPagesWithContext(ctx aws.Context, input *ListWorkloadsInput, fn func(*ListWorkloadsOutput, bool) bool, opts ...request.Option) error { +func (c *WellArchitected) ListShareInvitationsPagesWithContext(ctx aws.Context, input *ListShareInvitationsInput, fn func(*ListShareInvitationsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListWorkloadsInput + var inCpy *ListShareInvitationsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListWorkloadsRequest(inCpy) + req, _ := c.ListShareInvitationsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -4014,7 +4836,7 @@ func (c *WellArchitected) ListWorkloadsPagesWithContext(ctx aws.Context, input * } for p.Next() { - if !fn(p.Page().(*ListWorkloadsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListShareInvitationsOutput), !p.HasNextPage()) { break } } @@ -4022,60 +4844,60 @@ func (c *WellArchitected) ListWorkloadsPagesWithContext(ctx aws.Context, input * return p.Err() } -const opTagResource = "TagResource" +const opListTagsForResource = "ListTagsForResource" -// TagResourceRequest generates a "aws/request.Request" representing the -// client's request for the TagResource operation. The "output" return +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TagResource for more information on using the TagResource +// See ListTagsForResource for more information on using the ListTagsForResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the TagResourceRequest method. -// req, resp := client.TagResourceRequest(params) +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/TagResource -func (c *WellArchitected) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListTagsForResource +func (c *WellArchitected) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { op := &request.Operation{ - Name: opTagResource, - HTTPMethod: "POST", + Name: opListTagsForResource, + HTTPMethod: "GET", HTTPPath: "/tags/{WorkloadArn}", } if input == nil { - input = &TagResourceInput{} + input = &ListTagsForResourceInput{} } - output = &TagResourceOutput{} + output = &ListTagsForResourceOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// TagResource API operation for AWS Well-Architected Tool. +// ListTagsForResource API operation for AWS Well-Architected Tool. // -// Adds one or more tags to the specified resource. +// List the tags for a resource. // -// The WorkloadArn parameter can be either a workload ARN or a custom lens ARN. +// The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a +// profile ARN. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation TagResource for usage and error information. +// API operation ListTagsForResource for usage and error information. // // Returned Error Types: // @@ -4085,180 +4907,239 @@ func (c *WellArchitected) TagResourceRequest(input *TagResourceInput) (req *requ // - ResourceNotFoundException // The requested resource was not found. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/TagResource -func (c *WellArchitected) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListTagsForResource +func (c *WellArchitected) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) return out, req.Send() } -// TagResourceWithContext is the same as TagResource with the addition of +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of // the ability to pass a context and additional request options. // -// See TagResource for details on how to use this API operation. +// See ListTagsForResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +func (c *WellArchitected) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUntagResource = "UntagResource" +const opListWorkloadShares = "ListWorkloadShares" -// UntagResourceRequest generates a "aws/request.Request" representing the -// client's request for the UntagResource operation. The "output" return +// ListWorkloadSharesRequest generates a "aws/request.Request" representing the +// client's request for the ListWorkloadShares operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UntagResource for more information on using the UntagResource +// See ListWorkloadShares for more information on using the ListWorkloadShares // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UntagResourceRequest method. -// req, resp := client.UntagResourceRequest(params) +// // Example sending a request using the ListWorkloadSharesRequest method. +// req, resp := client.ListWorkloadSharesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UntagResource -func (c *WellArchitected) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloadShares +func (c *WellArchitected) ListWorkloadSharesRequest(input *ListWorkloadSharesInput) (req *request.Request, output *ListWorkloadSharesOutput) { op := &request.Operation{ - Name: opUntagResource, - HTTPMethod: "DELETE", - HTTPPath: "/tags/{WorkloadArn}", + Name: opListWorkloadShares, + HTTPMethod: "GET", + HTTPPath: "/workloads/{WorkloadId}/shares", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &UntagResourceInput{} + input = &ListWorkloadSharesInput{} } - output = &UntagResourceOutput{} + output = &ListWorkloadSharesOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UntagResource API operation for AWS Well-Architected Tool. -// -// Deletes specified tags from a resource. -// -// The WorkloadArn parameter can be either a workload ARN or a custom lens ARN. -// -// To specify multiple tags, use separate tagKeys parameters, for example: +// ListWorkloadShares API operation for AWS Well-Architected Tool. // -// DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2 +// List the workload shares associated with the workload. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UntagResource for usage and error information. +// API operation ListWorkloadShares for usage and error information. // // Returned Error Types: // +// - ValidationException +// The user input is not valid. +// // - InternalServerException // There is a problem with the Well-Architected Tool API service. // // - ResourceNotFoundException // The requested resource was not found. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UntagResource -func (c *WellArchitected) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloadShares +func (c *WellArchitected) ListWorkloadShares(input *ListWorkloadSharesInput) (*ListWorkloadSharesOutput, error) { + req, out := c.ListWorkloadSharesRequest(input) return out, req.Send() } -// UntagResourceWithContext is the same as UntagResource with the addition of +// ListWorkloadSharesWithContext is the same as ListWorkloadShares with the addition of // the ability to pass a context and additional request options. // -// See UntagResource for details on how to use this API operation. +// See ListWorkloadShares for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +func (c *WellArchitected) ListWorkloadSharesWithContext(ctx aws.Context, input *ListWorkloadSharesInput, opts ...request.Option) (*ListWorkloadSharesOutput, error) { + req, out := c.ListWorkloadSharesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateAnswer = "UpdateAnswer" - -// UpdateAnswerRequest generates a "aws/request.Request" representing the -// client's request for the UpdateAnswer operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UpdateAnswer for more information on using the UpdateAnswer -// API call, and error handling. +// ListWorkloadSharesPages iterates over the pages of a ListWorkloadShares operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// See ListWorkloadShares method for more information on how to use this operation. // -// // Example sending a request using the UpdateAnswerRequest method. -// req, resp := client.UpdateAnswerRequest(params) +// Note: This operation can generate multiple requests to a service. // -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// // Example iterating over at most 3 pages of a ListWorkloadShares operation. +// pageNum := 0 +// err := client.ListWorkloadSharesPages(params, +// func(page *wellarchitected.ListWorkloadSharesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *WellArchitected) ListWorkloadSharesPages(input *ListWorkloadSharesInput, fn func(*ListWorkloadSharesOutput, bool) bool) error { + return c.ListWorkloadSharesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListWorkloadSharesPagesWithContext same as ListWorkloadSharesPages except +// it takes a Context and allows setting request options on the pages. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateAnswer -func (c *WellArchitected) UpdateAnswerRequest(input *UpdateAnswerInput) (req *request.Request, output *UpdateAnswerOutput) { +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) ListWorkloadSharesPagesWithContext(ctx aws.Context, input *ListWorkloadSharesInput, fn func(*ListWorkloadSharesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListWorkloadSharesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListWorkloadSharesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListWorkloadSharesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListWorkloads = "ListWorkloads" + +// ListWorkloadsRequest generates a "aws/request.Request" representing the +// client's request for the ListWorkloads operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListWorkloads for more information on using the ListWorkloads +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListWorkloadsRequest method. +// req, resp := client.ListWorkloadsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloads +func (c *WellArchitected) ListWorkloadsRequest(input *ListWorkloadsInput) (req *request.Request, output *ListWorkloadsOutput) { op := &request.Operation{ - Name: opUpdateAnswer, - HTTPMethod: "PATCH", - HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}/answers/{QuestionId}", + Name: opListWorkloads, + HTTPMethod: "POST", + HTTPPath: "/workloadsSummaries", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdateAnswerInput{} + input = &ListWorkloadsInput{} } - output = &UpdateAnswerOutput{} + output = &ListWorkloadsOutput{} req = c.newRequest(op, input, output) return } -// UpdateAnswer API operation for AWS Well-Architected Tool. +// ListWorkloads API operation for AWS Well-Architected Tool. // -// Update the answer to a specific question in a workload review. +// Paginated list of workloads. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateAnswer for usage and error information. +// API operation ListWorkloads for usage and error information. // // Returned Error Types: // // - ValidationException // The user input is not valid. // -// - ResourceNotFoundException -// The requested resource was not found. -// -// - ConflictException -// The resource has already been processed, was deleted, or is too large. -// // - InternalServerException // There is a problem with the Well-Architected Tool API service. // @@ -4268,372 +5149,408 @@ func (c *WellArchitected) UpdateAnswerRequest(input *UpdateAnswerInput) (req *re // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateAnswer -func (c *WellArchitected) UpdateAnswer(input *UpdateAnswerInput) (*UpdateAnswerOutput, error) { - req, out := c.UpdateAnswerRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/ListWorkloads +func (c *WellArchitected) ListWorkloads(input *ListWorkloadsInput) (*ListWorkloadsOutput, error) { + req, out := c.ListWorkloadsRequest(input) return out, req.Send() } -// UpdateAnswerWithContext is the same as UpdateAnswer with the addition of +// ListWorkloadsWithContext is the same as ListWorkloads with the addition of // the ability to pass a context and additional request options. // -// See UpdateAnswer for details on how to use this API operation. +// See ListWorkloads for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateAnswerWithContext(ctx aws.Context, input *UpdateAnswerInput, opts ...request.Option) (*UpdateAnswerOutput, error) { - req, out := c.UpdateAnswerRequest(input) +func (c *WellArchitected) ListWorkloadsWithContext(ctx aws.Context, input *ListWorkloadsInput, opts ...request.Option) (*ListWorkloadsOutput, error) { + req, out := c.ListWorkloadsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateGlobalSettings = "UpdateGlobalSettings" +// ListWorkloadsPages iterates over the pages of a ListWorkloads operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListWorkloads method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListWorkloads operation. +// pageNum := 0 +// err := client.ListWorkloadsPages(params, +// func(page *wellarchitected.ListWorkloadsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *WellArchitected) ListWorkloadsPages(input *ListWorkloadsInput, fn func(*ListWorkloadsOutput, bool) bool) error { + return c.ListWorkloadsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdateGlobalSettingsRequest generates a "aws/request.Request" representing the -// client's request for the UpdateGlobalSettings operation. The "output" return +// ListWorkloadsPagesWithContext same as ListWorkloadsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) ListWorkloadsPagesWithContext(ctx aws.Context, input *ListWorkloadsInput, fn func(*ListWorkloadsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListWorkloadsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListWorkloadsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListWorkloadsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateGlobalSettings for more information on using the UpdateGlobalSettings +// See TagResource for more information on using the TagResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateGlobalSettingsRequest method. -// req, resp := client.UpdateGlobalSettingsRequest(params) +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateGlobalSettings -func (c *WellArchitected) UpdateGlobalSettingsRequest(input *UpdateGlobalSettingsInput) (req *request.Request, output *UpdateGlobalSettingsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/TagResource +func (c *WellArchitected) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { op := &request.Operation{ - Name: opUpdateGlobalSettings, - HTTPMethod: "PATCH", - HTTPPath: "/global-settings", + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/tags/{WorkloadArn}", } if input == nil { - input = &UpdateGlobalSettingsInput{} + input = &TagResourceInput{} } - output = &UpdateGlobalSettingsOutput{} + output = &TagResourceOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateGlobalSettings API operation for AWS Well-Architected Tool. +// TagResource API operation for AWS Well-Architected Tool. // -// Updates whether the Amazon Web Services account is opted into organization -// sharing and discovery integration features. +// Adds one or more tags to the specified resource. +// +// The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a +// profile ARN. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateGlobalSettings for usage and error information. +// API operation TagResource for usage and error information. // // Returned Error Types: // -// - ValidationException -// The user input is not valid. -// -// - ConflictException -// The resource has already been processed, was deleted, or is too large. -// // - InternalServerException // There is a problem with the Well-Architected Tool API service. // -// - AccessDeniedException -// User does not have sufficient access to perform this action. -// -// - ThrottlingException -// Request was denied due to request throttling. +// - ResourceNotFoundException +// The requested resource was not found. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateGlobalSettings -func (c *WellArchitected) UpdateGlobalSettings(input *UpdateGlobalSettingsInput) (*UpdateGlobalSettingsOutput, error) { - req, out := c.UpdateGlobalSettingsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/TagResource +func (c *WellArchitected) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) return out, req.Send() } -// UpdateGlobalSettingsWithContext is the same as UpdateGlobalSettings with the addition of +// TagResourceWithContext is the same as TagResource with the addition of // the ability to pass a context and additional request options. // -// See UpdateGlobalSettings for details on how to use this API operation. +// See TagResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateGlobalSettingsWithContext(ctx aws.Context, input *UpdateGlobalSettingsInput, opts ...request.Option) (*UpdateGlobalSettingsOutput, error) { - req, out := c.UpdateGlobalSettingsRequest(input) +func (c *WellArchitected) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateLensReview = "UpdateLensReview" +const opUntagResource = "UntagResource" -// UpdateLensReviewRequest generates a "aws/request.Request" representing the -// client's request for the UpdateLensReview operation. The "output" return +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateLensReview for more information on using the UpdateLensReview +// See UntagResource for more information on using the UntagResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateLensReviewRequest method. -// req, resp := client.UpdateLensReviewRequest(params) +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateLensReview -func (c *WellArchitected) UpdateLensReviewRequest(input *UpdateLensReviewInput) (req *request.Request, output *UpdateLensReviewOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UntagResource +func (c *WellArchitected) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { op := &request.Operation{ - Name: opUpdateLensReview, - HTTPMethod: "PATCH", - HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}", + Name: opUntagResource, + HTTPMethod: "DELETE", + HTTPPath: "/tags/{WorkloadArn}", } if input == nil { - input = &UpdateLensReviewInput{} + input = &UntagResourceInput{} } - output = &UpdateLensReviewOutput{} + output = &UntagResourceOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateLensReview API operation for AWS Well-Architected Tool. +// UntagResource API operation for AWS Well-Architected Tool. // -// Update lens review for a particular workload. +// Deletes specified tags from a resource. +// +// The WorkloadArn parameter can be a workload ARN, a custom lens ARN, or a +// profile ARN. +// +// To specify multiple tags, use separate tagKeys parameters, for example: +// +// DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2 // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateLensReview for usage and error information. +// API operation UntagResource for usage and error information. // // Returned Error Types: // -// - ValidationException -// The user input is not valid. +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. // // - ResourceNotFoundException // The requested resource was not found. // -// - ConflictException -// The resource has already been processed, was deleted, or is too large. -// -// - InternalServerException -// There is a problem with the Well-Architected Tool API service. -// -// - AccessDeniedException -// User does not have sufficient access to perform this action. -// -// - ThrottlingException -// Request was denied due to request throttling. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateLensReview -func (c *WellArchitected) UpdateLensReview(input *UpdateLensReviewInput) (*UpdateLensReviewOutput, error) { - req, out := c.UpdateLensReviewRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UntagResource +func (c *WellArchitected) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) return out, req.Send() } -// UpdateLensReviewWithContext is the same as UpdateLensReview with the addition of +// UntagResourceWithContext is the same as UntagResource with the addition of // the ability to pass a context and additional request options. // -// See UpdateLensReview for details on how to use this API operation. +// See UntagResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateLensReviewWithContext(ctx aws.Context, input *UpdateLensReviewInput, opts ...request.Option) (*UpdateLensReviewOutput, error) { - req, out := c.UpdateLensReviewRequest(input) +func (c *WellArchitected) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateShareInvitation = "UpdateShareInvitation" +const opUpdateAnswer = "UpdateAnswer" -// UpdateShareInvitationRequest generates a "aws/request.Request" representing the -// client's request for the UpdateShareInvitation operation. The "output" return +// UpdateAnswerRequest generates a "aws/request.Request" representing the +// client's request for the UpdateAnswer operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateShareInvitation for more information on using the UpdateShareInvitation +// See UpdateAnswer for more information on using the UpdateAnswer // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateShareInvitationRequest method. -// req, resp := client.UpdateShareInvitationRequest(params) +// // Example sending a request using the UpdateAnswerRequest method. +// req, resp := client.UpdateAnswerRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateShareInvitation -func (c *WellArchitected) UpdateShareInvitationRequest(input *UpdateShareInvitationInput) (req *request.Request, output *UpdateShareInvitationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateAnswer +func (c *WellArchitected) UpdateAnswerRequest(input *UpdateAnswerInput) (req *request.Request, output *UpdateAnswerOutput) { op := &request.Operation{ - Name: opUpdateShareInvitation, + Name: opUpdateAnswer, HTTPMethod: "PATCH", - HTTPPath: "/shareInvitations/{ShareInvitationId}", + HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}/answers/{QuestionId}", } if input == nil { - input = &UpdateShareInvitationInput{} + input = &UpdateAnswerInput{} } - output = &UpdateShareInvitationOutput{} + output = &UpdateAnswerOutput{} req = c.newRequest(op, input, output) return } -// UpdateShareInvitation API operation for AWS Well-Architected Tool. -// -// Update a workload or custom lens share invitation. +// UpdateAnswer API operation for AWS Well-Architected Tool. // -// This API operation can be called independently of any resource. Previous -// documentation implied that a workload ARN must be specified. +// Update the answer to a specific question in a workload review. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateShareInvitation for usage and error information. +// API operation UpdateAnswer for usage and error information. // // Returned Error Types: // // - ValidationException // The user input is not valid. // -// - InternalServerException -// There is a problem with the Well-Architected Tool API service. -// // - ResourceNotFoundException // The requested resource was not found. // // - ConflictException // The resource has already been processed, was deleted, or is too large. // +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// // - AccessDeniedException // User does not have sufficient access to perform this action. // // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateShareInvitation -func (c *WellArchitected) UpdateShareInvitation(input *UpdateShareInvitationInput) (*UpdateShareInvitationOutput, error) { - req, out := c.UpdateShareInvitationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateAnswer +func (c *WellArchitected) UpdateAnswer(input *UpdateAnswerInput) (*UpdateAnswerOutput, error) { + req, out := c.UpdateAnswerRequest(input) return out, req.Send() } -// UpdateShareInvitationWithContext is the same as UpdateShareInvitation with the addition of +// UpdateAnswerWithContext is the same as UpdateAnswer with the addition of // the ability to pass a context and additional request options. // -// See UpdateShareInvitation for details on how to use this API operation. +// See UpdateAnswer for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateShareInvitationWithContext(ctx aws.Context, input *UpdateShareInvitationInput, opts ...request.Option) (*UpdateShareInvitationOutput, error) { - req, out := c.UpdateShareInvitationRequest(input) +func (c *WellArchitected) UpdateAnswerWithContext(ctx aws.Context, input *UpdateAnswerInput, opts ...request.Option) (*UpdateAnswerOutput, error) { + req, out := c.UpdateAnswerRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateWorkload = "UpdateWorkload" +const opUpdateGlobalSettings = "UpdateGlobalSettings" -// UpdateWorkloadRequest generates a "aws/request.Request" representing the -// client's request for the UpdateWorkload operation. The "output" return +// UpdateGlobalSettingsRequest generates a "aws/request.Request" representing the +// client's request for the UpdateGlobalSettings operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateWorkload for more information on using the UpdateWorkload +// See UpdateGlobalSettings for more information on using the UpdateGlobalSettings // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateWorkloadRequest method. -// req, resp := client.UpdateWorkloadRequest(params) +// // Example sending a request using the UpdateGlobalSettingsRequest method. +// req, resp := client.UpdateGlobalSettingsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkload -func (c *WellArchitected) UpdateWorkloadRequest(input *UpdateWorkloadInput) (req *request.Request, output *UpdateWorkloadOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateGlobalSettings +func (c *WellArchitected) UpdateGlobalSettingsRequest(input *UpdateGlobalSettingsInput) (req *request.Request, output *UpdateGlobalSettingsOutput) { op := &request.Operation{ - Name: opUpdateWorkload, + Name: opUpdateGlobalSettings, HTTPMethod: "PATCH", - HTTPPath: "/workloads/{WorkloadId}", + HTTPPath: "/global-settings", } if input == nil { - input = &UpdateWorkloadInput{} + input = &UpdateGlobalSettingsInput{} } - output = &UpdateWorkloadOutput{} + output = &UpdateGlobalSettingsOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateWorkload API operation for AWS Well-Architected Tool. +// UpdateGlobalSettings API operation for AWS Well-Architected Tool. // -// Update an existing workload. +// Updates whether the Amazon Web Services account is opted into organization +// sharing and discovery integration features. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateWorkload for usage and error information. +// API operation UpdateGlobalSettings for usage and error information. // // Returned Error Types: // // - ValidationException // The user input is not valid. // -// - ResourceNotFoundException -// The requested resource was not found. -// // - ConflictException // The resource has already been processed, was deleted, or is too large. // @@ -4646,174 +5563,173 @@ func (c *WellArchitected) UpdateWorkloadRequest(input *UpdateWorkloadInput) (req // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkload -func (c *WellArchitected) UpdateWorkload(input *UpdateWorkloadInput) (*UpdateWorkloadOutput, error) { - req, out := c.UpdateWorkloadRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateGlobalSettings +func (c *WellArchitected) UpdateGlobalSettings(input *UpdateGlobalSettingsInput) (*UpdateGlobalSettingsOutput, error) { + req, out := c.UpdateGlobalSettingsRequest(input) return out, req.Send() } -// UpdateWorkloadWithContext is the same as UpdateWorkload with the addition of +// UpdateGlobalSettingsWithContext is the same as UpdateGlobalSettings with the addition of // the ability to pass a context and additional request options. // -// See UpdateWorkload for details on how to use this API operation. +// See UpdateGlobalSettings for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateWorkloadWithContext(ctx aws.Context, input *UpdateWorkloadInput, opts ...request.Option) (*UpdateWorkloadOutput, error) { - req, out := c.UpdateWorkloadRequest(input) +func (c *WellArchitected) UpdateGlobalSettingsWithContext(ctx aws.Context, input *UpdateGlobalSettingsInput, opts ...request.Option) (*UpdateGlobalSettingsOutput, error) { + req, out := c.UpdateGlobalSettingsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateWorkloadShare = "UpdateWorkloadShare" +const opUpdateLensReview = "UpdateLensReview" -// UpdateWorkloadShareRequest generates a "aws/request.Request" representing the -// client's request for the UpdateWorkloadShare operation. The "output" return +// UpdateLensReviewRequest generates a "aws/request.Request" representing the +// client's request for the UpdateLensReview operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateWorkloadShare for more information on using the UpdateWorkloadShare +// See UpdateLensReview for more information on using the UpdateLensReview // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateWorkloadShareRequest method. -// req, resp := client.UpdateWorkloadShareRequest(params) +// // Example sending a request using the UpdateLensReviewRequest method. +// req, resp := client.UpdateLensReviewRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkloadShare -func (c *WellArchitected) UpdateWorkloadShareRequest(input *UpdateWorkloadShareInput) (req *request.Request, output *UpdateWorkloadShareOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateLensReview +func (c *WellArchitected) UpdateLensReviewRequest(input *UpdateLensReviewInput) (req *request.Request, output *UpdateLensReviewOutput) { op := &request.Operation{ - Name: opUpdateWorkloadShare, + Name: opUpdateLensReview, HTTPMethod: "PATCH", - HTTPPath: "/workloads/{WorkloadId}/shares/{ShareId}", + HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}", } if input == nil { - input = &UpdateWorkloadShareInput{} + input = &UpdateLensReviewInput{} } - output = &UpdateWorkloadShareOutput{} + output = &UpdateLensReviewOutput{} req = c.newRequest(op, input, output) return } -// UpdateWorkloadShare API operation for AWS Well-Architected Tool. +// UpdateLensReview API operation for AWS Well-Architected Tool. // -// Update a workload share. +// Update lens review for a particular workload. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpdateWorkloadShare for usage and error information. +// API operation UpdateLensReview for usage and error information. // // Returned Error Types: // // - ValidationException // The user input is not valid. // -// - InternalServerException -// There is a problem with the Well-Architected Tool API service. -// // - ResourceNotFoundException // The requested resource was not found. // // - ConflictException // The resource has already been processed, was deleted, or is too large. // +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// // - AccessDeniedException // User does not have sufficient access to perform this action. // // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkloadShare -func (c *WellArchitected) UpdateWorkloadShare(input *UpdateWorkloadShareInput) (*UpdateWorkloadShareOutput, error) { - req, out := c.UpdateWorkloadShareRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateLensReview +func (c *WellArchitected) UpdateLensReview(input *UpdateLensReviewInput) (*UpdateLensReviewOutput, error) { + req, out := c.UpdateLensReviewRequest(input) return out, req.Send() } -// UpdateWorkloadShareWithContext is the same as UpdateWorkloadShare with the addition of +// UpdateLensReviewWithContext is the same as UpdateLensReview with the addition of // the ability to pass a context and additional request options. // -// See UpdateWorkloadShare for details on how to use this API operation. +// See UpdateLensReview for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpdateWorkloadShareWithContext(ctx aws.Context, input *UpdateWorkloadShareInput, opts ...request.Option) (*UpdateWorkloadShareOutput, error) { - req, out := c.UpdateWorkloadShareRequest(input) +func (c *WellArchitected) UpdateLensReviewWithContext(ctx aws.Context, input *UpdateLensReviewInput, opts ...request.Option) (*UpdateLensReviewOutput, error) { + req, out := c.UpdateLensReviewRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpgradeLensReview = "UpgradeLensReview" +const opUpdateProfile = "UpdateProfile" -// UpgradeLensReviewRequest generates a "aws/request.Request" representing the -// client's request for the UpgradeLensReview operation. The "output" return +// UpdateProfileRequest generates a "aws/request.Request" representing the +// client's request for the UpdateProfile operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpgradeLensReview for more information on using the UpgradeLensReview +// See UpdateProfile for more information on using the UpdateProfile // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpgradeLensReviewRequest method. -// req, resp := client.UpgradeLensReviewRequest(params) +// // Example sending a request using the UpdateProfileRequest method. +// req, resp := client.UpdateProfileRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeLensReview -func (c *WellArchitected) UpgradeLensReviewRequest(input *UpgradeLensReviewInput) (req *request.Request, output *UpgradeLensReviewOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateProfile +func (c *WellArchitected) UpdateProfileRequest(input *UpdateProfileInput) (req *request.Request, output *UpdateProfileOutput) { op := &request.Operation{ - Name: opUpgradeLensReview, - HTTPMethod: "PUT", - HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}/upgrade", + Name: opUpdateProfile, + HTTPMethod: "PATCH", + HTTPPath: "/profiles/{ProfileArn}", } if input == nil { - input = &UpgradeLensReviewInput{} + input = &UpdateProfileInput{} } - output = &UpgradeLensReviewOutput{} + output = &UpdateProfileOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpgradeLensReview API operation for AWS Well-Architected Tool. +// UpdateProfile API operation for AWS Well-Architected Tool. // -// Upgrade lens review for a particular workload. +// Update a profile. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Well-Architected Tool's -// API operation UpgradeLensReview for usage and error information. +// API operation UpdateProfile for usage and error information. // // Returned Error Types: // @@ -4835,105 +5751,2594 @@ func (c *WellArchitected) UpgradeLensReviewRequest(input *UpgradeLensReviewInput // - ThrottlingException // Request was denied due to request throttling. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeLensReview -func (c *WellArchitected) UpgradeLensReview(input *UpgradeLensReviewInput) (*UpgradeLensReviewOutput, error) { - req, out := c.UpgradeLensReviewRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateProfile +func (c *WellArchitected) UpdateProfile(input *UpdateProfileInput) (*UpdateProfileOutput, error) { + req, out := c.UpdateProfileRequest(input) return out, req.Send() } -// UpgradeLensReviewWithContext is the same as UpgradeLensReview with the addition of +// UpdateProfileWithContext is the same as UpdateProfile with the addition of // the ability to pass a context and additional request options. // -// See UpgradeLensReview for details on how to use this API operation. +// See UpdateProfile for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *WellArchitected) UpgradeLensReviewWithContext(ctx aws.Context, input *UpgradeLensReviewInput, opts ...request.Option) (*UpgradeLensReviewOutput, error) { - req, out := c.UpgradeLensReviewRequest(input) +func (c *WellArchitected) UpdateProfileWithContext(ctx aws.Context, input *UpdateProfileInput, opts ...request.Option) (*UpdateProfileOutput, error) { + req, out := c.UpdateProfileRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// User does not have sufficient access to perform this action. -type AccessDeniedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Description of the error. - Message_ *string `locationName:"Message" type:"string"` -} +const opUpdateShareInvitation = "UpdateShareInvitation" -// String returns the string representation. +// UpdateShareInvitationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateShareInvitation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) GoString() string { - return s.String() -} +// See UpdateShareInvitation for more information on using the UpdateShareInvitation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateShareInvitationRequest method. +// req, resp := client.UpdateShareInvitationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateShareInvitation +func (c *WellArchitected) UpdateShareInvitationRequest(input *UpdateShareInvitationInput) (req *request.Request, output *UpdateShareInvitationOutput) { + op := &request.Operation{ + Name: opUpdateShareInvitation, + HTTPMethod: "PATCH", + HTTPPath: "/shareInvitations/{ShareInvitationId}", + } -func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { - return &AccessDeniedException{ - RespMetadata: v, + if input == nil { + input = &UpdateShareInvitationInput{} } -} -// Code returns the exception type name. + output = &UpdateShareInvitationOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateShareInvitation API operation for AWS Well-Architected Tool. +// +// Update a workload or custom lens share invitation. +// +// This API operation can be called independently of any resource. Previous +// documentation implied that a workload ARN must be specified. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation UpdateShareInvitation for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateShareInvitation +func (c *WellArchitected) UpdateShareInvitation(input *UpdateShareInvitationInput) (*UpdateShareInvitationOutput, error) { + req, out := c.UpdateShareInvitationRequest(input) + return out, req.Send() +} + +// UpdateShareInvitationWithContext is the same as UpdateShareInvitation with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateShareInvitation for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) UpdateShareInvitationWithContext(ctx aws.Context, input *UpdateShareInvitationInput, opts ...request.Option) (*UpdateShareInvitationOutput, error) { + req, out := c.UpdateShareInvitationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateWorkload = "UpdateWorkload" + +// UpdateWorkloadRequest generates a "aws/request.Request" representing the +// client's request for the UpdateWorkload operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateWorkload for more information on using the UpdateWorkload +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateWorkloadRequest method. +// req, resp := client.UpdateWorkloadRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkload +func (c *WellArchitected) UpdateWorkloadRequest(input *UpdateWorkloadInput) (req *request.Request, output *UpdateWorkloadOutput) { + op := &request.Operation{ + Name: opUpdateWorkload, + HTTPMethod: "PATCH", + HTTPPath: "/workloads/{WorkloadId}", + } + + if input == nil { + input = &UpdateWorkloadInput{} + } + + output = &UpdateWorkloadOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateWorkload API operation for AWS Well-Architected Tool. +// +// Update an existing workload. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation UpdateWorkload for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkload +func (c *WellArchitected) UpdateWorkload(input *UpdateWorkloadInput) (*UpdateWorkloadOutput, error) { + req, out := c.UpdateWorkloadRequest(input) + return out, req.Send() +} + +// UpdateWorkloadWithContext is the same as UpdateWorkload with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateWorkload for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) UpdateWorkloadWithContext(ctx aws.Context, input *UpdateWorkloadInput, opts ...request.Option) (*UpdateWorkloadOutput, error) { + req, out := c.UpdateWorkloadRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateWorkloadShare = "UpdateWorkloadShare" + +// UpdateWorkloadShareRequest generates a "aws/request.Request" representing the +// client's request for the UpdateWorkloadShare operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateWorkloadShare for more information on using the UpdateWorkloadShare +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateWorkloadShareRequest method. +// req, resp := client.UpdateWorkloadShareRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkloadShare +func (c *WellArchitected) UpdateWorkloadShareRequest(input *UpdateWorkloadShareInput) (req *request.Request, output *UpdateWorkloadShareOutput) { + op := &request.Operation{ + Name: opUpdateWorkloadShare, + HTTPMethod: "PATCH", + HTTPPath: "/workloads/{WorkloadId}/shares/{ShareId}", + } + + if input == nil { + input = &UpdateWorkloadShareInput{} + } + + output = &UpdateWorkloadShareOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateWorkloadShare API operation for AWS Well-Architected Tool. +// +// Update a workload share. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation UpdateWorkloadShare for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpdateWorkloadShare +func (c *WellArchitected) UpdateWorkloadShare(input *UpdateWorkloadShareInput) (*UpdateWorkloadShareOutput, error) { + req, out := c.UpdateWorkloadShareRequest(input) + return out, req.Send() +} + +// UpdateWorkloadShareWithContext is the same as UpdateWorkloadShare with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateWorkloadShare for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) UpdateWorkloadShareWithContext(ctx aws.Context, input *UpdateWorkloadShareInput, opts ...request.Option) (*UpdateWorkloadShareOutput, error) { + req, out := c.UpdateWorkloadShareRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpgradeLensReview = "UpgradeLensReview" + +// UpgradeLensReviewRequest generates a "aws/request.Request" representing the +// client's request for the UpgradeLensReview operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpgradeLensReview for more information on using the UpgradeLensReview +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpgradeLensReviewRequest method. +// req, resp := client.UpgradeLensReviewRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeLensReview +func (c *WellArchitected) UpgradeLensReviewRequest(input *UpgradeLensReviewInput) (req *request.Request, output *UpgradeLensReviewOutput) { + op := &request.Operation{ + Name: opUpgradeLensReview, + HTTPMethod: "PUT", + HTTPPath: "/workloads/{WorkloadId}/lensReviews/{LensAlias}/upgrade", + } + + if input == nil { + input = &UpgradeLensReviewInput{} + } + + output = &UpgradeLensReviewOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpgradeLensReview API operation for AWS Well-Architected Tool. +// +// Upgrade lens review for a particular workload. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation UpgradeLensReview for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeLensReview +func (c *WellArchitected) UpgradeLensReview(input *UpgradeLensReviewInput) (*UpgradeLensReviewOutput, error) { + req, out := c.UpgradeLensReviewRequest(input) + return out, req.Send() +} + +// UpgradeLensReviewWithContext is the same as UpgradeLensReview with the addition of +// the ability to pass a context and additional request options. +// +// See UpgradeLensReview for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) UpgradeLensReviewWithContext(ctx aws.Context, input *UpgradeLensReviewInput, opts ...request.Option) (*UpgradeLensReviewOutput, error) { + req, out := c.UpgradeLensReviewRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpgradeProfileVersion = "UpgradeProfileVersion" + +// UpgradeProfileVersionRequest generates a "aws/request.Request" representing the +// client's request for the UpgradeProfileVersion operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpgradeProfileVersion for more information on using the UpgradeProfileVersion +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpgradeProfileVersionRequest method. +// req, resp := client.UpgradeProfileVersionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeProfileVersion +func (c *WellArchitected) UpgradeProfileVersionRequest(input *UpgradeProfileVersionInput) (req *request.Request, output *UpgradeProfileVersionOutput) { + op := &request.Operation{ + Name: opUpgradeProfileVersion, + HTTPMethod: "PUT", + HTTPPath: "/workloads/{WorkloadId}/profiles/{ProfileArn}/upgrade", + } + + if input == nil { + input = &UpgradeProfileVersionInput{} + } + + output = &UpgradeProfileVersionOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpgradeProfileVersion API operation for AWS Well-Architected Tool. +// +// Upgrade a profile. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Well-Architected Tool's +// API operation UpgradeProfileVersion for usage and error information. +// +// Returned Error Types: +// +// - ValidationException +// The user input is not valid. +// +// - ResourceNotFoundException +// The requested resource was not found. +// +// - ConflictException +// The resource has already been processed, was deleted, or is too large. +// +// - InternalServerException +// There is a problem with the Well-Architected Tool API service. +// +// - AccessDeniedException +// User does not have sufficient access to perform this action. +// +// - ThrottlingException +// Request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/wellarchitected-2020-03-31/UpgradeProfileVersion +func (c *WellArchitected) UpgradeProfileVersion(input *UpgradeProfileVersionInput) (*UpgradeProfileVersionOutput, error) { + req, out := c.UpgradeProfileVersionRequest(input) + return out, req.Send() +} + +// UpgradeProfileVersionWithContext is the same as UpgradeProfileVersion with the addition of +// the ability to pass a context and additional request options. +// +// See UpgradeProfileVersion for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *WellArchitected) UpgradeProfileVersionWithContext(ctx aws.Context, input *UpgradeProfileVersionInput, opts ...request.Option) (*UpgradeProfileVersionOutput, error) { + req, out := c.UpgradeProfileVersionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// User does not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Description of the error. + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. func (s *AccessDeniedException) Code() string { return "AccessDeniedException" } -// Message returns the exception's message. -func (s *AccessDeniedException) Message() string { - if s.Message_ != nil { - return *s.Message_ +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The choice level additional resources for a custom lens. +// +// This field does not apply to Amazon Web Services official lenses. +type AdditionalResources struct { + _ struct{} `type:"structure"` + + // The URLs for additional resources, either helpful resources or improvement + // plans, for a custom lens. Up to five additional URLs can be specified. + Content []*ChoiceContent `type:"list"` + + // Type of additional resource for a custom lens. + Type *string `type:"string" enum:"AdditionalResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AdditionalResources) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AdditionalResources) GoString() string { + return s.String() +} + +// SetContent sets the Content field's value. +func (s *AdditionalResources) SetContent(v []*ChoiceContent) *AdditionalResources { + s.Content = v + return s +} + +// SetType sets the Type field's value. +func (s *AdditionalResources) SetType(v string) *AdditionalResources { + s.Type = &v + return s +} + +// An answer of the question. +type Answer struct { + _ struct{} `type:"structure"` + + // A list of selected choices to a question in your workload. + ChoiceAnswers []*ChoiceAnswer `type:"list"` + + // List of choices available for a question. + Choices []*Choice `type:"list"` + + // The helpful resource text to be displayed for a custom lens. + // + // This field does not apply to Amazon Web Services official lenses. + HelpfulResourceDisplayText *string `min:"1" type:"string"` + + // The helpful resource URL. + // + // For Amazon Web Services official lenses, this is the helpful resource URL + // for a question or choice. + // + // For custom lenses, this is the helpful resource URL for a question and is + // only provided if HelpfulResourceDisplayText was specified for the question. + HelpfulResourceUrl *string `min:"1" type:"string"` + + // The improvement plan URL for a question in an Amazon Web Services official + // lenses. + // + // This value is only available if the question has been answered. + // + // This value does not apply to custom lenses. + ImprovementPlanUrl *string `min:"1" type:"string"` + + // Defines whether this question is applicable to a lens review. + IsApplicable *bool `type:"boolean"` + + // The notes associated with the workload. + Notes *string `type:"string"` + + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` + + // The description of the question. + QuestionDescription *string `min:"1" type:"string"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // The title of the question. + QuestionTitle *string `min:"1" type:"string"` + + // The reason why the question is not applicable to your workload. + Reason *string `type:"string" enum:"AnswerReason"` + + // The risk for a given workload, lens review, pillar, or question. + Risk *string `type:"string" enum:"Risk"` + + // List of selected choice IDs in a question answer. + // + // The values entered replace the previously selected choices. + SelectedChoices []*string `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Answer) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Answer) GoString() string { + return s.String() +} + +// SetChoiceAnswers sets the ChoiceAnswers field's value. +func (s *Answer) SetChoiceAnswers(v []*ChoiceAnswer) *Answer { + s.ChoiceAnswers = v + return s +} + +// SetChoices sets the Choices field's value. +func (s *Answer) SetChoices(v []*Choice) *Answer { + s.Choices = v + return s +} + +// SetHelpfulResourceDisplayText sets the HelpfulResourceDisplayText field's value. +func (s *Answer) SetHelpfulResourceDisplayText(v string) *Answer { + s.HelpfulResourceDisplayText = &v + return s +} + +// SetHelpfulResourceUrl sets the HelpfulResourceUrl field's value. +func (s *Answer) SetHelpfulResourceUrl(v string) *Answer { + s.HelpfulResourceUrl = &v + return s +} + +// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. +func (s *Answer) SetImprovementPlanUrl(v string) *Answer { + s.ImprovementPlanUrl = &v + return s +} + +// SetIsApplicable sets the IsApplicable field's value. +func (s *Answer) SetIsApplicable(v bool) *Answer { + s.IsApplicable = &v + return s +} + +// SetNotes sets the Notes field's value. +func (s *Answer) SetNotes(v string) *Answer { + s.Notes = &v + return s +} + +// SetPillarId sets the PillarId field's value. +func (s *Answer) SetPillarId(v string) *Answer { + s.PillarId = &v + return s +} + +// SetQuestionDescription sets the QuestionDescription field's value. +func (s *Answer) SetQuestionDescription(v string) *Answer { + s.QuestionDescription = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *Answer) SetQuestionId(v string) *Answer { + s.QuestionId = &v + return s +} + +// SetQuestionTitle sets the QuestionTitle field's value. +func (s *Answer) SetQuestionTitle(v string) *Answer { + s.QuestionTitle = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *Answer) SetReason(v string) *Answer { + s.Reason = &v + return s +} + +// SetRisk sets the Risk field's value. +func (s *Answer) SetRisk(v string) *Answer { + s.Risk = &v + return s +} + +// SetSelectedChoices sets the SelectedChoices field's value. +func (s *Answer) SetSelectedChoices(v []*string) *Answer { + s.SelectedChoices = v + return s +} + +// An answer summary of a lens review in a workload. +type AnswerSummary struct { + _ struct{} `type:"structure"` + + // A list of selected choices to a question in your workload. + ChoiceAnswerSummaries []*ChoiceAnswerSummary `type:"list"` + + // List of choices available for a question. + Choices []*Choice `type:"list"` + + // Defines whether this question is applicable to a lens review. + IsApplicable *bool `type:"boolean"` + + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // The title of the question. + QuestionTitle *string `min:"1" type:"string"` + + // The type of the question. + QuestionType *string `type:"string" enum:"QuestionType"` + + // The reason why a choice is non-applicable to a question in your workload. + Reason *string `type:"string" enum:"AnswerReason"` + + // The risk for a given workload, lens review, pillar, or question. + Risk *string `type:"string" enum:"Risk"` + + // List of selected choice IDs in a question answer. + // + // The values entered replace the previously selected choices. + SelectedChoices []*string `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AnswerSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AnswerSummary) GoString() string { + return s.String() +} + +// SetChoiceAnswerSummaries sets the ChoiceAnswerSummaries field's value. +func (s *AnswerSummary) SetChoiceAnswerSummaries(v []*ChoiceAnswerSummary) *AnswerSummary { + s.ChoiceAnswerSummaries = v + return s +} + +// SetChoices sets the Choices field's value. +func (s *AnswerSummary) SetChoices(v []*Choice) *AnswerSummary { + s.Choices = v + return s +} + +// SetIsApplicable sets the IsApplicable field's value. +func (s *AnswerSummary) SetIsApplicable(v bool) *AnswerSummary { + s.IsApplicable = &v + return s +} + +// SetPillarId sets the PillarId field's value. +func (s *AnswerSummary) SetPillarId(v string) *AnswerSummary { + s.PillarId = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *AnswerSummary) SetQuestionId(v string) *AnswerSummary { + s.QuestionId = &v + return s +} + +// SetQuestionTitle sets the QuestionTitle field's value. +func (s *AnswerSummary) SetQuestionTitle(v string) *AnswerSummary { + s.QuestionTitle = &v + return s +} + +// SetQuestionType sets the QuestionType field's value. +func (s *AnswerSummary) SetQuestionType(v string) *AnswerSummary { + s.QuestionType = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *AnswerSummary) SetReason(v string) *AnswerSummary { + s.Reason = &v + return s +} + +// SetRisk sets the Risk field's value. +func (s *AnswerSummary) SetRisk(v string) *AnswerSummary { + s.Risk = &v + return s +} + +// SetSelectedChoices sets the SelectedChoices field's value. +func (s *AnswerSummary) SetSelectedChoices(v []*string) *AnswerSummary { + s.SelectedChoices = v + return s +} + +// Input to associate lens reviews. +type AssociateLensesInput struct { + _ struct{} `type:"structure"` + + // List of lens aliases to associate or disassociate with a workload. Up to + // 10 lenses can be specified. + // + // Identify a lens using its LensSummary$LensAlias. + // + // LensAliases is a required field + LensAliases []*string `min:"1" type:"list" required:"true"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLensesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLensesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateLensesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateLensesInput"} + if s.LensAliases == nil { + invalidParams.Add(request.NewErrParamRequired("LensAliases")) + } + if s.LensAliases != nil && len(s.LensAliases) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAliases", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLensAliases sets the LensAliases field's value. +func (s *AssociateLensesInput) SetLensAliases(v []*string) *AssociateLensesInput { + s.LensAliases = v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *AssociateLensesInput) SetWorkloadId(v string) *AssociateLensesInput { + s.WorkloadId = &v + return s +} + +type AssociateLensesOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLensesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLensesOutput) GoString() string { + return s.String() +} + +type AssociateProfilesInput struct { + _ struct{} `type:"structure"` + + // The list of profile ARNs to associate with the workload. + // + // ProfileArns is a required field + ProfileArns []*string `min:"1" type:"list" required:"true"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateProfilesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateProfilesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateProfilesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateProfilesInput"} + if s.ProfileArns == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArns")) + } + if s.ProfileArns != nil && len(s.ProfileArns) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArns", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetProfileArns sets the ProfileArns field's value. +func (s *AssociateProfilesInput) SetProfileArns(v []*string) *AssociateProfilesInput { + s.ProfileArns = v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *AssociateProfilesInput) SetWorkloadId(v string) *AssociateProfilesInput { + s.WorkloadId = &v + return s +} + +type AssociateProfilesOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateProfilesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateProfilesOutput) GoString() string { + return s.String() +} + +// A best practice, or question choice, that has been identified as a risk in +// this question. +type BestPractice struct { + _ struct{} `type:"structure"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // The title of a choice. + ChoiceTitle *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BestPractice) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BestPractice) GoString() string { + return s.String() +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *BestPractice) SetChoiceId(v string) *BestPractice { + s.ChoiceId = &v + return s +} + +// SetChoiceTitle sets the ChoiceTitle field's value. +func (s *BestPractice) SetChoiceTitle(v string) *BestPractice { + s.ChoiceTitle = &v + return s +} + +// Account details for a Well-Architected best practice in relation to Trusted +// Advisor checks. +type CheckDetail struct { + _ struct{} `type:"structure"` + + // An Amazon Web Services account ID. + AccountId *string `min:"12" type:"string"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // Trusted Advisor check description. + Description *string `type:"string"` + + // Count of flagged resources associated to the check. + FlaggedResources *int64 `min:"1" type:"integer"` + + // Trusted Advisor check ID. + Id *string `type:"string"` + + // Well-Architected Lens ARN associated to the check. + LensArn *string `type:"string"` + + // Trusted Advisor check name. + Name *string `type:"string"` + + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` + + // Provider of the check related to the best practice. + Provider *string `type:"string" enum:"CheckProvider"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // Reason associated to the check. + Reason *string `type:"string" enum:"CheckFailureReason"` + + // Status associated to the check. + Status *string `type:"string" enum:"CheckStatus"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CheckDetail) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CheckDetail) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *CheckDetail) SetAccountId(v string) *CheckDetail { + s.AccountId = &v + return s +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *CheckDetail) SetChoiceId(v string) *CheckDetail { + s.ChoiceId = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CheckDetail) SetDescription(v string) *CheckDetail { + s.Description = &v + return s +} + +// SetFlaggedResources sets the FlaggedResources field's value. +func (s *CheckDetail) SetFlaggedResources(v int64) *CheckDetail { + s.FlaggedResources = &v + return s +} + +// SetId sets the Id field's value. +func (s *CheckDetail) SetId(v string) *CheckDetail { + s.Id = &v + return s +} + +// SetLensArn sets the LensArn field's value. +func (s *CheckDetail) SetLensArn(v string) *CheckDetail { + s.LensArn = &v + return s +} + +// SetName sets the Name field's value. +func (s *CheckDetail) SetName(v string) *CheckDetail { + s.Name = &v + return s +} + +// SetPillarId sets the PillarId field's value. +func (s *CheckDetail) SetPillarId(v string) *CheckDetail { + s.PillarId = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *CheckDetail) SetProvider(v string) *CheckDetail { + s.Provider = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *CheckDetail) SetQuestionId(v string) *CheckDetail { + s.QuestionId = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *CheckDetail) SetReason(v string) *CheckDetail { + s.Reason = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *CheckDetail) SetStatus(v string) *CheckDetail { + s.Status = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *CheckDetail) SetUpdatedAt(v time.Time) *CheckDetail { + s.UpdatedAt = &v + return s +} + +// Trusted Advisor check summary. +type CheckSummary struct { + _ struct{} `type:"structure"` + + // Account summary associated to the check. + AccountSummary map[string]*int64 `type:"map"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // Trusted Advisor check description. + Description *string `type:"string"` + + // Trusted Advisor check ID. + Id *string `type:"string"` + + // Well-Architected Lens ARN associated to the check. + LensArn *string `type:"string"` + + // Trusted Advisor check name. + Name *string `type:"string"` + + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` + + // Provider of the check related to the best practice. + Provider *string `type:"string" enum:"CheckProvider"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // Status associated to the check. + Status *string `type:"string" enum:"CheckStatus"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CheckSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CheckSummary) GoString() string { + return s.String() +} + +// SetAccountSummary sets the AccountSummary field's value. +func (s *CheckSummary) SetAccountSummary(v map[string]*int64) *CheckSummary { + s.AccountSummary = v + return s +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *CheckSummary) SetChoiceId(v string) *CheckSummary { + s.ChoiceId = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CheckSummary) SetDescription(v string) *CheckSummary { + s.Description = &v + return s +} + +// SetId sets the Id field's value. +func (s *CheckSummary) SetId(v string) *CheckSummary { + s.Id = &v + return s +} + +// SetLensArn sets the LensArn field's value. +func (s *CheckSummary) SetLensArn(v string) *CheckSummary { + s.LensArn = &v + return s +} + +// SetName sets the Name field's value. +func (s *CheckSummary) SetName(v string) *CheckSummary { + s.Name = &v + return s +} + +// SetPillarId sets the PillarId field's value. +func (s *CheckSummary) SetPillarId(v string) *CheckSummary { + s.PillarId = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *CheckSummary) SetProvider(v string) *CheckSummary { + s.Provider = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *CheckSummary) SetQuestionId(v string) *CheckSummary { + s.QuestionId = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *CheckSummary) SetStatus(v string) *CheckSummary { + s.Status = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *CheckSummary) SetUpdatedAt(v time.Time) *CheckSummary { + s.UpdatedAt = &v + return s +} + +// A choice available to answer question. +type Choice struct { + _ struct{} `type:"structure"` + + // The additional resources for a choice in a custom lens. + // + // A choice can have up to two additional resources: one of type HELPFUL_RESOURCE, + // one of type IMPROVEMENT_PLAN, or both. + AdditionalResources []*AdditionalResources `type:"list"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // The description of a choice. + Description *string `min:"1" type:"string"` + + // The helpful resource (both text and URL) for a particular choice. + // + // This field only applies to custom lenses. Each choice can have only one helpful + // resource. + HelpfulResource *ChoiceContent `type:"structure"` + + // The improvement plan (both text and URL) for a particular choice. + // + // This field only applies to custom lenses. Each choice can have only one improvement + // plan. + ImprovementPlan *ChoiceContent `type:"structure"` + + // The title of a choice. + Title *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Choice) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Choice) GoString() string { + return s.String() +} + +// SetAdditionalResources sets the AdditionalResources field's value. +func (s *Choice) SetAdditionalResources(v []*AdditionalResources) *Choice { + s.AdditionalResources = v + return s +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *Choice) SetChoiceId(v string) *Choice { + s.ChoiceId = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Choice) SetDescription(v string) *Choice { + s.Description = &v + return s +} + +// SetHelpfulResource sets the HelpfulResource field's value. +func (s *Choice) SetHelpfulResource(v *ChoiceContent) *Choice { + s.HelpfulResource = v + return s +} + +// SetImprovementPlan sets the ImprovementPlan field's value. +func (s *Choice) SetImprovementPlan(v *ChoiceContent) *Choice { + s.ImprovementPlan = v + return s +} + +// SetTitle sets the Title field's value. +func (s *Choice) SetTitle(v string) *Choice { + s.Title = &v + return s +} + +// A choice that has been answered on a question in your workload. +type ChoiceAnswer struct { + _ struct{} `type:"structure"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // The notes associated with a choice. + Notes *string `type:"string"` + + // The reason why a choice is non-applicable to a question in your workload. + Reason *string `type:"string" enum:"ChoiceReason"` + + // The status of a choice. + Status *string `type:"string" enum:"ChoiceStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceAnswer) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceAnswer) GoString() string { + return s.String() +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *ChoiceAnswer) SetChoiceId(v string) *ChoiceAnswer { + s.ChoiceId = &v + return s +} + +// SetNotes sets the Notes field's value. +func (s *ChoiceAnswer) SetNotes(v string) *ChoiceAnswer { + s.Notes = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *ChoiceAnswer) SetReason(v string) *ChoiceAnswer { + s.Reason = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ChoiceAnswer) SetStatus(v string) *ChoiceAnswer { + s.Status = &v + return s +} + +// A choice summary that has been answered on a question in your workload. +type ChoiceAnswerSummary struct { + _ struct{} `type:"structure"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // The reason why a choice is non-applicable to a question in your workload. + Reason *string `type:"string" enum:"ChoiceReason"` + + // The status of a choice. + Status *string `type:"string" enum:"ChoiceStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceAnswerSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceAnswerSummary) GoString() string { + return s.String() +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *ChoiceAnswerSummary) SetChoiceId(v string) *ChoiceAnswerSummary { + s.ChoiceId = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *ChoiceAnswerSummary) SetReason(v string) *ChoiceAnswerSummary { + s.Reason = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ChoiceAnswerSummary) SetStatus(v string) *ChoiceAnswerSummary { + s.Status = &v + return s +} + +// The choice content. +type ChoiceContent struct { + _ struct{} `type:"structure"` + + // The display text for the choice content. + DisplayText *string `min:"1" type:"string"` + + // The URL for the choice content. + Url *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceContent) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceContent) GoString() string { + return s.String() +} + +// SetDisplayText sets the DisplayText field's value. +func (s *ChoiceContent) SetDisplayText(v string) *ChoiceContent { + s.DisplayText = &v + return s +} + +// SetUrl sets the Url field's value. +func (s *ChoiceContent) SetUrl(v string) *ChoiceContent { + s.Url = &v + return s +} + +// The choice level improvement plan. +type ChoiceImprovementPlan struct { + _ struct{} `type:"structure"` + + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` + + // The display text for the improvement plan. + DisplayText *string `min:"1" type:"string"` + + // The improvement plan URL for a question in an Amazon Web Services official + // lenses. + // + // This value is only available if the question has been answered. + // + // This value does not apply to custom lenses. + ImprovementPlanUrl *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceImprovementPlan) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceImprovementPlan) GoString() string { + return s.String() +} + +// SetChoiceId sets the ChoiceId field's value. +func (s *ChoiceImprovementPlan) SetChoiceId(v string) *ChoiceImprovementPlan { + s.ChoiceId = &v + return s +} + +// SetDisplayText sets the DisplayText field's value. +func (s *ChoiceImprovementPlan) SetDisplayText(v string) *ChoiceImprovementPlan { + s.DisplayText = &v + return s +} + +// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. +func (s *ChoiceImprovementPlan) SetImprovementPlanUrl(v string) *ChoiceImprovementPlan { + s.ImprovementPlanUrl = &v + return s +} + +// A list of choices to be updated. +type ChoiceUpdate struct { + _ struct{} `type:"structure"` + + // The notes associated with a choice. + Notes *string `type:"string"` + + // The reason why a choice is non-applicable to a question in your workload. + Reason *string `type:"string" enum:"ChoiceReason"` + + // The status of a choice. + // + // Status is a required field + Status *string `type:"string" required:"true" enum:"ChoiceStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceUpdate) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ChoiceUpdate) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ChoiceUpdate) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ChoiceUpdate"} + if s.Status == nil { + invalidParams.Add(request.NewErrParamRequired("Status")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetNotes sets the Notes field's value. +func (s *ChoiceUpdate) SetNotes(v string) *ChoiceUpdate { + s.Notes = &v + return s +} + +// SetReason sets the Reason field's value. +func (s *ChoiceUpdate) SetReason(v string) *ChoiceUpdate { + s.Reason = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ChoiceUpdate) SetStatus(v string) *ChoiceUpdate { + s.Status = &v + return s +} + +// The resource has already been processed, was deleted, or is too large. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Description of the error. + Message_ *string `locationName:"Message" type:"string"` + + // Identifier of the resource affected. + // + // ResourceId is a required field + ResourceId *string `type:"string" required:"true"` + + // Type of the resource affected. + // + // ResourceType is a required field + ResourceType *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A metric that contributes to the consolidated report. +type ConsolidatedReportMetric struct { + _ struct{} `type:"structure"` + + // The metrics for the lenses in the workload. + Lenses []*LensMetric `type:"list"` + + // The total number of lenses applied to the workload. + LensesAppliedCount *int64 `type:"integer"` + + // The metric type of a metric in the consolidated report. Currently only WORKLOAD + // metric types are supported. + MetricType *string `type:"string" enum:"MetricType"` + + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` + + // The ARN for the workload. + WorkloadArn *string `type:"string"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` + + // The name of the workload. + // + // The name must be unique within an account within an Amazon Web Services Region. + // Spaces and capitalization are ignored when checking for uniqueness. + WorkloadName *string `min:"3" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConsolidatedReportMetric) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConsolidatedReportMetric) GoString() string { + return s.String() +} + +// SetLenses sets the Lenses field's value. +func (s *ConsolidatedReportMetric) SetLenses(v []*LensMetric) *ConsolidatedReportMetric { + s.Lenses = v + return s +} + +// SetLensesAppliedCount sets the LensesAppliedCount field's value. +func (s *ConsolidatedReportMetric) SetLensesAppliedCount(v int64) *ConsolidatedReportMetric { + s.LensesAppliedCount = &v + return s +} + +// SetMetricType sets the MetricType field's value. +func (s *ConsolidatedReportMetric) SetMetricType(v string) *ConsolidatedReportMetric { + s.MetricType = &v + return s +} + +// SetRiskCounts sets the RiskCounts field's value. +func (s *ConsolidatedReportMetric) SetRiskCounts(v map[string]*int64) *ConsolidatedReportMetric { + s.RiskCounts = v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *ConsolidatedReportMetric) SetUpdatedAt(v time.Time) *ConsolidatedReportMetric { + s.UpdatedAt = &v + return s +} + +// SetWorkloadArn sets the WorkloadArn field's value. +func (s *ConsolidatedReportMetric) SetWorkloadArn(v string) *ConsolidatedReportMetric { + s.WorkloadArn = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *ConsolidatedReportMetric) SetWorkloadId(v string) *ConsolidatedReportMetric { + s.WorkloadId = &v + return s +} + +// SetWorkloadName sets the WorkloadName field's value. +func (s *ConsolidatedReportMetric) SetWorkloadName(v string) *ConsolidatedReportMetric { + s.WorkloadName = &v + return s +} + +type CreateLensShareInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload, lens, or profile is shared. + // + // SharedWith is a required field + SharedWith *string `min:"12" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensShareInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensShareInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLensShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLensShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.SharedWith == nil { + invalidParams.Add(request.NewErrParamRequired("SharedWith")) + } + if s.SharedWith != nil && len(*s.SharedWith) < 12 { + invalidParams.Add(request.NewErrParamMinLen("SharedWith", 12)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateLensShareInput) SetClientRequestToken(v string) *CreateLensShareInput { + s.ClientRequestToken = &v + return s +} + +// SetLensAlias sets the LensAlias field's value. +func (s *CreateLensShareInput) SetLensAlias(v string) *CreateLensShareInput { + s.LensAlias = &v + return s +} + +// SetSharedWith sets the SharedWith field's value. +func (s *CreateLensShareInput) SetSharedWith(v string) *CreateLensShareInput { + s.SharedWith = &v + return s +} + +type CreateLensShareOutput struct { + _ struct{} `type:"structure"` + + // The ID associated with the share. + ShareId *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensShareOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensShareOutput) GoString() string { + return s.String() +} + +// SetShareId sets the ShareId field's value. +func (s *CreateLensShareOutput) SetShareId(v string) *CreateLensShareOutput { + s.ShareId = &v + return s +} + +type CreateLensVersionInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // Set to true if this new major lens version. + IsMajorVersion *bool `type:"boolean"` + + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + + // The version of the lens being created. + // + // LensVersion is a required field + LensVersion *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensVersionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensVersionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLensVersionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLensVersionInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.LensVersion == nil { + invalidParams.Add(request.NewErrParamRequired("LensVersion")) + } + if s.LensVersion != nil && len(*s.LensVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensVersion", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateLensVersionInput) SetClientRequestToken(v string) *CreateLensVersionInput { + s.ClientRequestToken = &v + return s +} + +// SetIsMajorVersion sets the IsMajorVersion field's value. +func (s *CreateLensVersionInput) SetIsMajorVersion(v bool) *CreateLensVersionInput { + s.IsMajorVersion = &v + return s +} + +// SetLensAlias sets the LensAlias field's value. +func (s *CreateLensVersionInput) SetLensAlias(v string) *CreateLensVersionInput { + s.LensAlias = &v + return s +} + +// SetLensVersion sets the LensVersion field's value. +func (s *CreateLensVersionInput) SetLensVersion(v string) *CreateLensVersionInput { + s.LensVersion = &v + return s +} + +type CreateLensVersionOutput struct { + _ struct{} `type:"structure"` + + // The ARN for the lens. + LensArn *string `type:"string"` + + // The version of the lens. + LensVersion *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensVersionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLensVersionOutput) GoString() string { + return s.String() +} + +// SetLensArn sets the LensArn field's value. +func (s *CreateLensVersionOutput) SetLensArn(v string) *CreateLensVersionOutput { + s.LensArn = &v + return s +} + +// SetLensVersion sets the LensVersion field's value. +func (s *CreateLensVersionOutput) SetLensVersion(v string) *CreateLensVersionOutput { + s.LensVersion = &v + return s +} + +// Input for milestone creation. +type CreateMilestoneInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The name of the milestone in a workload. + // + // Milestone names must be unique within a workload. + // + // MilestoneName is a required field + MilestoneName *string `min:"3" type:"string" required:"true"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateMilestoneInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateMilestoneInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateMilestoneInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateMilestoneInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.MilestoneName == nil { + invalidParams.Add(request.NewErrParamRequired("MilestoneName")) + } + if s.MilestoneName != nil && len(*s.MilestoneName) < 3 { + invalidParams.Add(request.NewErrParamMinLen("MilestoneName", 3)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateMilestoneInput) SetClientRequestToken(v string) *CreateMilestoneInput { + s.ClientRequestToken = &v + return s +} + +// SetMilestoneName sets the MilestoneName field's value. +func (s *CreateMilestoneInput) SetMilestoneName(v string) *CreateMilestoneInput { + s.MilestoneName = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *CreateMilestoneInput) SetWorkloadId(v string) *CreateMilestoneInput { + s.WorkloadId = &v + return s +} + +// Output of a create milestone call. +type CreateMilestoneOutput struct { + _ struct{} `type:"structure"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateMilestoneOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateMilestoneOutput) GoString() string { + return s.String() +} + +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *CreateMilestoneOutput) SetMilestoneNumber(v int64) *CreateMilestoneOutput { + s.MilestoneNumber = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *CreateMilestoneOutput) SetWorkloadId(v string) *CreateMilestoneOutput { + s.WorkloadId = &v + return s +} + +type CreateProfileInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The profile description. + // + // ProfileDescription is a required field + ProfileDescription *string `min:"3" type:"string" required:"true"` + + // Name of the profile. + // + // ProfileName is a required field + ProfileName *string `min:"3" type:"string" required:"true"` + + // The profile questions. + // + // ProfileQuestions is a required field + ProfileQuestions []*ProfileQuestionUpdate `type:"list" required:"true"` + + // The tags assigned to the profile. + Tags map[string]*string `min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateProfileInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.ProfileDescription == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileDescription")) + } + if s.ProfileDescription != nil && len(*s.ProfileDescription) < 3 { + invalidParams.Add(request.NewErrParamMinLen("ProfileDescription", 3)) + } + if s.ProfileName == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileName")) + } + if s.ProfileName != nil && len(*s.ProfileName) < 3 { + invalidParams.Add(request.NewErrParamMinLen("ProfileName", 3)) + } + if s.ProfileQuestions == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileQuestions")) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.ProfileQuestions != nil { + for i, v := range s.ProfileQuestions { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProfileQuestions", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateProfileInput) SetClientRequestToken(v string) *CreateProfileInput { + s.ClientRequestToken = &v + return s +} + +// SetProfileDescription sets the ProfileDescription field's value. +func (s *CreateProfileInput) SetProfileDescription(v string) *CreateProfileInput { + s.ProfileDescription = &v + return s +} + +// SetProfileName sets the ProfileName field's value. +func (s *CreateProfileInput) SetProfileName(v string) *CreateProfileInput { + s.ProfileName = &v + return s +} + +// SetProfileQuestions sets the ProfileQuestions field's value. +func (s *CreateProfileInput) SetProfileQuestions(v []*ProfileQuestionUpdate) *CreateProfileInput { + s.ProfileQuestions = v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateProfileInput) SetTags(v map[string]*string) *CreateProfileInput { + s.Tags = v + return s +} + +type CreateProfileOutput struct { + _ struct{} `type:"structure"` + + // The profile ARN. + ProfileArn *string `type:"string"` + + // Version of the profile. + ProfileVersion *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileOutput) GoString() string { + return s.String() +} + +// SetProfileArn sets the ProfileArn field's value. +func (s *CreateProfileOutput) SetProfileArn(v string) *CreateProfileOutput { + s.ProfileArn = &v + return s +} + +// SetProfileVersion sets the ProfileVersion field's value. +func (s *CreateProfileOutput) SetProfileVersion(v string) *CreateProfileOutput { + s.ProfileVersion = &v + return s +} + +type CreateProfileShareInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The profile ARN. + // + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` + + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload, lens, or profile is shared. + // + // SharedWith is a required field + SharedWith *string `min:"12" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileShareInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateProfileShareInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateProfileShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateProfileShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) + } + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) + } + if s.SharedWith == nil { + invalidParams.Add(request.NewErrParamRequired("SharedWith")) + } + if s.SharedWith != nil && len(*s.SharedWith) < 12 { + invalidParams.Add(request.NewErrParamMinLen("SharedWith", 12)) } - return "" -} -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *AccessDeniedException) OrigErr() error { + if invalidParams.Len() > 0 { + return invalidParams + } return nil } -func (s *AccessDeniedException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateProfileShareInput) SetClientRequestToken(v string) *CreateProfileShareInput { + s.ClientRequestToken = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *AccessDeniedException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetProfileArn sets the ProfileArn field's value. +func (s *CreateProfileShareInput) SetProfileArn(v string) *CreateProfileShareInput { + s.ProfileArn = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *AccessDeniedException) RequestID() string { - return s.RespMetadata.RequestID +// SetSharedWith sets the SharedWith field's value. +func (s *CreateProfileShareInput) SetSharedWith(v string) *CreateProfileShareInput { + s.SharedWith = &v + return s } -// The choice level additional resources for a custom lens. -// -// This field does not apply to Amazon Web Services official lenses. -type AdditionalResources struct { +type CreateProfileShareOutput struct { _ struct{} `type:"structure"` - // The URLs for additional resources, either helpful resources or improvement - // plans, for a custom lens. Up to five additional URLs can be specified. - Content []*ChoiceContent `type:"list"` + // The profile ARN. + ProfileArn *string `type:"string"` - // Type of additional resource for a custom lens. - Type *string `type:"string" enum:"AdditionalResourceType"` + // The ID associated with the share. + ShareId *string `type:"string"` } // String returns the string representation. @@ -4941,7 +8346,7 @@ type AdditionalResources struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AdditionalResources) String() string { +func (s CreateProfileShareOutput) String() string { return awsutil.Prettify(s) } @@ -4950,84 +8355,161 @@ func (s AdditionalResources) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AdditionalResources) GoString() string { +func (s CreateProfileShareOutput) GoString() string { return s.String() } -// SetContent sets the Content field's value. -func (s *AdditionalResources) SetContent(v []*ChoiceContent) *AdditionalResources { - s.Content = v +// SetProfileArn sets the ProfileArn field's value. +func (s *CreateProfileShareOutput) SetProfileArn(v string) *CreateProfileShareOutput { + s.ProfileArn = &v return s } -// SetType sets the Type field's value. -func (s *AdditionalResources) SetType(v string) *AdditionalResources { - s.Type = &v +// SetShareId sets the ShareId field's value. +func (s *CreateProfileShareOutput) SetShareId(v string) *CreateProfileShareOutput { + s.ShareId = &v return s } -// An answer of the question. -type Answer struct { +// Input for workload creation. +type CreateWorkloadInput struct { _ struct{} `type:"structure"` - // A list of selected choices to a question in your workload. - ChoiceAnswers []*ChoiceAnswer `type:"list"` + // The list of Amazon Web Services account IDs associated with the workload. + AccountIds []*string `type:"list"` - // List of choices available for a question. - Choices []*Choice `type:"list"` + // List of AppRegistry application ARNs associated to the workload. + Applications []*string `type:"list"` - // The helpful resource text to be displayed for a custom lens. - // - // This field does not apply to Amazon Web Services official lenses. - HelpfulResourceDisplayText *string `min:"1" type:"string"` + // The URL of the architectural design for the workload. + ArchitecturalDesign *string `type:"string"` - // The helpful resource URL. + // The list of Amazon Web Services Regions associated with the workload, for + // example, us-east-2, or ca-central-1. + AwsRegions []*string `type:"list"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // For Amazon Web Services official lenses, this is the helpful resource URL - // for a question or choice. + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. // - // For custom lenses, this is the helpful resource URL for a question and is - // only provided if HelpfulResourceDisplayText was specified for the question. - HelpfulResourceUrl *string `min:"1" type:"string"` + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` - // The improvement plan URL for a question in an Amazon Web Services official - // lenses. + // The description for the workload. // - // This value is only available if the question has been answered. + // Description is a required field + Description *string `min:"3" type:"string" required:"true"` + + // Well-Architected discovery configuration settings associated to the workload. + DiscoveryConfig *WorkloadDiscoveryConfig `type:"structure"` + + // The environment for the workload. // - // This value does not apply to custom lenses. - ImprovementPlanUrl *string `min:"1" type:"string"` + // Environment is a required field + Environment *string `type:"string" required:"true" enum:"WorkloadEnvironment"` - // Defines whether this question is applicable to a lens review. - IsApplicable *bool `type:"boolean"` + // The industry for the workload. + Industry *string `type:"string"` - // The notes associated with the workload. - Notes *string `type:"string"` + // The industry type for the workload. + // + // If specified, must be one of the following: + // + // * Agriculture + // + // * Automobile + // + // * Defense + // + // * Design and Engineering + // + // * Digital Advertising + // + // * Education + // + // * Environmental Protection + // + // * Financial Services + // + // * Gaming + // + // * General Public Services + // + // * Healthcare + // + // * Hospitality + // + // * InfoTech + // + // * Justice and Public Safety + // + // * Life Sciences + // + // * Manufacturing + // + // * Media & Entertainment + // + // * Mining & Resources + // + // * Oil & Gas + // + // * Power & Utilities + // + // * Professional Services + // + // * Real Estate & Construction + // + // * Retail & Wholesale + // + // * Social Protection + // + // * Telecommunications + // + // * Travel, Transportation & Logistics + // + // * Other + IndustryType *string `type:"string"` - // The ID used to identify a pillar, for example, security. + // The list of lenses associated with the workload. Each lens is identified + // by its LensSummary$LensAlias. // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` + // Lenses is a required field + Lenses []*string `type:"list" required:"true"` - // The description of the question. - QuestionDescription *string `min:"1" type:"string"` + // The list of non-Amazon Web Services Regions associated with the workload. + NonAwsRegions []*string `type:"list"` - // The ID of the question. - QuestionId *string `min:"1" type:"string"` + // The notes associated with the workload. + Notes *string `type:"string"` - // The title of the question. - QuestionTitle *string `min:"1" type:"string"` + // The priorities of the pillars, which are used to order items in the improvement + // plan. Each pillar is represented by its PillarReviewSummary$PillarId. + PillarPriorities []*string `type:"list"` - // The reason why the question is not applicable to your workload. - Reason *string `type:"string" enum:"AnswerReason"` + // The list of profile ARNs associated with the workload. + ProfileArns []*string `type:"list"` - // The risk for a given workload, lens review, pillar, or question. - Risk *string `type:"string" enum:"Risk"` + // The review owner of the workload. The name, email address, or identifier + // for the primary group or individual that owns the workload review process. + ReviewOwner *string `min:"3" type:"string"` - // List of selected choice IDs in a question answer. + // The tags to be associated with the workload. + Tags map[string]*string `min:"1" type:"map"` + + // The name of the workload. // - // The values entered replace the previously selected choices. - SelectedChoices []*string `type:"list"` + // The name must be unique within an account within an Amazon Web Services Region. + // Spaces and capitalization are ignored when checking for uniqueness. + // + // WorkloadName is a required field + WorkloadName *string `min:"3" type:"string" required:"true"` } // String returns the string representation. @@ -5035,7 +8517,7 @@ type Answer struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Answer) String() string { +func (s CreateWorkloadInput) String() string { return awsutil.Prettify(s) } @@ -5044,128 +8526,165 @@ func (s Answer) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Answer) GoString() string { +func (s CreateWorkloadInput) GoString() string { return s.String() } -// SetChoiceAnswers sets the ChoiceAnswers field's value. -func (s *Answer) SetChoiceAnswers(v []*ChoiceAnswer) *Answer { - s.ChoiceAnswers = v +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateWorkloadInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkloadInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.Description == nil { + invalidParams.Add(request.NewErrParamRequired("Description")) + } + if s.Description != nil && len(*s.Description) < 3 { + invalidParams.Add(request.NewErrParamMinLen("Description", 3)) + } + if s.Environment == nil { + invalidParams.Add(request.NewErrParamRequired("Environment")) + } + if s.Lenses == nil { + invalidParams.Add(request.NewErrParamRequired("Lenses")) + } + if s.ReviewOwner != nil && len(*s.ReviewOwner) < 3 { + invalidParams.Add(request.NewErrParamMinLen("ReviewOwner", 3)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.WorkloadName == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadName")) + } + if s.WorkloadName != nil && len(*s.WorkloadName) < 3 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadName", 3)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccountIds sets the AccountIds field's value. +func (s *CreateWorkloadInput) SetAccountIds(v []*string) *CreateWorkloadInput { + s.AccountIds = v + return s +} + +// SetApplications sets the Applications field's value. +func (s *CreateWorkloadInput) SetApplications(v []*string) *CreateWorkloadInput { + s.Applications = v + return s +} + +// SetArchitecturalDesign sets the ArchitecturalDesign field's value. +func (s *CreateWorkloadInput) SetArchitecturalDesign(v string) *CreateWorkloadInput { + s.ArchitecturalDesign = &v + return s +} + +// SetAwsRegions sets the AwsRegions field's value. +func (s *CreateWorkloadInput) SetAwsRegions(v []*string) *CreateWorkloadInput { + s.AwsRegions = v return s } -// SetChoices sets the Choices field's value. -func (s *Answer) SetChoices(v []*Choice) *Answer { - s.Choices = v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateWorkloadInput) SetClientRequestToken(v string) *CreateWorkloadInput { + s.ClientRequestToken = &v return s } -// SetHelpfulResourceDisplayText sets the HelpfulResourceDisplayText field's value. -func (s *Answer) SetHelpfulResourceDisplayText(v string) *Answer { - s.HelpfulResourceDisplayText = &v +// SetDescription sets the Description field's value. +func (s *CreateWorkloadInput) SetDescription(v string) *CreateWorkloadInput { + s.Description = &v return s } -// SetHelpfulResourceUrl sets the HelpfulResourceUrl field's value. -func (s *Answer) SetHelpfulResourceUrl(v string) *Answer { - s.HelpfulResourceUrl = &v +// SetDiscoveryConfig sets the DiscoveryConfig field's value. +func (s *CreateWorkloadInput) SetDiscoveryConfig(v *WorkloadDiscoveryConfig) *CreateWorkloadInput { + s.DiscoveryConfig = v return s } -// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. -func (s *Answer) SetImprovementPlanUrl(v string) *Answer { - s.ImprovementPlanUrl = &v +// SetEnvironment sets the Environment field's value. +func (s *CreateWorkloadInput) SetEnvironment(v string) *CreateWorkloadInput { + s.Environment = &v return s } -// SetIsApplicable sets the IsApplicable field's value. -func (s *Answer) SetIsApplicable(v bool) *Answer { - s.IsApplicable = &v +// SetIndustry sets the Industry field's value. +func (s *CreateWorkloadInput) SetIndustry(v string) *CreateWorkloadInput { + s.Industry = &v return s } -// SetNotes sets the Notes field's value. -func (s *Answer) SetNotes(v string) *Answer { - s.Notes = &v +// SetIndustryType sets the IndustryType field's value. +func (s *CreateWorkloadInput) SetIndustryType(v string) *CreateWorkloadInput { + s.IndustryType = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *Answer) SetPillarId(v string) *Answer { - s.PillarId = &v +// SetLenses sets the Lenses field's value. +func (s *CreateWorkloadInput) SetLenses(v []*string) *CreateWorkloadInput { + s.Lenses = v return s } -// SetQuestionDescription sets the QuestionDescription field's value. -func (s *Answer) SetQuestionDescription(v string) *Answer { - s.QuestionDescription = &v +// SetNonAwsRegions sets the NonAwsRegions field's value. +func (s *CreateWorkloadInput) SetNonAwsRegions(v []*string) *CreateWorkloadInput { + s.NonAwsRegions = v return s } -// SetQuestionId sets the QuestionId field's value. -func (s *Answer) SetQuestionId(v string) *Answer { - s.QuestionId = &v +// SetNotes sets the Notes field's value. +func (s *CreateWorkloadInput) SetNotes(v string) *CreateWorkloadInput { + s.Notes = &v return s } -// SetQuestionTitle sets the QuestionTitle field's value. -func (s *Answer) SetQuestionTitle(v string) *Answer { - s.QuestionTitle = &v +// SetPillarPriorities sets the PillarPriorities field's value. +func (s *CreateWorkloadInput) SetPillarPriorities(v []*string) *CreateWorkloadInput { + s.PillarPriorities = v return s } -// SetReason sets the Reason field's value. -func (s *Answer) SetReason(v string) *Answer { - s.Reason = &v +// SetProfileArns sets the ProfileArns field's value. +func (s *CreateWorkloadInput) SetProfileArns(v []*string) *CreateWorkloadInput { + s.ProfileArns = v return s } -// SetRisk sets the Risk field's value. -func (s *Answer) SetRisk(v string) *Answer { - s.Risk = &v +// SetReviewOwner sets the ReviewOwner field's value. +func (s *CreateWorkloadInput) SetReviewOwner(v string) *CreateWorkloadInput { + s.ReviewOwner = &v return s } -// SetSelectedChoices sets the SelectedChoices field's value. -func (s *Answer) SetSelectedChoices(v []*string) *Answer { - s.SelectedChoices = v +// SetTags sets the Tags field's value. +func (s *CreateWorkloadInput) SetTags(v map[string]*string) *CreateWorkloadInput { + s.Tags = v return s } -// An answer summary of a lens review in a workload. -type AnswerSummary struct { - _ struct{} `type:"structure"` - - // A list of selected choices to a question in your workload. - ChoiceAnswerSummaries []*ChoiceAnswerSummary `type:"list"` - - // List of choices available for a question. - Choices []*Choice `type:"list"` - - // Defines whether this question is applicable to a lens review. - IsApplicable *bool `type:"boolean"` - - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` - - // The ID of the question. - QuestionId *string `min:"1" type:"string"` - - // The title of the question. - QuestionTitle *string `min:"1" type:"string"` +// SetWorkloadName sets the WorkloadName field's value. +func (s *CreateWorkloadInput) SetWorkloadName(v string) *CreateWorkloadInput { + s.WorkloadName = &v + return s +} - // The reason why a choice is non-applicable to a question in your workload. - Reason *string `type:"string" enum:"AnswerReason"` +// Output of a create workload call. +type CreateWorkloadOutput struct { + _ struct{} `type:"structure"` - // The risk for a given workload, lens review, pillar, or question. - Risk *string `type:"string" enum:"Risk"` + // The ARN for the workload. + WorkloadArn *string `type:"string"` - // List of selected choice IDs in a question answer. - // - // The values entered replace the previously selected choices. - SelectedChoices []*string `type:"list"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -5173,7 +8692,7 @@ type AnswerSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AnswerSummary) String() string { +func (s CreateWorkloadOutput) String() string { return awsutil.Prettify(s) } @@ -5182,81 +8701,56 @@ func (s AnswerSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AnswerSummary) GoString() string { +func (s CreateWorkloadOutput) GoString() string { return s.String() } -// SetChoiceAnswerSummaries sets the ChoiceAnswerSummaries field's value. -func (s *AnswerSummary) SetChoiceAnswerSummaries(v []*ChoiceAnswerSummary) *AnswerSummary { - s.ChoiceAnswerSummaries = v - return s -} - -// SetChoices sets the Choices field's value. -func (s *AnswerSummary) SetChoices(v []*Choice) *AnswerSummary { - s.Choices = v - return s -} - -// SetIsApplicable sets the IsApplicable field's value. -func (s *AnswerSummary) SetIsApplicable(v bool) *AnswerSummary { - s.IsApplicable = &v - return s -} - -// SetPillarId sets the PillarId field's value. -func (s *AnswerSummary) SetPillarId(v string) *AnswerSummary { - s.PillarId = &v - return s -} - -// SetQuestionId sets the QuestionId field's value. -func (s *AnswerSummary) SetQuestionId(v string) *AnswerSummary { - s.QuestionId = &v - return s -} - -// SetQuestionTitle sets the QuestionTitle field's value. -func (s *AnswerSummary) SetQuestionTitle(v string) *AnswerSummary { - s.QuestionTitle = &v - return s -} - -// SetReason sets the Reason field's value. -func (s *AnswerSummary) SetReason(v string) *AnswerSummary { - s.Reason = &v - return s -} - -// SetRisk sets the Risk field's value. -func (s *AnswerSummary) SetRisk(v string) *AnswerSummary { - s.Risk = &v +// SetWorkloadArn sets the WorkloadArn field's value. +func (s *CreateWorkloadOutput) SetWorkloadArn(v string) *CreateWorkloadOutput { + s.WorkloadArn = &v return s } -// SetSelectedChoices sets the SelectedChoices field's value. -func (s *AnswerSummary) SetSelectedChoices(v []*string) *AnswerSummary { - s.SelectedChoices = v +// SetWorkloadId sets the WorkloadId field's value. +func (s *CreateWorkloadOutput) SetWorkloadId(v string) *CreateWorkloadOutput { + s.WorkloadId = &v return s } -// Input to associate lens reviews. -type AssociateLensesInput struct { +// Input for Create Workload Share +type CreateWorkloadShareInput struct { _ struct{} `type:"structure"` - // List of lens aliases to associate or disassociate with a workload. Up to - // 10 lenses can be specified. + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // Identify a lens using its LensSummary$LensAlias. + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. // - // LensAliases is a required field - LensAliases []*string `min:"1" type:"list" required:"true"` + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // Permission granted on a share request. + // + // PermissionType is a required field + PermissionType *string `type:"string" required:"true" enum:"PermissionType"` + + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload, lens, or profile is shared. + // + // SharedWith is a required field + SharedWith *string `min:"12" type:"string" required:"true"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -5264,7 +8758,7 @@ type AssociateLensesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateLensesInput) String() string { +func (s CreateWorkloadShareInput) String() string { return awsutil.Prettify(s) } @@ -5273,24 +8767,30 @@ func (s AssociateLensesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateLensesInput) GoString() string { +func (s CreateWorkloadShareInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *AssociateLensesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssociateLensesInput"} - if s.LensAliases == nil { - invalidParams.Add(request.NewErrParamRequired("LensAliases")) +func (s *CreateWorkloadShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkloadShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) } - if s.LensAliases != nil && len(s.LensAliases) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAliases", 1)) + if s.PermissionType == nil { + invalidParams.Add(request.NewErrParamRequired("PermissionType")) + } + if s.SharedWith == nil { + invalidParams.Add(request.NewErrParamRequired("SharedWith")) + } + if s.SharedWith != nil && len(*s.SharedWith) < 12 { + invalidParams.Add(request.NewErrParamMinLen("SharedWith", 12)) } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -5299,50 +8799,40 @@ func (s *AssociateLensesInput) Validate() error { return nil } -// SetLensAliases sets the LensAliases field's value. -func (s *AssociateLensesInput) SetLensAliases(v []*string) *AssociateLensesInput { - s.LensAliases = v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CreateWorkloadShareInput) SetClientRequestToken(v string) *CreateWorkloadShareInput { + s.ClientRequestToken = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *AssociateLensesInput) SetWorkloadId(v string) *AssociateLensesInput { - s.WorkloadId = &v +// SetPermissionType sets the PermissionType field's value. +func (s *CreateWorkloadShareInput) SetPermissionType(v string) *CreateWorkloadShareInput { + s.PermissionType = &v return s } -type AssociateLensesOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateLensesOutput) String() string { - return awsutil.Prettify(s) +// SetSharedWith sets the SharedWith field's value. +func (s *CreateWorkloadShareInput) SetSharedWith(v string) *CreateWorkloadShareInput { + s.SharedWith = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateLensesOutput) GoString() string { - return s.String() +// SetWorkloadId sets the WorkloadId field's value. +func (s *CreateWorkloadShareInput) SetWorkloadId(v string) *CreateWorkloadShareInput { + s.WorkloadId = &v + return s } -// A best practice, or question choice, that has been identified as a risk in -// this question. -type BestPractice struct { +// Input for Create Workload Share +type CreateWorkloadShareOutput struct { _ struct{} `type:"structure"` - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` + // The ID associated with the share. + ShareId *string `type:"string"` - // The title of a choice. - ChoiceTitle *string `min:"1" type:"string"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -5350,7 +8840,7 @@ type BestPractice struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s BestPractice) String() string { +func (s CreateWorkloadShareOutput) String() string { return awsutil.Prettify(s) } @@ -5359,67 +8849,57 @@ func (s BestPractice) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s BestPractice) GoString() string { +func (s CreateWorkloadShareOutput) GoString() string { return s.String() } -// SetChoiceId sets the ChoiceId field's value. -func (s *BestPractice) SetChoiceId(v string) *BestPractice { - s.ChoiceId = &v +// SetShareId sets the ShareId field's value. +func (s *CreateWorkloadShareOutput) SetShareId(v string) *CreateWorkloadShareOutput { + s.ShareId = &v return s } -// SetChoiceTitle sets the ChoiceTitle field's value. -func (s *BestPractice) SetChoiceTitle(v string) *BestPractice { - s.ChoiceTitle = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *CreateWorkloadShareOutput) SetWorkloadId(v string) *CreateWorkloadShareOutput { + s.WorkloadId = &v return s } -// Account details for a Well-Architected best practice in relation to Trusted -// Advisor checks. -type CheckDetail struct { - _ struct{} `type:"structure"` - - // An Amazon Web Services account ID. - AccountId *string `type:"string"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` - - // Trusted Advisor check description. - Description *string `type:"string"` - - // Count of flagged resources associated to the check. - FlaggedResources *int64 `min:"1" type:"integer"` - - // Trusted Advisor check ID. - Id *string `type:"string"` - - // Well-Architected Lens ARN associated to the check. - LensArn *string `type:"string"` - - // Trusted Advisor check name. - Name *string `type:"string"` +type DeleteLensInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The ID used to identify a pillar, for example, security. + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` - - // Provider of the check related to the best practice. - Provider *string `type:"string" enum:"CheckProvider"` - - // The ID of the question. - QuestionId *string `min:"1" type:"string"` - - // Reason associated to the check. - Reason *string `type:"string" enum:"CheckFailureReason"` + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` - // Status associated to the check. - Status *string `type:"string" enum:"CheckStatus"` + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` + // The status of the lens to be deleted. + // + // LensStatus is a required field + LensStatus *string `location:"querystring" locationName:"LensStatus" type:"string" required:"true" enum:"LensStatusType"` } // String returns the string representation. @@ -5427,7 +8907,7 @@ type CheckDetail struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CheckDetail) String() string { +func (s DeleteLensInput) String() string { return awsutil.Prettify(s) } @@ -5436,126 +8916,107 @@ func (s CheckDetail) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CheckDetail) GoString() string { +func (s DeleteLensInput) GoString() string { return s.String() } -// SetAccountId sets the AccountId field's value. -func (s *CheckDetail) SetAccountId(v string) *CheckDetail { - s.AccountId = &v - return s -} - -// SetChoiceId sets the ChoiceId field's value. -func (s *CheckDetail) SetChoiceId(v string) *CheckDetail { - s.ChoiceId = &v - return s -} - -// SetDescription sets the Description field's value. -func (s *CheckDetail) SetDescription(v string) *CheckDetail { - s.Description = &v - return s -} - -// SetFlaggedResources sets the FlaggedResources field's value. -func (s *CheckDetail) SetFlaggedResources(v int64) *CheckDetail { - s.FlaggedResources = &v - return s -} - -// SetId sets the Id field's value. -func (s *CheckDetail) SetId(v string) *CheckDetail { - s.Id = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *CheckDetail) SetLensArn(v string) *CheckDetail { - s.LensArn = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLensInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLensInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.LensStatus == nil { + invalidParams.Add(request.NewErrParamRequired("LensStatus")) + } -// SetName sets the Name field's value. -func (s *CheckDetail) SetName(v string) *CheckDetail { - s.Name = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetPillarId sets the PillarId field's value. -func (s *CheckDetail) SetPillarId(v string) *CheckDetail { - s.PillarId = &v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteLensInput) SetClientRequestToken(v string) *DeleteLensInput { + s.ClientRequestToken = &v return s } -// SetProvider sets the Provider field's value. -func (s *CheckDetail) SetProvider(v string) *CheckDetail { - s.Provider = &v +// SetLensAlias sets the LensAlias field's value. +func (s *DeleteLensInput) SetLensAlias(v string) *DeleteLensInput { + s.LensAlias = &v return s } -// SetQuestionId sets the QuestionId field's value. -func (s *CheckDetail) SetQuestionId(v string) *CheckDetail { - s.QuestionId = &v +// SetLensStatus sets the LensStatus field's value. +func (s *DeleteLensInput) SetLensStatus(v string) *DeleteLensInput { + s.LensStatus = &v return s } -// SetReason sets the Reason field's value. -func (s *CheckDetail) SetReason(v string) *CheckDetail { - s.Reason = &v - return s +type DeleteLensOutput struct { + _ struct{} `type:"structure"` } -// SetStatus sets the Status field's value. -func (s *CheckDetail) SetStatus(v string) *CheckDetail { - s.Status = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLensOutput) String() string { + return awsutil.Prettify(s) } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *CheckDetail) SetUpdatedAt(v time.Time) *CheckDetail { - s.UpdatedAt = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLensOutput) GoString() string { + return s.String() } -// Trusted Advisor check summary. -type CheckSummary struct { - _ struct{} `type:"structure"` - - // Account summary associated to the check. - AccountSummary map[string]*int64 `type:"map"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` - - // Trusted Advisor check description. - Description *string `type:"string"` - - // Trusted Advisor check ID. - Id *string `type:"string"` - - // Well-Architected Lens ARN associated to the check. - LensArn *string `type:"string"` - - // Trusted Advisor check name. - Name *string `type:"string"` +type DeleteLensShareInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The ID used to identify a pillar, for example, security. + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` - - // Provider of the check related to the best practice. - Provider *string `type:"string" enum:"CheckProvider"` - - // The ID of the question. - QuestionId *string `min:"1" type:"string"` + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` - // Status associated to the check. - Status *string `type:"string" enum:"CheckStatus"` + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` + // The ID associated with the share. + // + // ShareId is a required field + ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` } // String returns the string representation. @@ -5563,7 +9024,7 @@ type CheckSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CheckSummary) String() string { +func (s DeleteLensShareInput) String() string { return awsutil.Prettify(s) } @@ -5572,106 +9033,96 @@ func (s CheckSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CheckSummary) GoString() string { +func (s DeleteLensShareInput) GoString() string { return s.String() } -// SetAccountSummary sets the AccountSummary field's value. -func (s *CheckSummary) SetAccountSummary(v map[string]*int64) *CheckSummary { - s.AccountSummary = v - return s -} - -// SetChoiceId sets the ChoiceId field's value. -func (s *CheckSummary) SetChoiceId(v string) *CheckSummary { - s.ChoiceId = &v - return s -} - -// SetDescription sets the Description field's value. -func (s *CheckSummary) SetDescription(v string) *CheckSummary { - s.Description = &v - return s -} - -// SetId sets the Id field's value. -func (s *CheckSummary) SetId(v string) *CheckSummary { - s.Id = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLensShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLensShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.ShareId == nil { + invalidParams.Add(request.NewErrParamRequired("ShareId")) + } + if s.ShareId != nil && len(*s.ShareId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ShareId", 1)) + } -// SetLensArn sets the LensArn field's value. -func (s *CheckSummary) SetLensArn(v string) *CheckSummary { - s.LensArn = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetName sets the Name field's value. -func (s *CheckSummary) SetName(v string) *CheckSummary { - s.Name = &v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteLensShareInput) SetClientRequestToken(v string) *DeleteLensShareInput { + s.ClientRequestToken = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *CheckSummary) SetPillarId(v string) *CheckSummary { - s.PillarId = &v +// SetLensAlias sets the LensAlias field's value. +func (s *DeleteLensShareInput) SetLensAlias(v string) *DeleteLensShareInput { + s.LensAlias = &v return s } -// SetProvider sets the Provider field's value. -func (s *CheckSummary) SetProvider(v string) *CheckSummary { - s.Provider = &v +// SetShareId sets the ShareId field's value. +func (s *DeleteLensShareInput) SetShareId(v string) *DeleteLensShareInput { + s.ShareId = &v return s } -// SetQuestionId sets the QuestionId field's value. -func (s *CheckSummary) SetQuestionId(v string) *CheckSummary { - s.QuestionId = &v - return s +type DeleteLensShareOutput struct { + _ struct{} `type:"structure"` } -// SetStatus sets the Status field's value. -func (s *CheckSummary) SetStatus(v string) *CheckSummary { - s.Status = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLensShareOutput) String() string { + return awsutil.Prettify(s) } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *CheckSummary) SetUpdatedAt(v time.Time) *CheckSummary { - s.UpdatedAt = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLensShareOutput) GoString() string { + return s.String() } -// A choice available to answer question. -type Choice struct { - _ struct{} `type:"structure"` +type DeleteProfileInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The additional resources for a choice in a custom lens. + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // A choice can have up to two additional resources: one of type HELPFUL_RESOURCE, - // one of type IMPROVEMENT_PLAN, or both. - AdditionalResources []*AdditionalResources `type:"list"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` - - // The description of a choice. - Description *string `min:"1" type:"string"` - - // The helpful resource (both text and URL) for a particular choice. + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. // - // This field only applies to custom lenses. Each choice can have only one helpful - // resource. - HelpfulResource *ChoiceContent `type:"structure"` + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` - // The improvement plan (both text and URL) for a particular choice. + // The profile ARN. // - // This field only applies to custom lenses. Each choice can have only one improvement - // plan. - ImprovementPlan *ChoiceContent `type:"structure"` - - // The title of a choice. - Title *string `min:"1" type:"string"` + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` } // String returns the string representation. @@ -5679,7 +9130,7 @@ type Choice struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Choice) String() string { +func (s DeleteProfileInput) String() string { return awsutil.Prettify(s) } @@ -5688,61 +9139,43 @@ func (s Choice) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Choice) GoString() string { +func (s DeleteProfileInput) GoString() string { return s.String() } -// SetAdditionalResources sets the AdditionalResources field's value. -func (s *Choice) SetAdditionalResources(v []*AdditionalResources) *Choice { - s.AdditionalResources = v - return s -} - -// SetChoiceId sets the ChoiceId field's value. -func (s *Choice) SetChoiceId(v string) *Choice { - s.ChoiceId = &v - return s -} - -// SetDescription sets the Description field's value. -func (s *Choice) SetDescription(v string) *Choice { - s.Description = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteProfileInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) + } + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) + } -// SetHelpfulResource sets the HelpfulResource field's value. -func (s *Choice) SetHelpfulResource(v *ChoiceContent) *Choice { - s.HelpfulResource = v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetImprovementPlan sets the ImprovementPlan field's value. -func (s *Choice) SetImprovementPlan(v *ChoiceContent) *Choice { - s.ImprovementPlan = v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteProfileInput) SetClientRequestToken(v string) *DeleteProfileInput { + s.ClientRequestToken = &v return s } -// SetTitle sets the Title field's value. -func (s *Choice) SetTitle(v string) *Choice { - s.Title = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *DeleteProfileInput) SetProfileArn(v string) *DeleteProfileInput { + s.ProfileArn = &v return s } -// A choice that has been answered on a question in your workload. -type ChoiceAnswer struct { +type DeleteProfileOutput struct { _ struct{} `type:"structure"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` - - // The notes associated with a choice. - Notes *string `type:"string"` - - // The reason why a choice is non-applicable to a question in your workload. - Reason *string `type:"string" enum:"ChoiceReason"` - - // The status of a choice. - Status *string `type:"string" enum:"ChoiceStatus"` } // String returns the string representation. @@ -5750,7 +9183,7 @@ type ChoiceAnswer struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceAnswer) String() string { +func (s DeleteProfileOutput) String() string { return awsutil.Prettify(s) } @@ -5759,46 +9192,36 @@ func (s ChoiceAnswer) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceAnswer) GoString() string { +func (s DeleteProfileOutput) GoString() string { return s.String() } -// SetChoiceId sets the ChoiceId field's value. -func (s *ChoiceAnswer) SetChoiceId(v string) *ChoiceAnswer { - s.ChoiceId = &v - return s -} - -// SetNotes sets the Notes field's value. -func (s *ChoiceAnswer) SetNotes(v string) *ChoiceAnswer { - s.Notes = &v - return s -} - -// SetReason sets the Reason field's value. -func (s *ChoiceAnswer) SetReason(v string) *ChoiceAnswer { - s.Reason = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *ChoiceAnswer) SetStatus(v string) *ChoiceAnswer { - s.Status = &v - return s -} - -// A choice summary that has been answered on a question in your workload. -type ChoiceAnswerSummary struct { - _ struct{} `type:"structure"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` +type DeleteProfileShareInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The reason why a choice is non-applicable to a question in your workload. - Reason *string `type:"string" enum:"ChoiceReason"` + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` - // The status of a choice. - Status *string `type:"string" enum:"ChoiceStatus"` + // The profile ARN. + // + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` + + // The ID associated with the share. + // + // ShareId is a required field + ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` } // String returns the string representation. @@ -5806,7 +9229,7 @@ type ChoiceAnswerSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceAnswerSummary) String() string { +func (s DeleteProfileShareInput) String() string { return awsutil.Prettify(s) } @@ -5815,37 +9238,55 @@ func (s ChoiceAnswerSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceAnswerSummary) GoString() string { +func (s DeleteProfileShareInput) GoString() string { return s.String() } -// SetChoiceId sets the ChoiceId field's value. -func (s *ChoiceAnswerSummary) SetChoiceId(v string) *ChoiceAnswerSummary { - s.ChoiceId = &v +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteProfileShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteProfileShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) + } + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) + } + if s.ShareId == nil { + invalidParams.Add(request.NewErrParamRequired("ShareId")) + } + if s.ShareId != nil && len(*s.ShareId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ShareId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteProfileShareInput) SetClientRequestToken(v string) *DeleteProfileShareInput { + s.ClientRequestToken = &v return s } -// SetReason sets the Reason field's value. -func (s *ChoiceAnswerSummary) SetReason(v string) *ChoiceAnswerSummary { - s.Reason = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *DeleteProfileShareInput) SetProfileArn(v string) *DeleteProfileShareInput { + s.ProfileArn = &v return s } -// SetStatus sets the Status field's value. -func (s *ChoiceAnswerSummary) SetStatus(v string) *ChoiceAnswerSummary { - s.Status = &v +// SetShareId sets the ShareId field's value. +func (s *DeleteProfileShareInput) SetShareId(v string) *DeleteProfileShareInput { + s.ShareId = &v return s } -// The choice content. -type ChoiceContent struct { +type DeleteProfileShareOutput struct { _ struct{} `type:"structure"` - - // The display text for the choice content. - DisplayText *string `min:"1" type:"string"` - - // The URL for the choice content. - Url *string `min:"1" type:"string"` } // String returns the string representation. @@ -5853,7 +9294,7 @@ type ChoiceContent struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceContent) String() string { +func (s DeleteProfileShareOutput) String() string { return awsutil.Prettify(s) } @@ -5862,39 +9303,33 @@ func (s ChoiceContent) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceContent) GoString() string { +func (s DeleteProfileShareOutput) GoString() string { return s.String() } -// SetDisplayText sets the DisplayText field's value. -func (s *ChoiceContent) SetDisplayText(v string) *ChoiceContent { - s.DisplayText = &v - return s -} - -// SetUrl sets the Url field's value. -func (s *ChoiceContent) SetUrl(v string) *ChoiceContent { - s.Url = &v - return s -} - -// The choice level improvement plan. -type ChoiceImprovementPlan struct { - _ struct{} `type:"structure"` - - // The ID of a choice. - ChoiceId *string `min:"1" type:"string"` - - // The display text for the improvement plan. - DisplayText *string `min:"1" type:"string"` +// Input for workload deletion. +type DeleteWorkloadInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The improvement plan URL for a question in an Amazon Web Services official - // lenses. + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). // - // This value is only available if the question has been answered. + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. // - // This value does not apply to custom lenses. - ImprovementPlanUrl *string `min:"1" type:"string"` + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -5902,7 +9337,7 @@ type ChoiceImprovementPlan struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceImprovementPlan) String() string { +func (s DeleteWorkloadInput) String() string { return awsutil.Prettify(s) } @@ -5911,42 +9346,43 @@ func (s ChoiceImprovementPlan) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceImprovementPlan) GoString() string { +func (s DeleteWorkloadInput) GoString() string { return s.String() } -// SetChoiceId sets the ChoiceId field's value. -func (s *ChoiceImprovementPlan) SetChoiceId(v string) *ChoiceImprovementPlan { - s.ChoiceId = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteWorkloadInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkloadInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetDisplayText sets the DisplayText field's value. -func (s *ChoiceImprovementPlan) SetDisplayText(v string) *ChoiceImprovementPlan { - s.DisplayText = &v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteWorkloadInput) SetClientRequestToken(v string) *DeleteWorkloadInput { + s.ClientRequestToken = &v return s } -// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. -func (s *ChoiceImprovementPlan) SetImprovementPlanUrl(v string) *ChoiceImprovementPlan { - s.ImprovementPlanUrl = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *DeleteWorkloadInput) SetWorkloadId(v string) *DeleteWorkloadInput { + s.WorkloadId = &v return s } -// A list of choices to be updated. -type ChoiceUpdate struct { +type DeleteWorkloadOutput struct { _ struct{} `type:"structure"` - - // The notes associated with a choice. - Notes *string `type:"string"` - - // The reason why a choice is non-applicable to a question in your workload. - Reason *string `type:"string" enum:"ChoiceReason"` - - // The status of a choice. - // - // Status is a required field - Status *string `type:"string" required:"true" enum:"ChoiceStatus"` } // String returns the string representation. @@ -5954,7 +9390,7 @@ type ChoiceUpdate struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceUpdate) String() string { +func (s DeleteWorkloadOutput) String() string { return awsutil.Prettify(s) } @@ -5963,58 +9399,38 @@ func (s ChoiceUpdate) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ChoiceUpdate) GoString() string { +func (s DeleteWorkloadOutput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ChoiceUpdate) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ChoiceUpdate"} - if s.Status == nil { - invalidParams.Add(request.NewErrParamRequired("Status")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetNotes sets the Notes field's value. -func (s *ChoiceUpdate) SetNotes(v string) *ChoiceUpdate { - s.Notes = &v - return s -} - -// SetReason sets the Reason field's value. -func (s *ChoiceUpdate) SetReason(v string) *ChoiceUpdate { - s.Reason = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *ChoiceUpdate) SetStatus(v string) *ChoiceUpdate { - s.Status = &v - return s -} - -// The resource has already been processed, was deleted, or is too large. -type ConflictException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// Input for Delete Workload Share +type DeleteWorkloadShareInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // Description of the error. - Message_ *string `locationName:"Message" type:"string"` + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" min:"1" type:"string" idempotencyToken:"true"` - // Identifier of the resource affected. + // The ID associated with the share. // - // ResourceId is a required field - ResourceId *string `type:"string" required:"true"` + // ShareId is a required field + ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` - // Type of the resource affected. + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. // - // ResourceType is a required field - ResourceType *string `type:"string" required:"true"` + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -6022,7 +9438,7 @@ type ConflictException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConflictException) String() string { +func (s DeleteWorkloadShareInput) String() string { return awsutil.Prettify(s) } @@ -6031,80 +9447,92 @@ func (s ConflictException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConflictException) GoString() string { +func (s DeleteWorkloadShareInput) GoString() string { return s.String() } -func newErrorConflictException(v protocol.ResponseMetadata) error { - return &ConflictException{ - RespMetadata: v, +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteWorkloadShareInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkloadShareInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.ShareId == nil { + invalidParams.Add(request.NewErrParamRequired("ShareId")) + } + if s.ShareId != nil && len(*s.ShareId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ShareId", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams } + return nil } -// Code returns the exception type name. -func (s *ConflictException) Code() string { - return "ConflictException" +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *DeleteWorkloadShareInput) SetClientRequestToken(v string) *DeleteWorkloadShareInput { + s.ClientRequestToken = &v + return s } -// Message returns the exception's message. -func (s *ConflictException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// SetShareId sets the ShareId field's value. +func (s *DeleteWorkloadShareInput) SetShareId(v string) *DeleteWorkloadShareInput { + s.ShareId = &v + return s } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ConflictException) OrigErr() error { - return nil +// SetWorkloadId sets the WorkloadId field's value. +func (s *DeleteWorkloadShareInput) SetWorkloadId(v string) *DeleteWorkloadShareInput { + s.WorkloadId = &v + return s } -func (s *ConflictException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +type DeleteWorkloadShareOutput struct { + _ struct{} `type:"structure"` } -// Status code returns the HTTP status code for the request's response error. -func (s *ConflictException) StatusCode() int { - return s.RespMetadata.StatusCode +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkloadShareOutput) String() string { + return awsutil.Prettify(s) } -// RequestID returns the service's response RequestID for request. -func (s *ConflictException) RequestID() string { - return s.RespMetadata.RequestID +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkloadShareOutput) GoString() string { + return s.String() } -// A metric that contributes to the consolidated report. -type ConsolidatedReportMetric struct { +// Input to disassociate lens reviews. +type DisassociateLensesInput struct { _ struct{} `type:"structure"` - // The metrics for the lenses in the workload. - Lenses []*LensMetric `type:"list"` - - // The total number of lenses applied to the workload. - LensesAppliedCount *int64 `type:"integer"` - - // The metric type of a metric in the consolidated report. Currently only WORKLOAD - // metric types are supported. - MetricType *string `type:"string" enum:"MetricType"` - - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` - - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` - - // The ARN for the workload. - WorkloadArn *string `type:"string"` + // List of lens aliases to associate or disassociate with a workload. Up to + // 10 lenses can be specified. + // + // Identify a lens using its LensSummary$LensAlias. + // + // LensAliases is a required field + LensAliases []*string `min:"1" type:"list" required:"true"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` - - // The name of the workload. // - // The name must be unique within an account within an Amazon Web Services Region. - // Spaces and capitalization are ignored when checking for uniqueness. - WorkloadName *string `min:"3" type:"string"` + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -6112,7 +9540,7 @@ type ConsolidatedReportMetric struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConsolidatedReportMetric) String() string { +func (s DisassociateLensesInput) String() string { return awsutil.Prettify(s) } @@ -6121,94 +9549,79 @@ func (s ConsolidatedReportMetric) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConsolidatedReportMetric) GoString() string { +func (s DisassociateLensesInput) GoString() string { return s.String() } -// SetLenses sets the Lenses field's value. -func (s *ConsolidatedReportMetric) SetLenses(v []*LensMetric) *ConsolidatedReportMetric { - s.Lenses = v - return s -} - -// SetLensesAppliedCount sets the LensesAppliedCount field's value. -func (s *ConsolidatedReportMetric) SetLensesAppliedCount(v int64) *ConsolidatedReportMetric { - s.LensesAppliedCount = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateLensesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateLensesInput"} + if s.LensAliases == nil { + invalidParams.Add(request.NewErrParamRequired("LensAliases")) + } + if s.LensAliases != nil && len(s.LensAliases) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAliases", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } -// SetMetricType sets the MetricType field's value. -func (s *ConsolidatedReportMetric) SetMetricType(v string) *ConsolidatedReportMetric { - s.MetricType = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetRiskCounts sets the RiskCounts field's value. -func (s *ConsolidatedReportMetric) SetRiskCounts(v map[string]*int64) *ConsolidatedReportMetric { - s.RiskCounts = v +// SetLensAliases sets the LensAliases field's value. +func (s *DisassociateLensesInput) SetLensAliases(v []*string) *DisassociateLensesInput { + s.LensAliases = v return s } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *ConsolidatedReportMetric) SetUpdatedAt(v time.Time) *ConsolidatedReportMetric { - s.UpdatedAt = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *DisassociateLensesInput) SetWorkloadId(v string) *DisassociateLensesInput { + s.WorkloadId = &v return s } -// SetWorkloadArn sets the WorkloadArn field's value. -func (s *ConsolidatedReportMetric) SetWorkloadArn(v string) *ConsolidatedReportMetric { - s.WorkloadArn = &v - return s +type DisassociateLensesOutput struct { + _ struct{} `type:"structure"` } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ConsolidatedReportMetric) SetWorkloadId(v string) *ConsolidatedReportMetric { - s.WorkloadId = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateLensesOutput) String() string { + return awsutil.Prettify(s) } -// SetWorkloadName sets the WorkloadName field's value. -func (s *ConsolidatedReportMetric) SetWorkloadName(v string) *ConsolidatedReportMetric { - s.WorkloadName = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateLensesOutput) GoString() string { + return s.String() } -type CreateLensShareInput struct { +type DisassociateProfilesInput struct { _ struct{} `type:"structure"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. + // The list of profile ARNs to disassociate from the workload. // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + // ProfileArns is a required field + ProfileArns []*string `min:"1" type:"list" required:"true"` - // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. // - // SharedWith is a required field - SharedWith *string `min:"12" type:"string" required:"true"` + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -6216,7 +9629,7 @@ type CreateLensShareInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensShareInput) String() string { +func (s DisassociateProfilesInput) String() string { return awsutil.Prettify(s) } @@ -6225,24 +9638,24 @@ func (s CreateLensShareInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensShareInput) GoString() string { +func (s DisassociateProfilesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateLensShareInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateLensShareInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) +func (s *DisassociateProfilesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateProfilesInput"} + if s.ProfileArns == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArns")) } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + if s.ProfileArns != nil && len(s.ProfileArns) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArns", 1)) } - if s.SharedWith == nil { - invalidParams.Add(request.NewErrParamRequired("SharedWith")) + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.SharedWith != nil && len(*s.SharedWith) < 12 { - invalidParams.Add(request.NewErrParamMinLen("SharedWith", 12)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -6251,29 +9664,20 @@ func (s *CreateLensShareInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *CreateLensShareInput) SetClientRequestToken(v string) *CreateLensShareInput { - s.ClientRequestToken = &v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *CreateLensShareInput) SetLensAlias(v string) *CreateLensShareInput { - s.LensAlias = &v +// SetProfileArns sets the ProfileArns field's value. +func (s *DisassociateProfilesInput) SetProfileArns(v []*string) *DisassociateProfilesInput { + s.ProfileArns = v return s } -// SetSharedWith sets the SharedWith field's value. -func (s *CreateLensShareInput) SetSharedWith(v string) *CreateLensShareInput { - s.SharedWith = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *DisassociateProfilesInput) SetWorkloadId(v string) *DisassociateProfilesInput { + s.WorkloadId = &v return s } -type CreateLensShareOutput struct { +type DisassociateProfilesOutput struct { _ struct{} `type:"structure"` - - // The ID associated with the workload share. - ShareId *string `type:"string"` } // String returns the string representation. @@ -6281,7 +9685,7 @@ type CreateLensShareOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensShareOutput) String() string { +func (s DisassociateProfilesOutput) String() string { return awsutil.Prettify(s) } @@ -6290,35 +9694,12 @@ func (s CreateLensShareOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensShareOutput) GoString() string { +func (s DisassociateProfilesOutput) GoString() string { return s.String() } -// SetShareId sets the ShareId field's value. -func (s *CreateLensShareOutput) SetShareId(v string) *CreateLensShareOutput { - s.ShareId = &v - return s -} - -type CreateLensVersionInput struct { - _ struct{} `type:"structure"` - - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` - - // Set to true if this new major lens version. - IsMajorVersion *bool `type:"boolean"` +type ExportLensInput struct { + _ struct{} `type:"structure" nopayload:"true"` // The alias of the lens. // @@ -6334,10 +9715,8 @@ type CreateLensVersionInput struct { // LensAlias is a required field LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The version of the lens being created. - // - // LensVersion is a required field - LensVersion *string `min:"1" type:"string" required:"true"` + // The lens version to be exported. + LensVersion *string `location:"querystring" locationName:"LensVersion" min:"1" type:"string"` } // String returns the string representation. @@ -6345,7 +9724,7 @@ type CreateLensVersionInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensVersionInput) String() string { +func (s ExportLensInput) String() string { return awsutil.Prettify(s) } @@ -6354,64 +9733,46 @@ func (s CreateLensVersionInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensVersionInput) GoString() string { +func (s ExportLensInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateLensVersionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateLensVersionInput"} +func (s *ExportLensInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportLensInput"} if s.LensAlias == nil { invalidParams.Add(request.NewErrParamRequired("LensAlias")) } if s.LensAlias != nil && len(*s.LensAlias) < 1 { invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) } - if s.LensVersion == nil { - invalidParams.Add(request.NewErrParamRequired("LensVersion")) - } if s.LensVersion != nil && len(*s.LensVersion) < 1 { invalidParams.Add(request.NewErrParamMinLen("LensVersion", 1)) } - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *CreateLensVersionInput) SetClientRequestToken(v string) *CreateLensVersionInput { - s.ClientRequestToken = &v - return s -} - -// SetIsMajorVersion sets the IsMajorVersion field's value. -func (s *CreateLensVersionInput) SetIsMajorVersion(v bool) *CreateLensVersionInput { - s.IsMajorVersion = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } // SetLensAlias sets the LensAlias field's value. -func (s *CreateLensVersionInput) SetLensAlias(v string) *CreateLensVersionInput { +func (s *ExportLensInput) SetLensAlias(v string) *ExportLensInput { s.LensAlias = &v return s } // SetLensVersion sets the LensVersion field's value. -func (s *CreateLensVersionInput) SetLensVersion(v string) *CreateLensVersionInput { +func (s *ExportLensInput) SetLensVersion(v string) *ExportLensInput { s.LensVersion = &v return s } -type CreateLensVersionOutput struct { +type ExportLensOutput struct { _ struct{} `type:"structure"` - // The ARN for the lens. - LensArn *string `type:"string"` - - // The version of the lens. - LensVersion *string `min:"1" type:"string"` + // The JSON representation of a lens. + LensJSON *string `min:"2" type:"string"` } // String returns the string representation. @@ -6419,7 +9780,7 @@ type CreateLensVersionOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensVersionOutput) String() string { +func (s ExportLensOutput) String() string { return awsutil.Prettify(s) } @@ -6428,52 +9789,49 @@ func (s CreateLensVersionOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLensVersionOutput) GoString() string { +func (s ExportLensOutput) GoString() string { return s.String() } -// SetLensArn sets the LensArn field's value. -func (s *CreateLensVersionOutput) SetLensArn(v string) *CreateLensVersionOutput { - s.LensArn = &v - return s -} - -// SetLensVersion sets the LensVersion field's value. -func (s *CreateLensVersionOutput) SetLensVersion(v string) *CreateLensVersionOutput { - s.LensVersion = &v +// SetLensJSON sets the LensJSON field's value. +func (s *ExportLensOutput) SetLensJSON(v string) *ExportLensOutput { + s.LensJSON = &v return s } -// Input for milestone creation. -type CreateMilestoneInput struct { - _ struct{} `type:"structure"` +// Input to get answer. +type GetAnswerInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). + // The alias of the lens. // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The name of the milestone in a workload. + // The milestone number. // - // Milestone names must be unique within a workload. + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + + // The ID of the question. // - // MilestoneName is a required field - MilestoneName *string `min:"3" type:"string" required:"true"` + // QuestionId is a required field + QuestionId *string `location:"uri" locationName:"QuestionId" min:"1" type:"string" required:"true"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -6481,7 +9839,7 @@ type CreateMilestoneInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateMilestoneInput) String() string { +func (s GetAnswerInput) String() string { return awsutil.Prettify(s) } @@ -6490,24 +9848,33 @@ func (s CreateMilestoneInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateMilestoneInput) GoString() string { +func (s GetAnswerInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateMilestoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateMilestoneInput"} - if s.MilestoneName == nil { - invalidParams.Add(request.NewErrParamRequired("MilestoneName")) +func (s *GetAnswerInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetAnswerInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) } - if s.MilestoneName != nil && len(*s.MilestoneName) < 3 { - invalidParams.Add(request.NewErrParamMinLen("MilestoneName", 3)) + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) + } + if s.QuestionId == nil { + invalidParams.Add(request.NewErrParamRequired("QuestionId")) + } + if s.QuestionId != nil && len(*s.QuestionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -6516,204 +9883,128 @@ func (s *CreateMilestoneInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *CreateMilestoneInput) SetClientRequestToken(v string) *CreateMilestoneInput { - s.ClientRequestToken = &v - return s -} - -// SetMilestoneName sets the MilestoneName field's value. -func (s *CreateMilestoneInput) SetMilestoneName(v string) *CreateMilestoneInput { - s.MilestoneName = &v +// SetLensAlias sets the LensAlias field's value. +func (s *GetAnswerInput) SetLensAlias(v string) *GetAnswerInput { + s.LensAlias = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *CreateMilestoneInput) SetWorkloadId(v string) *CreateMilestoneInput { - s.WorkloadId = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetAnswerInput) SetMilestoneNumber(v int64) *GetAnswerInput { + s.MilestoneNumber = &v return s } -// Output of a create milestone call. -type CreateMilestoneOutput struct { - _ struct{} `type:"structure"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` - - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateMilestoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateMilestoneOutput) GoString() string { - return s.String() -} - -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *CreateMilestoneOutput) SetMilestoneNumber(v int64) *CreateMilestoneOutput { - s.MilestoneNumber = &v +// SetQuestionId sets the QuestionId field's value. +func (s *GetAnswerInput) SetQuestionId(v string) *GetAnswerInput { + s.QuestionId = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *CreateMilestoneOutput) SetWorkloadId(v string) *CreateMilestoneOutput { +func (s *GetAnswerInput) SetWorkloadId(v string) *GetAnswerInput { s.WorkloadId = &v return s } -// Input for workload creation. -type CreateWorkloadInput struct { - _ struct{} `type:"structure"` - - // The list of Amazon Web Services account IDs associated with the workload. - AccountIds []*string `type:"list"` - - // List of AppRegistry application ARNs associated to the workload. - Applications []*string `type:"list"` - - // The URL of the architectural design for the workload. - ArchitecturalDesign *string `type:"string"` - - // The list of Amazon Web Services Regions associated with the workload, for - // example, us-east-2, or ca-central-1. - AwsRegions []*string `type:"list"` - - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` - - // The description for the workload. - // - // Description is a required field - Description *string `min:"3" type:"string" required:"true"` - - // Well-Architected discovery configuration settings associated to the workload. - DiscoveryConfig *WorkloadDiscoveryConfig `type:"structure"` - - // The environment for the workload. - // - // Environment is a required field - Environment *string `type:"string" required:"true" enum:"WorkloadEnvironment"` - - // The industry for the workload. - Industry *string `type:"string"` - - // The industry type for the workload. - // - // If specified, must be one of the following: - // - // * Agriculture - // - // * Automobile - // - // * Defense - // - // * Design and Engineering - // - // * Digital Advertising - // - // * Education - // - // * Environmental Protection - // - // * Financial Services - // - // * Gaming - // - // * General Public Services - // - // * Healthcare - // - // * Hospitality - // - // * InfoTech - // - // * Justice and Public Safety - // - // * Life Sciences - // - // * Manufacturing - // - // * Media & Entertainment - // - // * Mining & Resources - // - // * Oil & Gas - // - // * Power & Utilities - // - // * Professional Services - // - // * Real Estate & Construction - // - // * Retail & Wholesale - // - // * Social Protection +// Output of a get answer call. +type GetAnswerOutput struct { + _ struct{} `type:"structure"` + + // An answer of the question. + Answer *Answer `type:"structure"` + + // The alias of the lens. // - // * Telecommunications + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. // - // * Travel, Transportation & Logistics + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // - // * Other - IndustryType *string `type:"string"` + // Each lens is identified by its LensSummary$LensAlias. + LensAlias *string `min:"1" type:"string"` - // The list of lenses associated with the workload. Each lens is identified - // by its LensSummary$LensAlias. + // The ARN for the lens. + LensArn *string `type:"string"` + + // The milestone number. // - // Lenses is a required field - Lenses []*string `type:"list" required:"true"` + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` - // The list of non-Amazon Web Services Regions associated with the workload. - NonAwsRegions []*string `type:"list"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` +} - // The notes associated with the workload. - Notes *string `type:"string"` +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAnswerOutput) String() string { + return awsutil.Prettify(s) +} - // The priorities of the pillars, which are used to order items in the improvement - // plan. Each pillar is represented by its PillarReviewSummary$PillarId. - PillarPriorities []*string `type:"list"` +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetAnswerOutput) GoString() string { + return s.String() +} - // The review owner of the workload. The name, email address, or identifier - // for the primary group or individual that owns the workload review process. - ReviewOwner *string `min:"3" type:"string"` +// SetAnswer sets the Answer field's value. +func (s *GetAnswerOutput) SetAnswer(v *Answer) *GetAnswerOutput { + s.Answer = v + return s +} - // The tags to be associated with the workload. - Tags map[string]*string `min:"1" type:"map"` +// SetLensAlias sets the LensAlias field's value. +func (s *GetAnswerOutput) SetLensAlias(v string) *GetAnswerOutput { + s.LensAlias = &v + return s +} - // The name of the workload. +// SetLensArn sets the LensArn field's value. +func (s *GetAnswerOutput) SetLensArn(v string) *GetAnswerOutput { + s.LensArn = &v + return s +} + +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetAnswerOutput) SetMilestoneNumber(v int64) *GetAnswerOutput { + s.MilestoneNumber = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *GetAnswerOutput) SetWorkloadId(v string) *GetAnswerOutput { + s.WorkloadId = &v + return s +} + +type GetConsolidatedReportInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The format of the consolidated report. // - // The name must be unique within an account within an Amazon Web Services Region. - // Spaces and capitalization are ignored when checking for uniqueness. + // For PDF, Base64String is returned. For JSON, Metrics is returned. // - // WorkloadName is a required field - WorkloadName *string `min:"3" type:"string" required:"true"` + // Format is a required field + Format *string `location:"querystring" locationName:"Format" type:"string" required:"true" enum:"ReportFormat"` + + // Set to true to have shared resources included in the report. + IncludeSharedResources *bool `location:"querystring" locationName:"IncludeSharedResources" type:"boolean"` + + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` } // String returns the string representation. @@ -6721,7 +10012,7 @@ type CreateWorkloadInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadInput) String() string { +func (s GetConsolidatedReportInput) String() string { return awsutil.Prettify(s) } @@ -6730,36 +10021,18 @@ func (s CreateWorkloadInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadInput) GoString() string { +func (s GetConsolidatedReportInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateWorkloadInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateWorkloadInput"} - if s.Description == nil { - invalidParams.Add(request.NewErrParamRequired("Description")) - } - if s.Description != nil && len(*s.Description) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Description", 3)) - } - if s.Environment == nil { - invalidParams.Add(request.NewErrParamRequired("Environment")) - } - if s.Lenses == nil { - invalidParams.Add(request.NewErrParamRequired("Lenses")) - } - if s.ReviewOwner != nil && len(*s.ReviewOwner) < 3 { - invalidParams.Add(request.NewErrParamMinLen("ReviewOwner", 3)) - } - if s.Tags != nil && len(s.Tags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) - } - if s.WorkloadName == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadName")) +func (s *GetConsolidatedReportInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetConsolidatedReportInput"} + if s.Format == nil { + invalidParams.Add(request.NewErrParamRequired("Format")) } - if s.WorkloadName != nil && len(*s.WorkloadName) < 3 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadName", 3)) + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if invalidParams.Len() > 0 { @@ -6768,118 +10041,160 @@ func (s *CreateWorkloadInput) Validate() error { return nil } -// SetAccountIds sets the AccountIds field's value. -func (s *CreateWorkloadInput) SetAccountIds(v []*string) *CreateWorkloadInput { - s.AccountIds = v +// SetFormat sets the Format field's value. +func (s *GetConsolidatedReportInput) SetFormat(v string) *GetConsolidatedReportInput { + s.Format = &v return s } -// SetApplications sets the Applications field's value. -func (s *CreateWorkloadInput) SetApplications(v []*string) *CreateWorkloadInput { - s.Applications = v +// SetIncludeSharedResources sets the IncludeSharedResources field's value. +func (s *GetConsolidatedReportInput) SetIncludeSharedResources(v bool) *GetConsolidatedReportInput { + s.IncludeSharedResources = &v return s } -// SetArchitecturalDesign sets the ArchitecturalDesign field's value. -func (s *CreateWorkloadInput) SetArchitecturalDesign(v string) *CreateWorkloadInput { - s.ArchitecturalDesign = &v +// SetMaxResults sets the MaxResults field's value. +func (s *GetConsolidatedReportInput) SetMaxResults(v int64) *GetConsolidatedReportInput { + s.MaxResults = &v return s } -// SetAwsRegions sets the AwsRegions field's value. -func (s *CreateWorkloadInput) SetAwsRegions(v []*string) *CreateWorkloadInput { - s.AwsRegions = v +// SetNextToken sets the NextToken field's value. +func (s *GetConsolidatedReportInput) SetNextToken(v string) *GetConsolidatedReportInput { + s.NextToken = &v return s } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *CreateWorkloadInput) SetClientRequestToken(v string) *CreateWorkloadInput { - s.ClientRequestToken = &v - return s +type GetConsolidatedReportOutput struct { + _ struct{} `type:"structure"` + + // The Base64-encoded string representation of a lens review report. + // + // This data can be used to create a PDF file. + // + // Only returned by GetConsolidatedReport when PDF format is requested. + Base64String *string `type:"string"` + + // The metrics that make up the consolidated report. + // + // Only returned when JSON format is requested. + Metrics []*ConsolidatedReportMetric `type:"list"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` } -// SetDescription sets the Description field's value. -func (s *CreateWorkloadInput) SetDescription(v string) *CreateWorkloadInput { - s.Description = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConsolidatedReportOutput) String() string { + return awsutil.Prettify(s) } -// SetDiscoveryConfig sets the DiscoveryConfig field's value. -func (s *CreateWorkloadInput) SetDiscoveryConfig(v *WorkloadDiscoveryConfig) *CreateWorkloadInput { - s.DiscoveryConfig = v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConsolidatedReportOutput) GoString() string { + return s.String() } -// SetEnvironment sets the Environment field's value. -func (s *CreateWorkloadInput) SetEnvironment(v string) *CreateWorkloadInput { - s.Environment = &v +// SetBase64String sets the Base64String field's value. +func (s *GetConsolidatedReportOutput) SetBase64String(v string) *GetConsolidatedReportOutput { + s.Base64String = &v return s } -// SetIndustry sets the Industry field's value. -func (s *CreateWorkloadInput) SetIndustry(v string) *CreateWorkloadInput { - s.Industry = &v +// SetMetrics sets the Metrics field's value. +func (s *GetConsolidatedReportOutput) SetMetrics(v []*ConsolidatedReportMetric) *GetConsolidatedReportOutput { + s.Metrics = v return s } -// SetIndustryType sets the IndustryType field's value. -func (s *CreateWorkloadInput) SetIndustryType(v string) *CreateWorkloadInput { - s.IndustryType = &v +// SetNextToken sets the NextToken field's value. +func (s *GetConsolidatedReportOutput) SetNextToken(v string) *GetConsolidatedReportOutput { + s.NextToken = &v return s } -// SetLenses sets the Lenses field's value. -func (s *CreateWorkloadInput) SetLenses(v []*string) *CreateWorkloadInput { - s.Lenses = v - return s +type GetLensInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + + // The lens version to be retrieved. + LensVersion *string `location:"querystring" locationName:"LensVersion" min:"1" type:"string"` } -// SetNonAwsRegions sets the NonAwsRegions field's value. -func (s *CreateWorkloadInput) SetNonAwsRegions(v []*string) *CreateWorkloadInput { - s.NonAwsRegions = v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLensInput) String() string { + return awsutil.Prettify(s) } -// SetNotes sets the Notes field's value. -func (s *CreateWorkloadInput) SetNotes(v string) *CreateWorkloadInput { - s.Notes = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLensInput) GoString() string { + return s.String() } -// SetPillarPriorities sets the PillarPriorities field's value. -func (s *CreateWorkloadInput) SetPillarPriorities(v []*string) *CreateWorkloadInput { - s.PillarPriorities = v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetLensInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLensInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.LensVersion != nil && len(*s.LensVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensVersion", 1)) + } -// SetReviewOwner sets the ReviewOwner field's value. -func (s *CreateWorkloadInput) SetReviewOwner(v string) *CreateWorkloadInput { - s.ReviewOwner = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetTags sets the Tags field's value. -func (s *CreateWorkloadInput) SetTags(v map[string]*string) *CreateWorkloadInput { - s.Tags = v +// SetLensAlias sets the LensAlias field's value. +func (s *GetLensInput) SetLensAlias(v string) *GetLensInput { + s.LensAlias = &v return s } -// SetWorkloadName sets the WorkloadName field's value. -func (s *CreateWorkloadInput) SetWorkloadName(v string) *CreateWorkloadInput { - s.WorkloadName = &v +// SetLensVersion sets the LensVersion field's value. +func (s *GetLensInput) SetLensVersion(v string) *GetLensInput { + s.LensVersion = &v return s } -// Output of a create workload call. -type CreateWorkloadOutput struct { +type GetLensOutput struct { _ struct{} `type:"structure"` - // The ARN for the workload. - WorkloadArn *string `type:"string"` - - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // A lens return object. + Lens *Lens `type:"structure"` } // String returns the string representation. @@ -6887,7 +10202,7 @@ type CreateWorkloadOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadOutput) String() string { +func (s GetLensOutput) String() string { return awsutil.Prettify(s) } @@ -6896,56 +10211,44 @@ func (s CreateWorkloadOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadOutput) GoString() string { +func (s GetLensOutput) GoString() string { return s.String() } -// SetWorkloadArn sets the WorkloadArn field's value. -func (s *CreateWorkloadOutput) SetWorkloadArn(v string) *CreateWorkloadOutput { - s.WorkloadArn = &v - return s -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *CreateWorkloadOutput) SetWorkloadId(v string) *CreateWorkloadOutput { - s.WorkloadId = &v +// SetLens sets the Lens field's value. +func (s *GetLensOutput) SetLens(v *Lens) *GetLensOutput { + s.Lens = v return s } -// Input for Create Workload Share -type CreateWorkloadShareInput struct { - _ struct{} `type:"structure"` +// Input to get lens review. +type GetLensReviewInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). + // The alias of the lens. // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` - - // Permission granted on a workload share. + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // - // PermissionType is a required field - PermissionType *string `type:"string" required:"true" enum:"PermissionType"` + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. + // The milestone number. // - // SharedWith is a required field - SharedWith *string `min:"12" type:"string" required:"true"` + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -6953,7 +10256,7 @@ type CreateWorkloadShareInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadShareInput) String() string { +func (s GetLensReviewInput) String() string { return awsutil.Prettify(s) } @@ -6962,27 +10265,27 @@ func (s CreateWorkloadShareInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadShareInput) GoString() string { +func (s GetLensReviewInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateWorkloadShareInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateWorkloadShareInput"} - if s.PermissionType == nil { - invalidParams.Add(request.NewErrParamRequired("PermissionType")) +func (s *GetLensReviewInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLensReviewInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) } - if s.SharedWith == nil { - invalidParams.Add(request.NewErrParamRequired("SharedWith")) + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) } - if s.SharedWith != nil && len(*s.SharedWith) < 12 { - invalidParams.Add(request.NewErrParamMinLen("SharedWith", 12)) + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -6991,40 +10294,39 @@ func (s *CreateWorkloadShareInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *CreateWorkloadShareInput) SetClientRequestToken(v string) *CreateWorkloadShareInput { - s.ClientRequestToken = &v - return s -} - -// SetPermissionType sets the PermissionType field's value. -func (s *CreateWorkloadShareInput) SetPermissionType(v string) *CreateWorkloadShareInput { - s.PermissionType = &v +// SetLensAlias sets the LensAlias field's value. +func (s *GetLensReviewInput) SetLensAlias(v string) *GetLensReviewInput { + s.LensAlias = &v return s } -// SetSharedWith sets the SharedWith field's value. -func (s *CreateWorkloadShareInput) SetSharedWith(v string) *CreateWorkloadShareInput { - s.SharedWith = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetLensReviewInput) SetMilestoneNumber(v int64) *GetLensReviewInput { + s.MilestoneNumber = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *CreateWorkloadShareInput) SetWorkloadId(v string) *CreateWorkloadShareInput { +func (s *GetLensReviewInput) SetWorkloadId(v string) *GetLensReviewInput { s.WorkloadId = &v return s } -// Input for Create Workload Share -type CreateWorkloadShareOutput struct { +// Output of a get lens review call. +type GetLensReviewOutput struct { _ struct{} `type:"structure"` - // The ID associated with the workload share. - ShareId *string `type:"string"` + // A lens review of a question. + LensReview *LensReview `type:"structure"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -7032,7 +10334,7 @@ type CreateWorkloadShareOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadShareOutput) String() string { +func (s GetLensReviewOutput) String() string { return awsutil.Prettify(s) } @@ -7041,39 +10343,32 @@ func (s CreateWorkloadShareOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkloadShareOutput) GoString() string { +func (s GetLensReviewOutput) GoString() string { return s.String() } -// SetShareId sets the ShareId field's value. -func (s *CreateWorkloadShareOutput) SetShareId(v string) *CreateWorkloadShareOutput { - s.ShareId = &v +// SetLensReview sets the LensReview field's value. +func (s *GetLensReviewOutput) SetLensReview(v *LensReview) *GetLensReviewOutput { + s.LensReview = v + return s +} + +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetLensReviewOutput) SetMilestoneNumber(v int64) *GetLensReviewOutput { + s.MilestoneNumber = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *CreateWorkloadShareOutput) SetWorkloadId(v string) *CreateWorkloadShareOutput { +func (s *GetLensReviewOutput) SetWorkloadId(v string) *GetLensReviewOutput { s.WorkloadId = &v return s } -type DeleteLensInput struct { +// Input to get lens review report. +type GetLensReviewReportInput struct { _ struct{} `type:"structure" nopayload:"true"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" type:"string" idempotencyToken:"true"` - // The alias of the lens. // // For Amazon Web Services official lenses, this is either the lens alias, such @@ -7088,10 +10383,16 @@ type DeleteLensInput struct { // LensAlias is a required field LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The status of the lens to be deleted. + // The milestone number. // - // LensStatus is a required field - LensStatus *string `location:"querystring" locationName:"LensStatus" type:"string" required:"true" enum:"LensStatusType"` + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -7099,7 +10400,7 @@ type DeleteLensInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensInput) String() string { +func (s GetLensReviewReportInput) String() string { return awsutil.Prettify(s) } @@ -7108,21 +10409,27 @@ func (s DeleteLensInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensInput) GoString() string { +func (s GetLensReviewReportInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteLensInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteLensInput"} +func (s *GetLensReviewReportInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLensReviewReportInput"} if s.LensAlias == nil { invalidParams.Add(request.NewErrParamRequired("LensAlias")) } if s.LensAlias != nil && len(*s.LensAlias) < 1 { invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) } - if s.LensStatus == nil { - invalidParams.Add(request.NewErrParamRequired("LensStatus")) + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -7131,26 +10438,39 @@ func (s *DeleteLensInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *DeleteLensInput) SetClientRequestToken(v string) *DeleteLensInput { - s.ClientRequestToken = &v +// SetLensAlias sets the LensAlias field's value. +func (s *GetLensReviewReportInput) SetLensAlias(v string) *GetLensReviewReportInput { + s.LensAlias = &v return s } -// SetLensAlias sets the LensAlias field's value. -func (s *DeleteLensInput) SetLensAlias(v string) *DeleteLensInput { - s.LensAlias = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetLensReviewReportInput) SetMilestoneNumber(v int64) *GetLensReviewReportInput { + s.MilestoneNumber = &v return s } -// SetLensStatus sets the LensStatus field's value. -func (s *DeleteLensInput) SetLensStatus(v string) *DeleteLensInput { - s.LensStatus = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *GetLensReviewReportInput) SetWorkloadId(v string) *GetLensReviewReportInput { + s.WorkloadId = &v return s } -type DeleteLensOutput struct { - _ struct{} `type:"structure"` +// Output of a get lens review report call. +type GetLensReviewReportOutput struct { + _ struct{} `type:"structure"` + + // A report of a lens review. + LensReviewReport *LensReviewReport `type:"structure"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -7158,7 +10478,7 @@ type DeleteLensOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensOutput) String() string { +func (s GetLensReviewReportOutput) String() string { return awsutil.Prettify(s) } @@ -7167,26 +10487,33 @@ func (s DeleteLensOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensOutput) GoString() string { +func (s GetLensReviewReportOutput) GoString() string { return s.String() } -type DeleteLensShareInput struct { +// SetLensReviewReport sets the LensReviewReport field's value. +func (s *GetLensReviewReportOutput) SetLensReviewReport(v *LensReviewReport) *GetLensReviewReportOutput { + s.LensReviewReport = v + return s +} + +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetLensReviewReportOutput) SetMilestoneNumber(v int64) *GetLensReviewReportOutput { + s.MilestoneNumber = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *GetLensReviewReportOutput) SetWorkloadId(v string) *GetLensReviewReportOutput { + s.WorkloadId = &v + return s +} + +type GetLensVersionDifferenceInput struct { _ struct{} `type:"structure" nopayload:"true"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" type:"string" idempotencyToken:"true"` + // The base version of the lens. + BaseLensVersion *string `location:"querystring" locationName:"BaseLensVersion" min:"1" type:"string"` // The alias of the lens. // @@ -7202,10 +10529,8 @@ type DeleteLensShareInput struct { // LensAlias is a required field LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The ID associated with the workload share. - // - // ShareId is a required field - ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` + // The lens version to target a difference for. + TargetLensVersion *string `location:"querystring" locationName:"TargetLensVersion" min:"1" type:"string"` } // String returns the string representation. @@ -7213,7 +10538,7 @@ type DeleteLensShareInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensShareInput) String() string { +func (s GetLensVersionDifferenceInput) String() string { return awsutil.Prettify(s) } @@ -7222,24 +10547,24 @@ func (s DeleteLensShareInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensShareInput) GoString() string { +func (s GetLensVersionDifferenceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteLensShareInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteLensShareInput"} +func (s *GetLensVersionDifferenceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLensVersionDifferenceInput"} + if s.BaseLensVersion != nil && len(*s.BaseLensVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("BaseLensVersion", 1)) + } if s.LensAlias == nil { invalidParams.Add(request.NewErrParamRequired("LensAlias")) } if s.LensAlias != nil && len(*s.LensAlias) < 1 { invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) } - if s.ShareId == nil { - invalidParams.Add(request.NewErrParamRequired("ShareId")) - } - if s.ShareId != nil && len(*s.ShareId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ShareId", 1)) + if s.TargetLensVersion != nil && len(*s.TargetLensVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetLensVersion", 1)) } if invalidParams.Len() > 0 { @@ -7248,26 +10573,53 @@ func (s *DeleteLensShareInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *DeleteLensShareInput) SetClientRequestToken(v string) *DeleteLensShareInput { - s.ClientRequestToken = &v +// SetBaseLensVersion sets the BaseLensVersion field's value. +func (s *GetLensVersionDifferenceInput) SetBaseLensVersion(v string) *GetLensVersionDifferenceInput { + s.BaseLensVersion = &v return s } // SetLensAlias sets the LensAlias field's value. -func (s *DeleteLensShareInput) SetLensAlias(v string) *DeleteLensShareInput { +func (s *GetLensVersionDifferenceInput) SetLensAlias(v string) *GetLensVersionDifferenceInput { s.LensAlias = &v return s } -// SetShareId sets the ShareId field's value. -func (s *DeleteLensShareInput) SetShareId(v string) *DeleteLensShareInput { - s.ShareId = &v +// SetTargetLensVersion sets the TargetLensVersion field's value. +func (s *GetLensVersionDifferenceInput) SetTargetLensVersion(v string) *GetLensVersionDifferenceInput { + s.TargetLensVersion = &v return s } -type DeleteLensShareOutput struct { +type GetLensVersionDifferenceOutput struct { _ struct{} `type:"structure"` + + // The base version of the lens. + BaseLensVersion *string `min:"1" type:"string"` + + // The latest version of the lens. + LatestLensVersion *string `min:"1" type:"string"` + + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + LensAlias *string `min:"1" type:"string"` + + // The ARN for the lens. + LensArn *string `type:"string"` + + // The target lens version for the lens. + TargetLensVersion *string `min:"1" type:"string"` + + // The differences between the base and latest versions of the lens. + VersionDifferences *VersionDifferences `type:"structure"` } // String returns the string representation. @@ -7275,7 +10627,7 @@ type DeleteLensShareOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensShareOutput) String() string { +func (s GetLensVersionDifferenceOutput) String() string { return awsutil.Prettify(s) } @@ -7284,33 +10636,62 @@ func (s DeleteLensShareOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLensShareOutput) GoString() string { +func (s GetLensVersionDifferenceOutput) GoString() string { return s.String() } -// Input for workload deletion. -type DeleteWorkloadInput struct { +// SetBaseLensVersion sets the BaseLensVersion field's value. +func (s *GetLensVersionDifferenceOutput) SetBaseLensVersion(v string) *GetLensVersionDifferenceOutput { + s.BaseLensVersion = &v + return s +} + +// SetLatestLensVersion sets the LatestLensVersion field's value. +func (s *GetLensVersionDifferenceOutput) SetLatestLensVersion(v string) *GetLensVersionDifferenceOutput { + s.LatestLensVersion = &v + return s +} + +// SetLensAlias sets the LensAlias field's value. +func (s *GetLensVersionDifferenceOutput) SetLensAlias(v string) *GetLensVersionDifferenceOutput { + s.LensAlias = &v + return s +} + +// SetLensArn sets the LensArn field's value. +func (s *GetLensVersionDifferenceOutput) SetLensArn(v string) *GetLensVersionDifferenceOutput { + s.LensArn = &v + return s +} + +// SetTargetLensVersion sets the TargetLensVersion field's value. +func (s *GetLensVersionDifferenceOutput) SetTargetLensVersion(v string) *GetLensVersionDifferenceOutput { + s.TargetLensVersion = &v + return s +} + +// SetVersionDifferences sets the VersionDifferences field's value. +func (s *GetLensVersionDifferenceOutput) SetVersionDifferences(v *VersionDifferences) *GetLensVersionDifferenceOutput { + s.VersionDifferences = v + return s +} + +// Input to get a milestone. +type GetMilestoneInput struct { _ struct{} `type:"structure" nopayload:"true"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). + // The milestone number. // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. + // A workload can have a maximum of 100 milestones. // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" type:"string" idempotencyToken:"true"` + // MilestoneNumber is a required field + MilestoneNumber *int64 `location:"uri" locationName:"MilestoneNumber" min:"1" type:"integer" required:"true"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -7318,7 +10699,7 @@ type DeleteWorkloadInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadInput) String() string { +func (s GetMilestoneInput) String() string { return awsutil.Prettify(s) } @@ -7327,18 +10708,24 @@ func (s DeleteWorkloadInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadInput) GoString() string { +func (s GetMilestoneInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteWorkloadInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteWorkloadInput"} +func (s *GetMilestoneInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetMilestoneInput"} + if s.MilestoneNumber == nil { + invalidParams.Add(request.NewErrParamRequired("MilestoneNumber")) + } + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) + } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -7347,20 +10734,28 @@ func (s *DeleteWorkloadInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *DeleteWorkloadInput) SetClientRequestToken(v string) *DeleteWorkloadInput { - s.ClientRequestToken = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *GetMilestoneInput) SetMilestoneNumber(v int64) *GetMilestoneInput { + s.MilestoneNumber = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *DeleteWorkloadInput) SetWorkloadId(v string) *DeleteWorkloadInput { +func (s *GetMilestoneInput) SetWorkloadId(v string) *GetMilestoneInput { s.WorkloadId = &v return s } -type DeleteWorkloadOutput struct { +// Output of a get milestone call. +type GetMilestoneOutput struct { _ struct{} `type:"structure"` + + // A milestone return object. + Milestone *Milestone `type:"structure"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -7368,7 +10763,7 @@ type DeleteWorkloadOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadOutput) String() string { +func (s GetMilestoneOutput) String() string { return awsutil.Prettify(s) } @@ -7377,38 +10772,32 @@ func (s DeleteWorkloadOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadOutput) GoString() string { +func (s GetMilestoneOutput) GoString() string { return s.String() } -// Input for Delete Workload Share -type DeleteWorkloadShareInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// SetMilestone sets the Milestone field's value. +func (s *GetMilestoneOutput) SetMilestone(v *Milestone) *GetMilestoneOutput { + s.Milestone = v + return s +} - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. - // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `location:"querystring" locationName:"ClientRequestToken" type:"string" idempotencyToken:"true"` +// SetWorkloadId sets the WorkloadId field's value. +func (s *GetMilestoneOutput) SetWorkloadId(v string) *GetMilestoneOutput { + s.WorkloadId = &v + return s +} - // The ID associated with the workload share. - // - // ShareId is a required field - ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` +type GetProfileInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. + // The profile ARN. // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` + + // The profile version. + ProfileVersion *string `location:"querystring" locationName:"ProfileVersion" min:"1" type:"string"` } // String returns the string representation. @@ -7416,7 +10805,7 @@ type DeleteWorkloadShareInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadShareInput) String() string { +func (s GetProfileInput) String() string { return awsutil.Prettify(s) } @@ -7425,52 +10814,46 @@ func (s DeleteWorkloadShareInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadShareInput) GoString() string { +func (s GetProfileInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteWorkloadShareInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteWorkloadShareInput"} - if s.ShareId == nil { - invalidParams.Add(request.NewErrParamRequired("ShareId")) - } - if s.ShareId != nil && len(*s.ShareId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ShareId", 1)) +func (s *GetProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetProfileInput"} + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams + if s.ProfileVersion != nil && len(*s.ProfileVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileVersion", 1)) } - return nil -} -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *DeleteWorkloadShareInput) SetClientRequestToken(v string) *DeleteWorkloadShareInput { - s.ClientRequestToken = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetShareId sets the ShareId field's value. -func (s *DeleteWorkloadShareInput) SetShareId(v string) *DeleteWorkloadShareInput { - s.ShareId = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *GetProfileInput) SetProfileArn(v string) *GetProfileInput { + s.ProfileArn = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *DeleteWorkloadShareInput) SetWorkloadId(v string) *DeleteWorkloadShareInput { - s.WorkloadId = &v +// SetProfileVersion sets the ProfileVersion field's value. +func (s *GetProfileInput) SetProfileVersion(v string) *GetProfileInput { + s.ProfileVersion = &v return s } -type DeleteWorkloadShareOutput struct { +type GetProfileOutput struct { _ struct{} `type:"structure"` + + // The profile. + Profile *Profile `type:"structure"` } // String returns the string representation. @@ -7478,7 +10861,7 @@ type DeleteWorkloadShareOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadShareOutput) String() string { +func (s GetProfileOutput) String() string { return awsutil.Prettify(s) } @@ -7487,27 +10870,18 @@ func (s DeleteWorkloadShareOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkloadShareOutput) GoString() string { +func (s GetProfileOutput) GoString() string { return s.String() } -// Input to disassociate lens reviews. -type DisassociateLensesInput struct { - _ struct{} `type:"structure"` - - // List of lens aliases to associate or disassociate with a workload. Up to - // 10 lenses can be specified. - // - // Identify a lens using its LensSummary$LensAlias. - // - // LensAliases is a required field - LensAliases []*string `min:"1" type:"list" required:"true"` +// SetProfile sets the Profile field's value. +func (s *GetProfileOutput) SetProfile(v *Profile) *GetProfileOutput { + s.Profile = v + return s +} - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` +type GetProfileTemplateInput struct { + _ struct{} `type:"structure" nopayload:"true"` } // String returns the string representation. @@ -7515,7 +10889,7 @@ type DisassociateLensesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateLensesInput) String() string { +func (s GetProfileTemplateInput) String() string { return awsutil.Prettify(s) } @@ -7524,46 +10898,15 @@ func (s DisassociateLensesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateLensesInput) GoString() string { +func (s GetProfileTemplateInput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DisassociateLensesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DisassociateLensesInput"} - if s.LensAliases == nil { - invalidParams.Add(request.NewErrParamRequired("LensAliases")) - } - if s.LensAliases != nil && len(s.LensAliases) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAliases", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetLensAliases sets the LensAliases field's value. -func (s *DisassociateLensesInput) SetLensAliases(v []*string) *DisassociateLensesInput { - s.LensAliases = v - return s -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *DisassociateLensesInput) SetWorkloadId(v string) *DisassociateLensesInput { - s.WorkloadId = &v - return s -} - -type DisassociateLensesOutput struct { +type GetProfileTemplateOutput struct { _ struct{} `type:"structure"` + + // The profile template. + ProfileTemplate *ProfileTemplate `type:"structure"` } // String returns the string representation. @@ -7571,7 +10914,7 @@ type DisassociateLensesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateLensesOutput) String() string { +func (s GetProfileTemplateOutput) String() string { return awsutil.Prettify(s) } @@ -7580,29 +10923,25 @@ func (s DisassociateLensesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateLensesOutput) GoString() string { +func (s GetProfileTemplateOutput) GoString() string { return s.String() } -type ExportLensInput struct { +// SetProfileTemplate sets the ProfileTemplate field's value. +func (s *GetProfileTemplateOutput) SetProfileTemplate(v *ProfileTemplate) *GetProfileTemplateOutput { + s.ProfileTemplate = v + return s +} + +// Input to get a workload. +type GetWorkloadInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - - // The lens version to be exported. - LensVersion *string `location:"querystring" locationName:"LensVersion" min:"1" type:"string"` + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -7610,7 +10949,7 @@ type ExportLensInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportLensInput) String() string { +func (s GetWorkloadInput) String() string { return awsutil.Prettify(s) } @@ -7619,21 +10958,18 @@ func (s ExportLensInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportLensInput) GoString() string { +func (s GetWorkloadInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ExportLensInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ExportLensInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) +func (s *GetWorkloadInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetWorkloadInput"} + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.LensVersion != nil && len(*s.LensVersion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensVersion", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -7642,23 +10978,18 @@ func (s *ExportLensInput) Validate() error { return nil } -// SetLensAlias sets the LensAlias field's value. -func (s *ExportLensInput) SetLensAlias(v string) *ExportLensInput { - s.LensAlias = &v - return s -} - -// SetLensVersion sets the LensVersion field's value. -func (s *ExportLensInput) SetLensVersion(v string) *ExportLensInput { - s.LensVersion = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *GetWorkloadInput) SetWorkloadId(v string) *GetWorkloadInput { + s.WorkloadId = &v return s } -type ExportLensOutput struct { +// Output of a get workload call. +type GetWorkloadOutput struct { _ struct{} `type:"structure"` - // The JSON representation of a lens. - LensJSON *string `min:"2" type:"string"` + // A workload return object. + Workload *Workload `type:"structure"` } // String returns the string representation. @@ -7666,7 +10997,7 @@ type ExportLensOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportLensOutput) String() string { +func (s GetWorkloadOutput) String() string { return awsutil.Prettify(s) } @@ -7675,19 +11006,37 @@ func (s ExportLensOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportLensOutput) GoString() string { +func (s GetWorkloadOutput) GoString() string { return s.String() } -// SetLensJSON sets the LensJSON field's value. -func (s *ExportLensOutput) SetLensJSON(v string) *ExportLensOutput { - s.LensJSON = &v +// SetWorkload sets the Workload field's value. +func (s *GetWorkloadOutput) SetWorkload(v *Workload) *GetWorkloadOutput { + s.Workload = v return s } -// Input to get answer. -type GetAnswerInput struct { - _ struct{} `type:"structure" nopayload:"true"` +type ImportLensInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The JSON representation of a lens. + // + // JSONString is a required field + JSONString *string `min:"2" type:"string" required:"true"` // The alias of the lens. // @@ -7699,25 +11048,10 @@ type GetAnswerInput struct { // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` - - // The ID of the question. - // - // QuestionId is a required field - QuestionId *string `location:"uri" locationName:"QuestionId" min:"1" type:"string" required:"true"` + LensAlias *string `min:"1" type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // Tags to associate to a lens. + Tags map[string]*string `min:"1" type:"map"` } // String returns the string representation. @@ -7725,7 +11059,7 @@ type GetAnswerInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetAnswerInput) String() string { +func (s ImportLensInput) String() string { return awsutil.Prettify(s) } @@ -7734,33 +11068,27 @@ func (s GetAnswerInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetAnswerInput) GoString() string { +func (s ImportLensInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *GetAnswerInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetAnswerInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) +func (s *ImportLensInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ImportLensInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) } - if s.QuestionId == nil { - invalidParams.Add(request.NewErrParamRequired("QuestionId")) + if s.JSONString == nil { + invalidParams.Add(request.NewErrParamRequired("JSONString")) } - if s.QuestionId != nil && len(*s.QuestionId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) + if s.JSONString != nil && len(*s.JSONString) < 2 { + invalidParams.Add(request.NewErrParamMinLen("JSONString", 2)) } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) } if invalidParams.Len() > 0 { @@ -7769,60 +11097,38 @@ func (s *GetAnswerInput) Validate() error { return nil } -// SetLensAlias sets the LensAlias field's value. -func (s *GetAnswerInput) SetLensAlias(v string) *GetAnswerInput { - s.LensAlias = &v +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *ImportLensInput) SetClientRequestToken(v string) *ImportLensInput { + s.ClientRequestToken = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetAnswerInput) SetMilestoneNumber(v int64) *GetAnswerInput { - s.MilestoneNumber = &v +// SetJSONString sets the JSONString field's value. +func (s *ImportLensInput) SetJSONString(v string) *ImportLensInput { + s.JSONString = &v return s } -// SetQuestionId sets the QuestionId field's value. -func (s *GetAnswerInput) SetQuestionId(v string) *GetAnswerInput { - s.QuestionId = &v +// SetLensAlias sets the LensAlias field's value. +func (s *ImportLensInput) SetLensAlias(v string) *ImportLensInput { + s.LensAlias = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetAnswerInput) SetWorkloadId(v string) *GetAnswerInput { - s.WorkloadId = &v +// SetTags sets the Tags field's value. +func (s *ImportLensInput) SetTags(v map[string]*string) *ImportLensInput { + s.Tags = v return s } -// Output of a get answer call. -type GetAnswerOutput struct { - _ struct{} `type:"structure"` - - // An answer of the question. - Answer *Answer `type:"structure"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` +type ImportLensOutput struct { + _ struct{} `type:"structure"` - // The ARN for the lens. + // The ARN for the lens that was created or updated. LensArn *string `type:"string"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` - - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // The status of the imported lens. + Status *string `type:"string" enum:"ImportLensStatus"` } // String returns the string representation. @@ -7830,7 +11136,7 @@ type GetAnswerOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetAnswerOutput) String() string { +func (s ImportLensOutput) String() string { return awsutil.Prettify(s) } @@ -7839,58 +11145,50 @@ func (s GetAnswerOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetAnswerOutput) GoString() string { +func (s ImportLensOutput) GoString() string { return s.String() } -// SetAnswer sets the Answer field's value. -func (s *GetAnswerOutput) SetAnswer(v *Answer) *GetAnswerOutput { - s.Answer = v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *GetAnswerOutput) SetLensAlias(v string) *GetAnswerOutput { - s.LensAlias = &v - return s -} - // SetLensArn sets the LensArn field's value. -func (s *GetAnswerOutput) SetLensArn(v string) *GetAnswerOutput { +func (s *ImportLensOutput) SetLensArn(v string) *ImportLensOutput { s.LensArn = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetAnswerOutput) SetMilestoneNumber(v int64) *GetAnswerOutput { - s.MilestoneNumber = &v - return s -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetAnswerOutput) SetWorkloadId(v string) *GetAnswerOutput { - s.WorkloadId = &v +// SetStatus sets the Status field's value. +func (s *ImportLensOutput) SetStatus(v string) *ImportLensOutput { + s.Status = &v return s } -type GetConsolidatedReportInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// An improvement summary of a lens review in a workload. +type ImprovementSummary struct { + _ struct{} `type:"structure"` - // The format of the consolidated report. + // The improvement plan URL for a question in an Amazon Web Services official + // lenses. // - // For PDF, Base64String is returned. For JSON, Metrics is returned. + // This value is only available if the question has been answered. // - // Format is a required field - Format *string `location:"querystring" locationName:"Format" type:"string" required:"true" enum:"ReportFormat"` + // This value does not apply to custom lenses. + ImprovementPlanUrl *string `min:"1" type:"string"` - // Set to true to have shared resources included in the report. - IncludeSharedResources *bool `location:"querystring" locationName:"IncludeSharedResources" type:"boolean"` + // The improvement plan details. + ImprovementPlans []*ChoiceImprovementPlan `type:"list"` - // The maximum number of results to return for this request. - MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` - // The token to use to retrieve the next set of results. - NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // The title of the question. + QuestionTitle *string `min:"1" type:"string"` + + // The risk for a given workload, lens review, pillar, or question. + Risk *string `type:"string" enum:"Risk"` } // String returns the string representation. @@ -7898,7 +11196,7 @@ type GetConsolidatedReportInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetConsolidatedReportInput) String() string { +func (s ImprovementSummary) String() string { return awsutil.Prettify(s) } @@ -7907,67 +11205,53 @@ func (s GetConsolidatedReportInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetConsolidatedReportInput) GoString() string { +func (s ImprovementSummary) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetConsolidatedReportInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetConsolidatedReportInput"} - if s.Format == nil { - invalidParams.Add(request.NewErrParamRequired("Format")) - } - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. +func (s *ImprovementSummary) SetImprovementPlanUrl(v string) *ImprovementSummary { + s.ImprovementPlanUrl = &v + return s } -// SetFormat sets the Format field's value. -func (s *GetConsolidatedReportInput) SetFormat(v string) *GetConsolidatedReportInput { - s.Format = &v +// SetImprovementPlans sets the ImprovementPlans field's value. +func (s *ImprovementSummary) SetImprovementPlans(v []*ChoiceImprovementPlan) *ImprovementSummary { + s.ImprovementPlans = v return s } -// SetIncludeSharedResources sets the IncludeSharedResources field's value. -func (s *GetConsolidatedReportInput) SetIncludeSharedResources(v bool) *GetConsolidatedReportInput { - s.IncludeSharedResources = &v +// SetPillarId sets the PillarId field's value. +func (s *ImprovementSummary) SetPillarId(v string) *ImprovementSummary { + s.PillarId = &v return s } -// SetMaxResults sets the MaxResults field's value. -func (s *GetConsolidatedReportInput) SetMaxResults(v int64) *GetConsolidatedReportInput { - s.MaxResults = &v +// SetQuestionId sets the QuestionId field's value. +func (s *ImprovementSummary) SetQuestionId(v string) *ImprovementSummary { + s.QuestionId = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *GetConsolidatedReportInput) SetNextToken(v string) *GetConsolidatedReportInput { - s.NextToken = &v +// SetQuestionTitle sets the QuestionTitle field's value. +func (s *ImprovementSummary) SetQuestionTitle(v string) *ImprovementSummary { + s.QuestionTitle = &v return s } -type GetConsolidatedReportOutput struct { - _ struct{} `type:"structure"` - - // The Base64-encoded string representation of a lens review report. - // - // This data can be used to create a PDF file. - // - // Only returned by GetConsolidatedReport when PDF format is requested. - Base64String *string `type:"string"` +// SetRisk sets the Risk field's value. +func (s *ImprovementSummary) SetRisk(v string) *ImprovementSummary { + s.Risk = &v + return s +} - // The metrics that make up the consolidated report. - // - // Only returned when JSON format is requested. - Metrics []*ConsolidatedReportMetric `type:"list"` +// There is a problem with the Well-Architected Tool API service. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // Description of the error. + Message_ *string `locationName:"Message" type:"string"` } // String returns the string representation. @@ -7975,7 +11259,7 @@ type GetConsolidatedReportOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetConsolidatedReportOutput) String() string { +func (s InternalServerException) String() string { return awsutil.Prettify(s) } @@ -7984,47 +11268,72 @@ func (s GetConsolidatedReportOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetConsolidatedReportOutput) GoString() string { +func (s InternalServerException) GoString() string { return s.String() } -// SetBase64String sets the Base64String field's value. -func (s *GetConsolidatedReportOutput) SetBase64String(v string) *GetConsolidatedReportOutput { - s.Base64String = &v - return s +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } } -// SetMetrics sets the Metrics field's value. -func (s *GetConsolidatedReportOutput) SetMetrics(v []*ConsolidatedReportMetric) *GetConsolidatedReportOutput { - s.Metrics = v - return s +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" } -// SetNextToken sets the NextToken field's value. -func (s *GetConsolidatedReportOutput) SetNextToken(v string) *GetConsolidatedReportOutput { - s.NextToken = &v - return s +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" } -type GetLensInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} - // The lens version to be retrieved. - LensVersion *string `location:"querystring" locationName:"LensVersion" min:"1" type:"string"` +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A lens return object. +type Lens struct { + _ struct{} `type:"structure"` + + // The description of the lens. + Description *string `min:"1" type:"string"` + + // The ARN of a lens. + LensArn *string `type:"string"` + + // The version of a lens. + LensVersion *string `min:"1" type:"string"` + + // The full name of the lens. + Name *string `min:"1" type:"string"` + + // The Amazon Web Services account ID that owns the lens. + Owner *string `type:"string"` + + // The ID assigned to the share invitation. + ShareInvitationId *string `type:"string"` + + // The tags assigned to the lens. + Tags map[string]*string `min:"1" type:"map"` } // String returns the string representation. @@ -8032,7 +11341,7 @@ type GetLensInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensInput) String() string { +func (s Lens) String() string { return awsutil.Prettify(s) } @@ -8041,46 +11350,64 @@ func (s GetLensInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensInput) GoString() string { +func (s Lens) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLensInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLensInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } - if s.LensVersion != nil && len(*s.LensVersion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensVersion", 1)) - } +// SetDescription sets the Description field's value. +func (s *Lens) SetDescription(v string) *Lens { + s.Description = &v + return s +} + +// SetLensArn sets the LensArn field's value. +func (s *Lens) SetLensArn(v string) *Lens { + s.LensArn = &v + return s +} + +// SetLensVersion sets the LensVersion field's value. +func (s *Lens) SetLensVersion(v string) *Lens { + s.LensVersion = &v + return s +} + +// SetName sets the Name field's value. +func (s *Lens) SetName(v string) *Lens { + s.Name = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetOwner sets the Owner field's value. +func (s *Lens) SetOwner(v string) *Lens { + s.Owner = &v + return s } -// SetLensAlias sets the LensAlias field's value. -func (s *GetLensInput) SetLensAlias(v string) *GetLensInput { - s.LensAlias = &v +// SetShareInvitationId sets the ShareInvitationId field's value. +func (s *Lens) SetShareInvitationId(v string) *Lens { + s.ShareInvitationId = &v return s } -// SetLensVersion sets the LensVersion field's value. -func (s *GetLensInput) SetLensVersion(v string) *GetLensInput { - s.LensVersion = &v +// SetTags sets the Tags field's value. +func (s *Lens) SetTags(v map[string]*string) *Lens { + s.Tags = v return s } -type GetLensOutput struct { +// A metric for a particular lens in a workload. +type LensMetric struct { _ struct{} `type:"structure"` - // A lens return object. - Lens *Lens `type:"structure"` + // The lens ARN. + LensArn *string `type:"string"` + + // The metrics for the pillars in a lens. + Pillars []*PillarMetric `type:"list"` + + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` } // String returns the string representation. @@ -8088,7 +11415,7 @@ type GetLensOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensOutput) String() string { +func (s LensMetric) String() string { return awsutil.Prettify(s) } @@ -8097,19 +11424,31 @@ func (s GetLensOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensOutput) GoString() string { +func (s LensMetric) GoString() string { return s.String() } -// SetLens sets the Lens field's value. -func (s *GetLensOutput) SetLens(v *Lens) *GetLensOutput { - s.Lens = v +// SetLensArn sets the LensArn field's value. +func (s *LensMetric) SetLensArn(v string) *LensMetric { + s.LensArn = &v return s } -// Input to get lens review. -type GetLensReviewInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// SetPillars sets the Pillars field's value. +func (s *LensMetric) SetPillars(v []*PillarMetric) *LensMetric { + s.Pillars = v + return s +} + +// SetRiskCounts sets the RiskCounts field's value. +func (s *LensMetric) SetRiskCounts(v map[string]*int64) *LensMetric { + s.RiskCounts = v + return s +} + +// A lens review of a question. +type LensReview struct { + _ struct{} `type:"structure"` // The alias of the lens. // @@ -8121,20 +11460,40 @@ type GetLensReviewInput struct { // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + LensAlias *string `min:"1" type:"string"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + // The ARN for the lens. + LensArn *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // The full name of the lens. + LensName *string `min:"1" type:"string"` + + // The status of the lens. + LensStatus *string `type:"string" enum:"LensStatus"` + + // The version of the lens. + LensVersion *string `min:"1" type:"string"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` + + // The notes associated with the workload. + Notes *string `type:"string"` + + // List of pillar review summaries of lens review in a workload. + PillarReviewSummaries []*PillarReviewSummary `type:"list"` + + // A map from risk names to the count of how many questions have that rating. + PrioritizedRiskCounts map[string]*int64 `type:"map"` + + // The profiles associated with the workload. + Profiles []*WorkloadProfile `type:"list"` + + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -8142,7 +11501,7 @@ type GetLensReviewInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewInput) String() string { +func (s LensReview) String() string { return awsutil.Prettify(s) } @@ -8151,68 +11510,107 @@ func (s GetLensReviewInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewInput) GoString() string { +func (s LensReview) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLensReviewInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLensReviewInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } +// SetLensAlias sets the LensAlias field's value. +func (s *LensReview) SetLensAlias(v string) *LensReview { + s.LensAlias = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetLensArn sets the LensArn field's value. +func (s *LensReview) SetLensArn(v string) *LensReview { + s.LensArn = &v + return s } -// SetLensAlias sets the LensAlias field's value. -func (s *GetLensReviewInput) SetLensAlias(v string) *GetLensReviewInput { - s.LensAlias = &v +// SetLensName sets the LensName field's value. +func (s *LensReview) SetLensName(v string) *LensReview { + s.LensName = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetLensReviewInput) SetMilestoneNumber(v int64) *GetLensReviewInput { - s.MilestoneNumber = &v +// SetLensStatus sets the LensStatus field's value. +func (s *LensReview) SetLensStatus(v string) *LensReview { + s.LensStatus = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetLensReviewInput) SetWorkloadId(v string) *GetLensReviewInput { - s.WorkloadId = &v +// SetLensVersion sets the LensVersion field's value. +func (s *LensReview) SetLensVersion(v string) *LensReview { + s.LensVersion = &v return s } -// Output of a get lens review call. -type GetLensReviewOutput struct { +// SetNextToken sets the NextToken field's value. +func (s *LensReview) SetNextToken(v string) *LensReview { + s.NextToken = &v + return s +} + +// SetNotes sets the Notes field's value. +func (s *LensReview) SetNotes(v string) *LensReview { + s.Notes = &v + return s +} + +// SetPillarReviewSummaries sets the PillarReviewSummaries field's value. +func (s *LensReview) SetPillarReviewSummaries(v []*PillarReviewSummary) *LensReview { + s.PillarReviewSummaries = v + return s +} + +// SetPrioritizedRiskCounts sets the PrioritizedRiskCounts field's value. +func (s *LensReview) SetPrioritizedRiskCounts(v map[string]*int64) *LensReview { + s.PrioritizedRiskCounts = v + return s +} + +// SetProfiles sets the Profiles field's value. +func (s *LensReview) SetProfiles(v []*WorkloadProfile) *LensReview { + s.Profiles = v + return s +} + +// SetRiskCounts sets the RiskCounts field's value. +func (s *LensReview) SetRiskCounts(v map[string]*int64) *LensReview { + s.RiskCounts = v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *LensReview) SetUpdatedAt(v time.Time) *LensReview { + s.UpdatedAt = &v + return s +} + +// A report of a lens review. +type LensReviewReport struct { _ struct{} `type:"structure"` - // A lens review of a question. - LensReview *LensReview `type:"structure"` + // The Base64-encoded string representation of a lens review report. + // + // This data can be used to create a PDF file. + // + // Only returned by GetConsolidatedReport when PDF format is requested. + Base64String *string `type:"string"` - // The milestone number. + // The alias of the lens. // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + LensAlias *string `min:"1" type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // The ARN for the lens. + LensArn *string `type:"string"` } // String returns the string representation. @@ -8220,7 +11618,7 @@ type GetLensReviewOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewOutput) String() string { +func (s LensReviewReport) String() string { return awsutil.Prettify(s) } @@ -8229,31 +11627,31 @@ func (s GetLensReviewOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewOutput) GoString() string { +func (s LensReviewReport) GoString() string { return s.String() } -// SetLensReview sets the LensReview field's value. -func (s *GetLensReviewOutput) SetLensReview(v *LensReview) *GetLensReviewOutput { - s.LensReview = v +// SetBase64String sets the Base64String field's value. +func (s *LensReviewReport) SetBase64String(v string) *LensReviewReport { + s.Base64String = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetLensReviewOutput) SetMilestoneNumber(v int64) *GetLensReviewOutput { - s.MilestoneNumber = &v +// SetLensAlias sets the LensAlias field's value. +func (s *LensReviewReport) SetLensAlias(v string) *LensReviewReport { + s.LensAlias = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetLensReviewOutput) SetWorkloadId(v string) *GetLensReviewOutput { - s.WorkloadId = &v +// SetLensArn sets the LensArn field's value. +func (s *LensReviewReport) SetLensArn(v string) *LensReviewReport { + s.LensArn = &v return s } -// Input to get lens review report. -type GetLensReviewReportInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// A lens review summary of a workload. +type LensReviewSummary struct { + _ struct{} `type:"structure"` // The alias of the lens. // @@ -8265,20 +11663,31 @@ type GetLensReviewReportInput struct { // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + LensAlias *string `min:"1" type:"string"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + // The ARN for the lens. + LensArn *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // The full name of the lens. + LensName *string `min:"1" type:"string"` + + // The status of the lens. + LensStatus *string `type:"string" enum:"LensStatus"` + + // The version of the lens. + LensVersion *string `min:"1" type:"string"` + + // A map from risk names to the count of how many questions have that rating. + PrioritizedRiskCounts map[string]*int64 `type:"map"` + + // The profiles associated with the workload. + Profiles []*WorkloadProfile `type:"list"` + + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -8286,7 +11695,7 @@ type GetLensReviewReportInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewReportInput) String() string { +func (s LensReviewSummary) String() string { return awsutil.Prettify(s) } @@ -8295,68 +11704,80 @@ func (s GetLensReviewReportInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewReportInput) GoString() string { +func (s LensReviewSummary) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLensReviewReportInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLensReviewReportInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } +// SetLensAlias sets the LensAlias field's value. +func (s *LensReviewSummary) SetLensAlias(v string) *LensReviewSummary { + s.LensAlias = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetLensArn sets the LensArn field's value. +func (s *LensReviewSummary) SetLensArn(v string) *LensReviewSummary { + s.LensArn = &v + return s } -// SetLensAlias sets the LensAlias field's value. -func (s *GetLensReviewReportInput) SetLensAlias(v string) *GetLensReviewReportInput { - s.LensAlias = &v +// SetLensName sets the LensName field's value. +func (s *LensReviewSummary) SetLensName(v string) *LensReviewSummary { + s.LensName = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetLensReviewReportInput) SetMilestoneNumber(v int64) *GetLensReviewReportInput { - s.MilestoneNumber = &v +// SetLensStatus sets the LensStatus field's value. +func (s *LensReviewSummary) SetLensStatus(v string) *LensReviewSummary { + s.LensStatus = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetLensReviewReportInput) SetWorkloadId(v string) *GetLensReviewReportInput { - s.WorkloadId = &v +// SetLensVersion sets the LensVersion field's value. +func (s *LensReviewSummary) SetLensVersion(v string) *LensReviewSummary { + s.LensVersion = &v return s } -// Output of a get lens review report call. -type GetLensReviewReportOutput struct { +// SetPrioritizedRiskCounts sets the PrioritizedRiskCounts field's value. +func (s *LensReviewSummary) SetPrioritizedRiskCounts(v map[string]*int64) *LensReviewSummary { + s.PrioritizedRiskCounts = v + return s +} + +// SetProfiles sets the Profiles field's value. +func (s *LensReviewSummary) SetProfiles(v []*WorkloadProfile) *LensReviewSummary { + s.Profiles = v + return s +} + +// SetRiskCounts sets the RiskCounts field's value. +func (s *LensReviewSummary) SetRiskCounts(v map[string]*int64) *LensReviewSummary { + s.RiskCounts = v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *LensReviewSummary) SetUpdatedAt(v time.Time) *LensReviewSummary { + s.UpdatedAt = &v + return s +} + +// A lens share summary return object. +type LensShareSummary struct { _ struct{} `type:"structure"` - // A report of a lens review. - LensReviewReport *LensReviewReport `type:"structure"` + // The ID associated with the share. + ShareId *string `type:"string"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload, lens, or profile is shared. + SharedWith *string `min:"12" type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // The status of the share request. + Status *string `type:"string" enum:"ShareStatus"` + + // Optional message to compliment the Status field. + StatusMessage *string `min:"1" type:"string"` } // String returns the string representation. @@ -8364,7 +11785,7 @@ type GetLensReviewReportOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewReportOutput) String() string { +func (s LensShareSummary) String() string { return awsutil.Prettify(s) } @@ -8373,33 +11794,43 @@ func (s GetLensReviewReportOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensReviewReportOutput) GoString() string { +func (s LensShareSummary) GoString() string { return s.String() } -// SetLensReviewReport sets the LensReviewReport field's value. -func (s *GetLensReviewReportOutput) SetLensReviewReport(v *LensReviewReport) *GetLensReviewReportOutput { - s.LensReviewReport = v +// SetShareId sets the ShareId field's value. +func (s *LensShareSummary) SetShareId(v string) *LensShareSummary { + s.ShareId = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetLensReviewReportOutput) SetMilestoneNumber(v int64) *GetLensReviewReportOutput { - s.MilestoneNumber = &v +// SetSharedWith sets the SharedWith field's value. +func (s *LensShareSummary) SetSharedWith(v string) *LensShareSummary { + s.SharedWith = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetLensReviewReportOutput) SetWorkloadId(v string) *GetLensReviewReportOutput { - s.WorkloadId = &v +// SetStatus sets the Status field's value. +func (s *LensShareSummary) SetStatus(v string) *LensShareSummary { + s.Status = &v return s } -type GetLensVersionDifferenceInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// SetStatusMessage sets the StatusMessage field's value. +func (s *LensShareSummary) SetStatusMessage(v string) *LensShareSummary { + s.StatusMessage = &v + return s +} - // The base version of the lens. - BaseLensVersion *string `location:"querystring" locationName:"BaseLensVersion" min:"1" type:"string"` +// A lens summary of a lens. +type LensSummary struct { + _ struct{} `type:"structure"` + + // The date and time recorded. + CreatedAt *time.Time `type:"timestamp"` + + // The description of the lens. + Description *string `min:"1" type:"string"` // The alias of the lens. // @@ -8411,12 +11842,28 @@ type GetLensVersionDifferenceInput struct { // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + LensAlias *string `min:"1" type:"string"` - // The lens version to target a difference for. - TargetLensVersion *string `location:"querystring" locationName:"TargetLensVersion" min:"1" type:"string"` + // The ARN of the lens. + LensArn *string `type:"string"` + + // The full name of the lens. + LensName *string `min:"1" type:"string"` + + // The status of the lens. + LensStatus *string `type:"string" enum:"LensStatus"` + + // The type of the lens. + LensType *string `type:"string" enum:"LensType"` + + // The version of the lens. + LensVersion *string `min:"1" type:"string"` + + // An Amazon Web Services account ID. + Owner *string `min:"12" type:"string"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -8424,7 +11871,7 @@ type GetLensVersionDifferenceInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensVersionDifferenceInput) String() string { +func (s LensSummary) String() string { return awsutil.Prettify(s) } @@ -8433,55 +11880,76 @@ func (s GetLensVersionDifferenceInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensVersionDifferenceInput) GoString() string { +func (s LensSummary) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLensVersionDifferenceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLensVersionDifferenceInput"} - if s.BaseLensVersion != nil && len(*s.BaseLensVersion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("BaseLensVersion", 1)) - } - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } - if s.TargetLensVersion != nil && len(*s.TargetLensVersion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TargetLensVersion", 1)) - } +// SetCreatedAt sets the CreatedAt field's value. +func (s *LensSummary) SetCreatedAt(v time.Time) *LensSummary { + s.CreatedAt = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetDescription sets the Description field's value. +func (s *LensSummary) SetDescription(v string) *LensSummary { + s.Description = &v + return s } -// SetBaseLensVersion sets the BaseLensVersion field's value. -func (s *GetLensVersionDifferenceInput) SetBaseLensVersion(v string) *GetLensVersionDifferenceInput { - s.BaseLensVersion = &v +// SetLensAlias sets the LensAlias field's value. +func (s *LensSummary) SetLensAlias(v string) *LensSummary { + s.LensAlias = &v + return s +} + +// SetLensArn sets the LensArn field's value. +func (s *LensSummary) SetLensArn(v string) *LensSummary { + s.LensArn = &v + return s +} + +// SetLensName sets the LensName field's value. +func (s *LensSummary) SetLensName(v string) *LensSummary { + s.LensName = &v + return s +} + +// SetLensStatus sets the LensStatus field's value. +func (s *LensSummary) SetLensStatus(v string) *LensSummary { + s.LensStatus = &v + return s +} + +// SetLensType sets the LensType field's value. +func (s *LensSummary) SetLensType(v string) *LensSummary { + s.LensType = &v + return s +} + +// SetLensVersion sets the LensVersion field's value. +func (s *LensSummary) SetLensVersion(v string) *LensSummary { + s.LensVersion = &v return s } -// SetLensAlias sets the LensAlias field's value. -func (s *GetLensVersionDifferenceInput) SetLensAlias(v string) *GetLensVersionDifferenceInput { - s.LensAlias = &v +// SetOwner sets the Owner field's value. +func (s *LensSummary) SetOwner(v string) *LensSummary { + s.Owner = &v return s } -// SetTargetLensVersion sets the TargetLensVersion field's value. -func (s *GetLensVersionDifferenceInput) SetTargetLensVersion(v string) *GetLensVersionDifferenceInput { - s.TargetLensVersion = &v +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *LensSummary) SetUpdatedAt(v time.Time) *LensSummary { + s.UpdatedAt = &v return s } -type GetLensVersionDifferenceOutput struct { +// Lens upgrade summary return object. +type LensUpgradeSummary struct { _ struct{} `type:"structure"` - // The base version of the lens. - BaseLensVersion *string `min:"1" type:"string"` + // The current version of the lens. + CurrentLensVersion *string `min:"1" type:"string"` // The latest version of the lens. LatestLensVersion *string `min:"1" type:"string"` @@ -8501,11 +11969,15 @@ type GetLensVersionDifferenceOutput struct { // The ARN for the lens. LensArn *string `type:"string"` - // The target lens version for the lens. - TargetLensVersion *string `min:"1" type:"string"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` - // The differences between the base and latest versions of the lens. - VersionDifferences *VersionDifferences `type:"structure"` + // The name of the workload. + // + // The name must be unique within an account within an Amazon Web Services Region. + // Spaces and capitalization are ignored when checking for uniqueness. + WorkloadName *string `min:"3" type:"string"` } // String returns the string representation. @@ -8513,7 +11985,7 @@ type GetLensVersionDifferenceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensVersionDifferenceOutput) String() string { +func (s LensUpgradeSummary) String() string { return awsutil.Prettify(s) } @@ -8522,62 +11994,88 @@ func (s GetLensVersionDifferenceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLensVersionDifferenceOutput) GoString() string { +func (s LensUpgradeSummary) GoString() string { return s.String() } -// SetBaseLensVersion sets the BaseLensVersion field's value. -func (s *GetLensVersionDifferenceOutput) SetBaseLensVersion(v string) *GetLensVersionDifferenceOutput { - s.BaseLensVersion = &v +// SetCurrentLensVersion sets the CurrentLensVersion field's value. +func (s *LensUpgradeSummary) SetCurrentLensVersion(v string) *LensUpgradeSummary { + s.CurrentLensVersion = &v return s } // SetLatestLensVersion sets the LatestLensVersion field's value. -func (s *GetLensVersionDifferenceOutput) SetLatestLensVersion(v string) *GetLensVersionDifferenceOutput { +func (s *LensUpgradeSummary) SetLatestLensVersion(v string) *LensUpgradeSummary { s.LatestLensVersion = &v return s } // SetLensAlias sets the LensAlias field's value. -func (s *GetLensVersionDifferenceOutput) SetLensAlias(v string) *GetLensVersionDifferenceOutput { +func (s *LensUpgradeSummary) SetLensAlias(v string) *LensUpgradeSummary { s.LensAlias = &v return s } // SetLensArn sets the LensArn field's value. -func (s *GetLensVersionDifferenceOutput) SetLensArn(v string) *GetLensVersionDifferenceOutput { +func (s *LensUpgradeSummary) SetLensArn(v string) *LensUpgradeSummary { s.LensArn = &v return s } -// SetTargetLensVersion sets the TargetLensVersion field's value. -func (s *GetLensVersionDifferenceOutput) SetTargetLensVersion(v string) *GetLensVersionDifferenceOutput { - s.TargetLensVersion = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *LensUpgradeSummary) SetWorkloadId(v string) *LensUpgradeSummary { + s.WorkloadId = &v return s } -// SetVersionDifferences sets the VersionDifferences field's value. -func (s *GetLensVersionDifferenceOutput) SetVersionDifferences(v *VersionDifferences) *GetLensVersionDifferenceOutput { - s.VersionDifferences = v +// SetWorkloadName sets the WorkloadName field's value. +func (s *LensUpgradeSummary) SetWorkloadName(v string) *LensUpgradeSummary { + s.WorkloadName = &v return s } -// Input to get a milestone. -type GetMilestoneInput struct { +// Input to list answers. +type ListAnswersInput struct { _ struct{} `type:"structure" nopayload:"true"` + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + // The milestone number. // // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` + + // The ID used to identify a pillar, for example, security. // - // MilestoneNumber is a required field - MilestoneNumber *int64 `location:"uri" locationName:"MilestoneNumber" min:"1" type:"integer" required:"true"` + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `location:"querystring" locationName:"PillarId" min:"1" type:"string"` + + // The priority of the question. + QuestionPriority *string `location:"querystring" locationName:"QuestionPriority" type:"string" enum:"QuestionPriority"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -8585,7 +12083,7 @@ type GetMilestoneInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetMilestoneInput) String() string { +func (s ListAnswersInput) String() string { return awsutil.Prettify(s) } @@ -8594,24 +12092,33 @@ func (s GetMilestoneInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetMilestoneInput) GoString() string { +func (s ListAnswersInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *GetMilestoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetMilestoneInput"} - if s.MilestoneNumber == nil { - invalidParams.Add(request.NewErrParamRequired("MilestoneNumber")) +func (s *ListAnswersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAnswersInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) } + if s.PillarId != nil && len(*s.PillarId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) + } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -8620,69 +12127,81 @@ func (s *GetMilestoneInput) Validate() error { return nil } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *GetMilestoneInput) SetMilestoneNumber(v int64) *GetMilestoneInput { - s.MilestoneNumber = &v +// SetLensAlias sets the LensAlias field's value. +func (s *ListAnswersInput) SetLensAlias(v string) *ListAnswersInput { + s.LensAlias = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetMilestoneInput) SetWorkloadId(v string) *GetMilestoneInput { - s.WorkloadId = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListAnswersInput) SetMaxResults(v int64) *ListAnswersInput { + s.MaxResults = &v return s } -// Output of a get milestone call. -type GetMilestoneOutput struct { - _ struct{} `type:"structure"` - - // A milestone return object. - Milestone *Milestone `type:"structure"` - - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListAnswersInput) SetMilestoneNumber(v int64) *ListAnswersInput { + s.MilestoneNumber = &v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetMilestoneOutput) String() string { - return awsutil.Prettify(s) +// SetNextToken sets the NextToken field's value. +func (s *ListAnswersInput) SetNextToken(v string) *ListAnswersInput { + s.NextToken = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetMilestoneOutput) GoString() string { - return s.String() +// SetPillarId sets the PillarId field's value. +func (s *ListAnswersInput) SetPillarId(v string) *ListAnswersInput { + s.PillarId = &v + return s } -// SetMilestone sets the Milestone field's value. -func (s *GetMilestoneOutput) SetMilestone(v *Milestone) *GetMilestoneOutput { - s.Milestone = v +// SetQuestionPriority sets the QuestionPriority field's value. +func (s *ListAnswersInput) SetQuestionPriority(v string) *ListAnswersInput { + s.QuestionPriority = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *GetMilestoneOutput) SetWorkloadId(v string) *GetMilestoneOutput { +func (s *ListAnswersInput) SetWorkloadId(v string) *ListAnswersInput { s.WorkloadId = &v return s } -// Input to get a workload. -type GetWorkloadInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// Output of a list answers call. +type ListAnswersOutput struct { + _ struct{} `type:"structure"` + + // List of answer summaries of lens review in a workload. + AnswerSummaries []*AnswerSummary `type:"list"` + + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + LensAlias *string `min:"1" type:"string"` + + // The ARN for the lens. + LensArn *string `type:"string"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -8690,7 +12209,7 @@ type GetWorkloadInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetWorkloadInput) String() string { +func (s ListAnswersOutput) String() string { return awsutil.Prettify(s) } @@ -8699,100 +12218,82 @@ func (s GetWorkloadInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetWorkloadInput) GoString() string { +func (s ListAnswersOutput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetWorkloadInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetWorkloadInput"} - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *GetWorkloadInput) SetWorkloadId(v string) *GetWorkloadInput { - s.WorkloadId = &v +// SetAnswerSummaries sets the AnswerSummaries field's value. +func (s *ListAnswersOutput) SetAnswerSummaries(v []*AnswerSummary) *ListAnswersOutput { + s.AnswerSummaries = v return s } -// Output of a get workload call. -type GetWorkloadOutput struct { - _ struct{} `type:"structure"` - - // A workload return object. - Workload *Workload `type:"structure"` +// SetLensAlias sets the LensAlias field's value. +func (s *ListAnswersOutput) SetLensAlias(v string) *ListAnswersOutput { + s.LensAlias = &v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetWorkloadOutput) String() string { - return awsutil.Prettify(s) +// SetLensArn sets the LensArn field's value. +func (s *ListAnswersOutput) SetLensArn(v string) *ListAnswersOutput { + s.LensArn = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetWorkloadOutput) GoString() string { - return s.String() +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListAnswersOutput) SetMilestoneNumber(v int64) *ListAnswersOutput { + s.MilestoneNumber = &v + return s } -// SetWorkload sets the Workload field's value. -func (s *GetWorkloadOutput) SetWorkload(v *Workload) *GetWorkloadOutput { - s.Workload = v +// SetNextToken sets the NextToken field's value. +func (s *ListAnswersOutput) SetNextToken(v string) *ListAnswersOutput { + s.NextToken = &v return s } -type ImportLensInput struct { +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListAnswersOutput) SetWorkloadId(v string) *ListAnswersOutput { + s.WorkloadId = &v + return s +} + +type ListCheckDetailsInput struct { _ struct{} `type:"structure"` - // A unique case-sensitive string used to ensure that this request is idempotent - // (executes only once). - // - // You should not reuse the same token for other requests. If you retry a request - // with the same client request token and the same parameters after the original - // request has completed successfully, the result of the original request is - // returned. + // The ID of a choice. // - // This token is listed as required, however, if you do not specify it, the - // Amazon Web Services SDKs automatically generate one for you. If you are not - // using the Amazon Web Services SDK or the CLI, you must provide this token - // or the request will fail. - ClientRequestToken *string `type:"string" idempotencyToken:"true"` + // ChoiceId is a required field + ChoiceId *string `min:"1" type:"string" required:"true"` - // The JSON representation of a lens. + // Well-Architected Lens ARN. // - // JSONString is a required field - JSONString *string `min:"2" type:"string" required:"true"` + // LensArn is a required field + LensArn *string `type:"string" required:"true"` - // The alias of the lens. + // The maximum number of results to return for this request. + MaxResults *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` + + // The ID used to identify a pillar, for example, security. // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. + // A pillar is identified by its PillarReviewSummary$PillarId. // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // PillarId is a required field + PillarId *string `min:"1" type:"string" required:"true"` + + // The ID of the question. // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` + // QuestionId is a required field + QuestionId *string `min:"1" type:"string" required:"true"` - // Tags to associate to a lens. - Tags map[string]*string `min:"1" type:"map"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -8800,7 +12301,7 @@ type ImportLensInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ImportLensInput) String() string { +func (s ListCheckDetailsInput) String() string { return awsutil.Prettify(s) } @@ -8809,24 +12310,42 @@ func (s ImportLensInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ImportLensInput) GoString() string { +func (s ListCheckDetailsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ImportLensInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ImportLensInput"} - if s.JSONString == nil { - invalidParams.Add(request.NewErrParamRequired("JSONString")) +func (s *ListCheckDetailsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListCheckDetailsInput"} + if s.ChoiceId == nil { + invalidParams.Add(request.NewErrParamRequired("ChoiceId")) } - if s.JSONString != nil && len(*s.JSONString) < 2 { - invalidParams.Add(request.NewErrParamMinLen("JSONString", 2)) + if s.ChoiceId != nil && len(*s.ChoiceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ChoiceId", 1)) } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + if s.LensArn == nil { + invalidParams.Add(request.NewErrParamRequired("LensArn")) } - if s.Tags != nil && len(s.Tags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.PillarId == nil { + invalidParams.Add(request.NewErrParamRequired("PillarId")) + } + if s.PillarId != nil && len(*s.PillarId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) + } + if s.QuestionId == nil { + invalidParams.Add(request.NewErrParamRequired("QuestionId")) + } + if s.QuestionId != nil && len(*s.QuestionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -8835,38 +12354,57 @@ func (s *ImportLensInput) Validate() error { return nil } -// SetClientRequestToken sets the ClientRequestToken field's value. -func (s *ImportLensInput) SetClientRequestToken(v string) *ImportLensInput { - s.ClientRequestToken = &v +// SetChoiceId sets the ChoiceId field's value. +func (s *ListCheckDetailsInput) SetChoiceId(v string) *ListCheckDetailsInput { + s.ChoiceId = &v return s } -// SetJSONString sets the JSONString field's value. -func (s *ImportLensInput) SetJSONString(v string) *ImportLensInput { - s.JSONString = &v +// SetLensArn sets the LensArn field's value. +func (s *ListCheckDetailsInput) SetLensArn(v string) *ListCheckDetailsInput { + s.LensArn = &v return s } -// SetLensAlias sets the LensAlias field's value. -func (s *ImportLensInput) SetLensAlias(v string) *ImportLensInput { - s.LensAlias = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListCheckDetailsInput) SetMaxResults(v int64) *ListCheckDetailsInput { + s.MaxResults = &v return s } -// SetTags sets the Tags field's value. -func (s *ImportLensInput) SetTags(v map[string]*string) *ImportLensInput { - s.Tags = v +// SetNextToken sets the NextToken field's value. +func (s *ListCheckDetailsInput) SetNextToken(v string) *ListCheckDetailsInput { + s.NextToken = &v return s } -type ImportLensOutput struct { +// SetPillarId sets the PillarId field's value. +func (s *ListCheckDetailsInput) SetPillarId(v string) *ListCheckDetailsInput { + s.PillarId = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *ListCheckDetailsInput) SetQuestionId(v string) *ListCheckDetailsInput { + s.QuestionId = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListCheckDetailsInput) SetWorkloadId(v string) *ListCheckDetailsInput { + s.WorkloadId = &v + return s +} + +type ListCheckDetailsOutput struct { _ struct{} `type:"structure"` - // The ARN for the lens that was created or updated. - LensArn *string `type:"string"` + // The details about the Trusted Advisor checks related to the Well-Architected + // best practice. + CheckDetails []*CheckDetail `type:"list"` - // The status of the imported lens. - Status *string `type:"string" enum:"ImportLensStatus"` + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` } // String returns the string representation. @@ -8874,7 +12412,7 @@ type ImportLensOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ImportLensOutput) String() string { +func (s ListCheckDetailsOutput) String() string { return awsutil.Prettify(s) } @@ -8883,113 +12421,168 @@ func (s ImportLensOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ImportLensOutput) GoString() string { +func (s ListCheckDetailsOutput) GoString() string { return s.String() } -// SetLensArn sets the LensArn field's value. -func (s *ImportLensOutput) SetLensArn(v string) *ImportLensOutput { - s.LensArn = &v +// SetCheckDetails sets the CheckDetails field's value. +func (s *ListCheckDetailsOutput) SetCheckDetails(v []*CheckDetail) *ListCheckDetailsOutput { + s.CheckDetails = v return s } -// SetStatus sets the Status field's value. -func (s *ImportLensOutput) SetStatus(v string) *ImportLensOutput { - s.Status = &v +// SetNextToken sets the NextToken field's value. +func (s *ListCheckDetailsOutput) SetNextToken(v string) *ListCheckDetailsOutput { + s.NextToken = &v return s } -// An improvement summary of a lens review in a workload. -type ImprovementSummary struct { +type ListCheckSummariesInput struct { _ struct{} `type:"structure"` - // The improvement plan URL for a question in an Amazon Web Services official - // lenses. + // The ID of a choice. // - // This value is only available if the question has been answered. + // ChoiceId is a required field + ChoiceId *string `min:"1" type:"string" required:"true"` + + // Well-Architected Lens ARN. // - // This value does not apply to custom lenses. - ImprovementPlanUrl *string `min:"1" type:"string"` + // LensArn is a required field + LensArn *string `type:"string" required:"true"` - // The improvement plan details. - ImprovementPlans []*ChoiceImprovementPlan `type:"list"` + // The maximum number of results to return for this request. + MaxResults *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` // The ID used to identify a pillar, for example, security. // // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` + // + // PillarId is a required field + PillarId *string `min:"1" type:"string" required:"true"` // The ID of the question. - QuestionId *string `min:"1" type:"string"` + // + // QuestionId is a required field + QuestionId *string `min:"1" type:"string" required:"true"` - // The title of the question. - QuestionTitle *string `min:"1" type:"string"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListCheckSummariesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListCheckSummariesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListCheckSummariesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListCheckSummariesInput"} + if s.ChoiceId == nil { + invalidParams.Add(request.NewErrParamRequired("ChoiceId")) + } + if s.ChoiceId != nil && len(*s.ChoiceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ChoiceId", 1)) + } + if s.LensArn == nil { + invalidParams.Add(request.NewErrParamRequired("LensArn")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.PillarId == nil { + invalidParams.Add(request.NewErrParamRequired("PillarId")) + } + if s.PillarId != nil && len(*s.PillarId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) + } + if s.QuestionId == nil { + invalidParams.Add(request.NewErrParamRequired("QuestionId")) + } + if s.QuestionId != nil && len(*s.QuestionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } - // The risk for a given workload, lens review, pillar, or question. - Risk *string `type:"string" enum:"Risk"` + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ImprovementSummary) String() string { - return awsutil.Prettify(s) +// SetChoiceId sets the ChoiceId field's value. +func (s *ListCheckSummariesInput) SetChoiceId(v string) *ListCheckSummariesInput { + s.ChoiceId = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ImprovementSummary) GoString() string { - return s.String() +// SetLensArn sets the LensArn field's value. +func (s *ListCheckSummariesInput) SetLensArn(v string) *ListCheckSummariesInput { + s.LensArn = &v + return s } -// SetImprovementPlanUrl sets the ImprovementPlanUrl field's value. -func (s *ImprovementSummary) SetImprovementPlanUrl(v string) *ImprovementSummary { - s.ImprovementPlanUrl = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListCheckSummariesInput) SetMaxResults(v int64) *ListCheckSummariesInput { + s.MaxResults = &v return s } -// SetImprovementPlans sets the ImprovementPlans field's value. -func (s *ImprovementSummary) SetImprovementPlans(v []*ChoiceImprovementPlan) *ImprovementSummary { - s.ImprovementPlans = v +// SetNextToken sets the NextToken field's value. +func (s *ListCheckSummariesInput) SetNextToken(v string) *ListCheckSummariesInput { + s.NextToken = &v return s } // SetPillarId sets the PillarId field's value. -func (s *ImprovementSummary) SetPillarId(v string) *ImprovementSummary { +func (s *ListCheckSummariesInput) SetPillarId(v string) *ListCheckSummariesInput { s.PillarId = &v return s } // SetQuestionId sets the QuestionId field's value. -func (s *ImprovementSummary) SetQuestionId(v string) *ImprovementSummary { +func (s *ListCheckSummariesInput) SetQuestionId(v string) *ListCheckSummariesInput { s.QuestionId = &v return s } -// SetQuestionTitle sets the QuestionTitle field's value. -func (s *ImprovementSummary) SetQuestionTitle(v string) *ImprovementSummary { - s.QuestionTitle = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListCheckSummariesInput) SetWorkloadId(v string) *ListCheckSummariesInput { + s.WorkloadId = &v return s } -// SetRisk sets the Risk field's value. -func (s *ImprovementSummary) SetRisk(v string) *ImprovementSummary { - s.Risk = &v - return s -} +type ListCheckSummariesOutput struct { + _ struct{} `type:"structure"` -// There is a problem with the Well-Architected Tool API service. -type InternalServerException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // List of Trusted Advisor summaries related to the Well-Architected best practice. + CheckSummaries []*CheckSummary `type:"list"` - // Description of the error. - Message_ *string `locationName:"Message" type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` } // String returns the string representation. @@ -8997,7 +12590,7 @@ type InternalServerException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InternalServerException) String() string { +func (s ListCheckSummariesOutput) String() string { return awsutil.Prettify(s) } @@ -9006,72 +12599,64 @@ func (s InternalServerException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InternalServerException) GoString() string { +func (s ListCheckSummariesOutput) GoString() string { return s.String() } -func newErrorInternalServerException(v protocol.ResponseMetadata) error { - return &InternalServerException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InternalServerException) Code() string { - return "InternalServerException" -} - -// Message returns the exception's message. -func (s *InternalServerException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InternalServerException) OrigErr() error { - return nil -} - -func (s *InternalServerException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InternalServerException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetCheckSummaries sets the CheckSummaries field's value. +func (s *ListCheckSummariesOutput) SetCheckSummaries(v []*CheckSummary) *ListCheckSummariesOutput { + s.CheckSummaries = v + return s } -// RequestID returns the service's response RequestID for request. -func (s *InternalServerException) RequestID() string { - return s.RespMetadata.RequestID +// SetNextToken sets the NextToken field's value. +func (s *ListCheckSummariesOutput) SetNextToken(v string) *ListCheckSummariesOutput { + s.NextToken = &v + return s } -// A lens return object. -type Lens struct { - _ struct{} `type:"structure"` +// Input to list lens review improvements. +type ListLensReviewImprovementsInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // The description of the lens. - Description *string `min:"1" type:"string"` + // The alias of the lens. + // + // For Amazon Web Services official lenses, this is either the lens alias, such + // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. + // Note that some operations (such as ExportLens and CreateLensShare) are not + // permitted on Amazon Web Services official lenses. + // + // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The ARN of a lens. - LensArn *string `type:"string"` + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - // The version of a lens. - LensVersion *string `min:"1" type:"string"` + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` - // The full name of the lens. - Name *string `min:"1" type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - // The Amazon Web Services account ID that owns the lens. - Owner *string `type:"string"` + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `location:"querystring" locationName:"PillarId" min:"1" type:"string"` - // The ID assigned to the share invitation. - ShareInvitationId *string `type:"string"` + // The priority of the question. + QuestionPriority *string `location:"querystring" locationName:"QuestionPriority" type:"string" enum:"QuestionPriority"` - // The tags assigned to the lens. - Tags map[string]*string `min:"1" type:"map"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -9079,7 +12664,7 @@ type Lens struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Lens) String() string { +func (s ListLensReviewImprovementsInput) String() string { return awsutil.Prettify(s) } @@ -9088,106 +12673,90 @@ func (s Lens) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Lens) GoString() string { +func (s ListLensReviewImprovementsInput) GoString() string { return s.String() } -// SetDescription sets the Description field's value. -func (s *Lens) SetDescription(v string) *Lens { - s.Description = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *Lens) SetLensArn(v string) *Lens { - s.LensArn = &v - return s -} - -// SetLensVersion sets the LensVersion field's value. -func (s *Lens) SetLensVersion(v string) *Lens { - s.LensVersion = &v - return s -} - -// SetName sets the Name field's value. -func (s *Lens) SetName(v string) *Lens { - s.Name = &v - return s -} - -// SetOwner sets the Owner field's value. -func (s *Lens) SetOwner(v string) *Lens { - s.Owner = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListLensReviewImprovementsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListLensReviewImprovementsInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) + } + if s.PillarId != nil && len(*s.PillarId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } -// SetShareInvitationId sets the ShareInvitationId field's value. -func (s *Lens) SetShareInvitationId(v string) *Lens { - s.ShareInvitationId = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetTags sets the Tags field's value. -func (s *Lens) SetTags(v map[string]*string) *Lens { - s.Tags = v +// SetLensAlias sets the LensAlias field's value. +func (s *ListLensReviewImprovementsInput) SetLensAlias(v string) *ListLensReviewImprovementsInput { + s.LensAlias = &v return s } -// A metric for a particular lens in a workload. -type LensMetric struct { - _ struct{} `type:"structure"` - - // The lens ARN. - LensArn *string `type:"string"` - - // The metrics for the pillars in a lens. - Pillars []*PillarMetric `type:"list"` - - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LensMetric) String() string { - return awsutil.Prettify(s) +// SetMaxResults sets the MaxResults field's value. +func (s *ListLensReviewImprovementsInput) SetMaxResults(v int64) *ListLensReviewImprovementsInput { + s.MaxResults = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LensMetric) GoString() string { - return s.String() +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListLensReviewImprovementsInput) SetMilestoneNumber(v int64) *ListLensReviewImprovementsInput { + s.MilestoneNumber = &v + return s } -// SetLensArn sets the LensArn field's value. -func (s *LensMetric) SetLensArn(v string) *LensMetric { - s.LensArn = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensReviewImprovementsInput) SetNextToken(v string) *ListLensReviewImprovementsInput { + s.NextToken = &v return s } -// SetPillars sets the Pillars field's value. -func (s *LensMetric) SetPillars(v []*PillarMetric) *LensMetric { - s.Pillars = v +// SetPillarId sets the PillarId field's value. +func (s *ListLensReviewImprovementsInput) SetPillarId(v string) *ListLensReviewImprovementsInput { + s.PillarId = &v return s } -// SetRiskCounts sets the RiskCounts field's value. -func (s *LensMetric) SetRiskCounts(v map[string]*int64) *LensMetric { - s.RiskCounts = v +// SetQuestionPriority sets the QuestionPriority field's value. +func (s *ListLensReviewImprovementsInput) SetQuestionPriority(v string) *ListLensReviewImprovementsInput { + s.QuestionPriority = &v return s } -// A lens review of a question. -type LensReview struct { +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListLensReviewImprovementsInput) SetWorkloadId(v string) *ListLensReviewImprovementsInput { + s.WorkloadId = &v + return s +} + +// Output of a list lens review improvements call. +type ListLensReviewImprovementsOutput struct { _ struct{} `type:"structure"` + // List of improvement summaries of lens review in a workload. + ImprovementSummaries []*ImprovementSummary `type:"list"` + // The alias of the lens. // // For Amazon Web Services official lenses, this is either the lens alias, such @@ -9203,29 +12772,17 @@ type LensReview struct { // The ARN for the lens. LensArn *string `type:"string"` - // The full name of the lens. - LensName *string `min:"1" type:"string"` - - // The status of the lens. - LensStatus *string `type:"string" enum:"LensStatus"` - - // The version of the lens. - LensVersion *string `min:"1" type:"string"` + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The notes associated with the workload. - Notes *string `type:"string"` - - // List of pillar review summaries of lens review in a workload. - PillarReviewSummaries []*PillarReviewSummary `type:"list"` - - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` - - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -9233,7 +12790,7 @@ type LensReview struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReview) String() string { +func (s ListLensReviewImprovementsOutput) String() string { return awsutil.Prettify(s) } @@ -9242,95 +12799,150 @@ func (s LensReview) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReview) GoString() string { +func (s ListLensReviewImprovementsOutput) GoString() string { return s.String() } +// SetImprovementSummaries sets the ImprovementSummaries field's value. +func (s *ListLensReviewImprovementsOutput) SetImprovementSummaries(v []*ImprovementSummary) *ListLensReviewImprovementsOutput { + s.ImprovementSummaries = v + return s +} + // SetLensAlias sets the LensAlias field's value. -func (s *LensReview) SetLensAlias(v string) *LensReview { +func (s *ListLensReviewImprovementsOutput) SetLensAlias(v string) *ListLensReviewImprovementsOutput { s.LensAlias = &v return s } // SetLensArn sets the LensArn field's value. -func (s *LensReview) SetLensArn(v string) *LensReview { +func (s *ListLensReviewImprovementsOutput) SetLensArn(v string) *ListLensReviewImprovementsOutput { s.LensArn = &v return s } -// SetLensName sets the LensName field's value. -func (s *LensReview) SetLensName(v string) *LensReview { - s.LensName = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListLensReviewImprovementsOutput) SetMilestoneNumber(v int64) *ListLensReviewImprovementsOutput { + s.MilestoneNumber = &v return s } -// SetLensStatus sets the LensStatus field's value. -func (s *LensReview) SetLensStatus(v string) *LensReview { - s.LensStatus = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensReviewImprovementsOutput) SetNextToken(v string) *ListLensReviewImprovementsOutput { + s.NextToken = &v return s } -// SetLensVersion sets the LensVersion field's value. -func (s *LensReview) SetLensVersion(v string) *LensReview { - s.LensVersion = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListLensReviewImprovementsOutput) SetWorkloadId(v string) *ListLensReviewImprovementsOutput { + s.WorkloadId = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *LensReview) SetNextToken(v string) *LensReview { - s.NextToken = &v - return s +// Input to list lens reviews. +type ListLensReviewsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } -// SetNotes sets the Notes field's value. -func (s *LensReview) SetNotes(v string) *LensReview { - s.Notes = &v +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListLensReviewsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListLensReviewsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListLensReviewsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListLensReviewsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { + invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListLensReviewsInput) SetMaxResults(v int64) *ListLensReviewsInput { + s.MaxResults = &v return s } -// SetPillarReviewSummaries sets the PillarReviewSummaries field's value. -func (s *LensReview) SetPillarReviewSummaries(v []*PillarReviewSummary) *LensReview { - s.PillarReviewSummaries = v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListLensReviewsInput) SetMilestoneNumber(v int64) *ListLensReviewsInput { + s.MilestoneNumber = &v return s } -// SetRiskCounts sets the RiskCounts field's value. -func (s *LensReview) SetRiskCounts(v map[string]*int64) *LensReview { - s.RiskCounts = v +// SetNextToken sets the NextToken field's value. +func (s *ListLensReviewsInput) SetNextToken(v string) *ListLensReviewsInput { + s.NextToken = &v return s } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *LensReview) SetUpdatedAt(v time.Time) *LensReview { - s.UpdatedAt = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListLensReviewsInput) SetWorkloadId(v string) *ListLensReviewsInput { + s.WorkloadId = &v return s } -// A report of a lens review. -type LensReviewReport struct { +// Output of a list lens reviews call. +type ListLensReviewsOutput struct { _ struct{} `type:"structure"` - // The Base64-encoded string representation of a lens review report. - // - // This data can be used to create a PDF file. - // - // Only returned by GetConsolidatedReport when PDF format is requested. - Base64String *string `type:"string"` + // List of lens summaries of lens reviews of a workload. + LensReviewSummaries []*LensReviewSummary `type:"list"` - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. + // The milestone number. // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` - // The ARN for the lens. - LensArn *string `type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -9338,7 +12950,7 @@ type LensReviewReport struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReviewReport) String() string { +func (s ListLensReviewsOutput) String() string { return awsutil.Prettify(s) } @@ -9347,31 +12959,36 @@ func (s LensReviewReport) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReviewReport) GoString() string { +func (s ListLensReviewsOutput) GoString() string { return s.String() } -// SetBase64String sets the Base64String field's value. -func (s *LensReviewReport) SetBase64String(v string) *LensReviewReport { - s.Base64String = &v +// SetLensReviewSummaries sets the LensReviewSummaries field's value. +func (s *ListLensReviewsOutput) SetLensReviewSummaries(v []*LensReviewSummary) *ListLensReviewsOutput { + s.LensReviewSummaries = v return s } -// SetLensAlias sets the LensAlias field's value. -func (s *LensReviewReport) SetLensAlias(v string) *LensReviewReport { - s.LensAlias = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *ListLensReviewsOutput) SetMilestoneNumber(v int64) *ListLensReviewsOutput { + s.MilestoneNumber = &v return s } -// SetLensArn sets the LensArn field's value. -func (s *LensReviewReport) SetLensArn(v string) *LensReviewReport { - s.LensArn = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensReviewsOutput) SetNextToken(v string) *ListLensReviewsOutput { + s.NextToken = &v return s } -// A lens review summary of a workload. -type LensReviewSummary struct { - _ struct{} `type:"structure"` +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListLensReviewsOutput) SetWorkloadId(v string) *ListLensReviewsOutput { + s.WorkloadId = &v + return s +} + +type ListLensSharesInput struct { + _ struct{} `type:"structure" nopayload:"true"` // The alias of the lens. // @@ -9382,26 +12999,23 @@ type LensReviewSummary struct { // // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` - - // The ARN for the lens. - LensArn *string `type:"string"` - - // The full name of the lens. - LensName *string `min:"1" type:"string"` + // Each lens is identified by its LensSummary$LensAlias. + // + // LensAlias is a required field + LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The status of the lens. - LensStatus *string `type:"string" enum:"LensStatus"` + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - // The version of the lens. - LensVersion *string `min:"1" type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the lens is shared. + SharedWithPrefix *string `location:"querystring" locationName:"SharedWithPrefix" type:"string"` - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` + // The status of the share request. + Status *string `location:"querystring" locationName:"Status" type:"string" enum:"ShareStatus"` } // String returns the string representation. @@ -9409,7 +13023,7 @@ type LensReviewSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReviewSummary) String() string { +func (s ListLensSharesInput) String() string { return awsutil.Prettify(s) } @@ -9418,68 +13032,67 @@ func (s LensReviewSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensReviewSummary) GoString() string { +func (s ListLensSharesInput) GoString() string { return s.String() } -// SetLensAlias sets the LensAlias field's value. -func (s *LensReviewSummary) SetLensAlias(v string) *LensReviewSummary { - s.LensAlias = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListLensSharesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListLensSharesInput"} + if s.LensAlias == nil { + invalidParams.Add(request.NewErrParamRequired("LensAlias")) + } + if s.LensAlias != nil && len(*s.LensAlias) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } -// SetLensArn sets the LensArn field's value. -func (s *LensReviewSummary) SetLensArn(v string) *LensReviewSummary { - s.LensArn = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetLensName sets the LensName field's value. -func (s *LensReviewSummary) SetLensName(v string) *LensReviewSummary { - s.LensName = &v +// SetLensAlias sets the LensAlias field's value. +func (s *ListLensSharesInput) SetLensAlias(v string) *ListLensSharesInput { + s.LensAlias = &v return s } -// SetLensStatus sets the LensStatus field's value. -func (s *LensReviewSummary) SetLensStatus(v string) *LensReviewSummary { - s.LensStatus = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListLensSharesInput) SetMaxResults(v int64) *ListLensSharesInput { + s.MaxResults = &v return s } -// SetLensVersion sets the LensVersion field's value. -func (s *LensReviewSummary) SetLensVersion(v string) *LensReviewSummary { - s.LensVersion = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensSharesInput) SetNextToken(v string) *ListLensSharesInput { + s.NextToken = &v return s } -// SetRiskCounts sets the RiskCounts field's value. -func (s *LensReviewSummary) SetRiskCounts(v map[string]*int64) *LensReviewSummary { - s.RiskCounts = v +// SetSharedWithPrefix sets the SharedWithPrefix field's value. +func (s *ListLensSharesInput) SetSharedWithPrefix(v string) *ListLensSharesInput { + s.SharedWithPrefix = &v return s } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *LensReviewSummary) SetUpdatedAt(v time.Time) *LensReviewSummary { - s.UpdatedAt = &v +// SetStatus sets the Status field's value. +func (s *ListLensSharesInput) SetStatus(v string) *ListLensSharesInput { + s.Status = &v return s } -// A lens share summary return object. -type LensShareSummary struct { +type ListLensSharesOutput struct { _ struct{} `type:"structure"` - // The ID associated with the workload share. - ShareId *string `type:"string"` - - // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. - SharedWith *string `min:"12" type:"string"` - - // The status of a workload share. - Status *string `type:"string" enum:"ShareStatus"` + // A list of lens share summaries. + LensShareSummaries []*LensShareSummary `type:"list"` - // Optional message to compliment the Status field. - StatusMessage *string `min:"1" type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` } // String returns the string representation. @@ -9487,7 +13100,7 @@ type LensShareSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensShareSummary) String() string { +func (s ListLensSharesOutput) String() string { return awsutil.Prettify(s) } @@ -9496,76 +13109,40 @@ func (s LensShareSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensShareSummary) GoString() string { +func (s ListLensSharesOutput) GoString() string { return s.String() } -// SetShareId sets the ShareId field's value. -func (s *LensShareSummary) SetShareId(v string) *LensShareSummary { - s.ShareId = &v - return s -} - -// SetSharedWith sets the SharedWith field's value. -func (s *LensShareSummary) SetSharedWith(v string) *LensShareSummary { - s.SharedWith = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *LensShareSummary) SetStatus(v string) *LensShareSummary { - s.Status = &v +// SetLensShareSummaries sets the LensShareSummaries field's value. +func (s *ListLensSharesOutput) SetLensShareSummaries(v []*LensShareSummary) *ListLensSharesOutput { + s.LensShareSummaries = v return s } -// SetStatusMessage sets the StatusMessage field's value. -func (s *LensShareSummary) SetStatusMessage(v string) *LensShareSummary { - s.StatusMessage = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensSharesOutput) SetNextToken(v string) *ListLensSharesOutput { + s.NextToken = &v return s } -// A lens summary of a lens. -type LensSummary struct { - _ struct{} `type:"structure"` - - // The date and time recorded. - CreatedAt *time.Time `type:"timestamp"` - - // The description of the lens. - Description *string `min:"1" type:"string"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` - - // The ARN of the lens. - LensArn *string `type:"string"` +// Input to list lenses. +type ListLensesInput struct { + _ struct{} `type:"structure" nopayload:"true"` // The full name of the lens. - LensName *string `min:"1" type:"string"` - - // The status of the lens. - LensStatus *string `type:"string" enum:"LensStatus"` + LensName *string `location:"querystring" locationName:"LensName" min:"1" type:"string"` - // The type of the lens. - LensType *string `type:"string" enum:"LensType"` + // The status of lenses to be returned. + LensStatus *string `location:"querystring" locationName:"LensStatus" type:"string" enum:"LensStatusType"` - // The version of the lens. - LensVersion *string `min:"1" type:"string"` + // The type of lenses to be returned. + LensType *string `location:"querystring" locationName:"LensType" type:"string" enum:"LensType"` - // An Amazon Web Services account ID. - Owner *string `type:"string"` + // The maximum number of results to return for this request. + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - // The date and time recorded. - UpdatedAt *time.Time `type:"timestamp"` + // The token to use to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` } // String returns the string representation. @@ -9573,7 +13150,7 @@ type LensSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensSummary) String() string { +func (s ListLensesInput) String() string { return awsutil.Prettify(s) } @@ -9582,104 +13159,65 @@ func (s LensSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensSummary) GoString() string { +func (s ListLensesInput) GoString() string { return s.String() } -// SetCreatedAt sets the CreatedAt field's value. -func (s *LensSummary) SetCreatedAt(v time.Time) *LensSummary { - s.CreatedAt = &v - return s -} - -// SetDescription sets the Description field's value. -func (s *LensSummary) SetDescription(v string) *LensSummary { - s.Description = &v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *LensSummary) SetLensAlias(v string) *LensSummary { - s.LensAlias = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListLensesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListLensesInput"} + if s.LensName != nil && len(*s.LensName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LensName", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } -// SetLensArn sets the LensArn field's value. -func (s *LensSummary) SetLensArn(v string) *LensSummary { - s.LensArn = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } // SetLensName sets the LensName field's value. -func (s *LensSummary) SetLensName(v string) *LensSummary { +func (s *ListLensesInput) SetLensName(v string) *ListLensesInput { s.LensName = &v return s } // SetLensStatus sets the LensStatus field's value. -func (s *LensSummary) SetLensStatus(v string) *LensSummary { +func (s *ListLensesInput) SetLensStatus(v string) *ListLensesInput { s.LensStatus = &v return s } // SetLensType sets the LensType field's value. -func (s *LensSummary) SetLensType(v string) *LensSummary { +func (s *ListLensesInput) SetLensType(v string) *ListLensesInput { s.LensType = &v return s } -// SetLensVersion sets the LensVersion field's value. -func (s *LensSummary) SetLensVersion(v string) *LensSummary { - s.LensVersion = &v - return s -} - -// SetOwner sets the Owner field's value. -func (s *LensSummary) SetOwner(v string) *LensSummary { - s.Owner = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListLensesInput) SetMaxResults(v int64) *ListLensesInput { + s.MaxResults = &v return s } -// SetUpdatedAt sets the UpdatedAt field's value. -func (s *LensSummary) SetUpdatedAt(v time.Time) *LensSummary { - s.UpdatedAt = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensesInput) SetNextToken(v string) *ListLensesInput { + s.NextToken = &v return s -} - -// Lens upgrade summary return object. -type LensUpgradeSummary struct { - _ struct{} `type:"structure"` - - // The current version of the lens. - CurrentLensVersion *string `min:"1" type:"string"` - - // The latest version of the lens. - LatestLensVersion *string `min:"1" type:"string"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` +} - // The ARN for the lens. - LensArn *string `type:"string"` +// Output of a list lenses call. +type ListLensesOutput struct { + _ struct{} `type:"structure"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // List of lens summaries of available lenses. + LensSummaries []*LensSummary `type:"list"` - // The name of the workload. - // - // The name must be unique within an account within an Amazon Web Services Region. - // Spaces and capitalization are ignored when checking for uniqueness. - WorkloadName *string `min:"3" type:"string"` + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` } // String returns the string representation. @@ -9687,7 +13225,7 @@ type LensUpgradeSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensUpgradeSummary) String() string { +func (s ListLensesOutput) String() string { return awsutil.Prettify(s) } @@ -9696,85 +13234,37 @@ func (s LensUpgradeSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LensUpgradeSummary) GoString() string { +func (s ListLensesOutput) GoString() string { return s.String() } -// SetCurrentLensVersion sets the CurrentLensVersion field's value. -func (s *LensUpgradeSummary) SetCurrentLensVersion(v string) *LensUpgradeSummary { - s.CurrentLensVersion = &v - return s -} - -// SetLatestLensVersion sets the LatestLensVersion field's value. -func (s *LensUpgradeSummary) SetLatestLensVersion(v string) *LensUpgradeSummary { - s.LatestLensVersion = &v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *LensUpgradeSummary) SetLensAlias(v string) *LensUpgradeSummary { - s.LensAlias = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *LensUpgradeSummary) SetLensArn(v string) *LensUpgradeSummary { - s.LensArn = &v - return s -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *LensUpgradeSummary) SetWorkloadId(v string) *LensUpgradeSummary { - s.WorkloadId = &v +// SetLensSummaries sets the LensSummaries field's value. +func (s *ListLensesOutput) SetLensSummaries(v []*LensSummary) *ListLensesOutput { + s.LensSummaries = v return s } -// SetWorkloadName sets the WorkloadName field's value. -func (s *LensUpgradeSummary) SetWorkloadName(v string) *LensUpgradeSummary { - s.WorkloadName = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLensesOutput) SetNextToken(v string) *ListLensesOutput { + s.NextToken = &v return s } -// Input to list answers. -type ListAnswersInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` +// Input to list all milestones for a workload. +type ListMilestonesInput struct { + _ struct{} `type:"structure"` // The maximum number of results to return for this request. - MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` + MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next set of results. - NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `location:"querystring" locationName:"PillarId" min:"1" type:"string"` + NextToken *string `type:"string"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -9782,7 +13272,7 @@ type ListAnswersInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListAnswersInput) String() string { +func (s ListMilestonesInput) String() string { return awsutil.Prettify(s) } @@ -9791,33 +13281,21 @@ func (s ListAnswersInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListAnswersInput) GoString() string { +func (s ListMilestonesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListAnswersInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListAnswersInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } +func (s *ListMilestonesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListMilestonesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) - } - if s.PillarId != nil && len(*s.PillarId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) - } if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -9826,75 +13304,37 @@ func (s *ListAnswersInput) Validate() error { return nil } -// SetLensAlias sets the LensAlias field's value. -func (s *ListAnswersInput) SetLensAlias(v string) *ListAnswersInput { - s.LensAlias = &v - return s -} - // SetMaxResults sets the MaxResults field's value. -func (s *ListAnswersInput) SetMaxResults(v int64) *ListAnswersInput { +func (s *ListMilestonesInput) SetMaxResults(v int64) *ListMilestonesInput { s.MaxResults = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListAnswersInput) SetMilestoneNumber(v int64) *ListAnswersInput { - s.MilestoneNumber = &v - return s -} - // SetNextToken sets the NextToken field's value. -func (s *ListAnswersInput) SetNextToken(v string) *ListAnswersInput { +func (s *ListMilestonesInput) SetNextToken(v string) *ListMilestonesInput { s.NextToken = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *ListAnswersInput) SetPillarId(v string) *ListAnswersInput { - s.PillarId = &v - return s -} - // SetWorkloadId sets the WorkloadId field's value. -func (s *ListAnswersInput) SetWorkloadId(v string) *ListAnswersInput { +func (s *ListMilestonesInput) SetWorkloadId(v string) *ListMilestonesInput { s.WorkloadId = &v return s } -// Output of a list answers call. -type ListAnswersOutput struct { +// Output of a list milestones call. +type ListMilestonesOutput struct { _ struct{} `type:"structure"` - // List of answer summaries of lens review in a workload. - AnswerSummaries []*AnswerSummary `type:"list"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` - - // The ARN for the lens. - LensArn *string `type:"string"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` + // A list of milestone summaries. + MilestoneSummaries []*MilestoneSummary `type:"list"` // The token to use to retrieve the next set of results. NextToken *string `type:"string"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -9902,7 +13342,7 @@ type ListAnswersOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListAnswersOutput) String() string { +func (s ListMilestonesOutput) String() string { return awsutil.Prettify(s) } @@ -9911,82 +13351,40 @@ func (s ListAnswersOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListAnswersOutput) GoString() string { +func (s ListMilestonesOutput) GoString() string { return s.String() } -// SetAnswerSummaries sets the AnswerSummaries field's value. -func (s *ListAnswersOutput) SetAnswerSummaries(v []*AnswerSummary) *ListAnswersOutput { - s.AnswerSummaries = v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *ListAnswersOutput) SetLensAlias(v string) *ListAnswersOutput { - s.LensAlias = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *ListAnswersOutput) SetLensArn(v string) *ListAnswersOutput { - s.LensArn = &v - return s -} - -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListAnswersOutput) SetMilestoneNumber(v int64) *ListAnswersOutput { - s.MilestoneNumber = &v +// SetMilestoneSummaries sets the MilestoneSummaries field's value. +func (s *ListMilestonesOutput) SetMilestoneSummaries(v []*MilestoneSummary) *ListMilestonesOutput { + s.MilestoneSummaries = v return s } // SetNextToken sets the NextToken field's value. -func (s *ListAnswersOutput) SetNextToken(v string) *ListAnswersOutput { +func (s *ListMilestonesOutput) SetNextToken(v string) *ListMilestonesOutput { s.NextToken = &v return s } // SetWorkloadId sets the WorkloadId field's value. -func (s *ListAnswersOutput) SetWorkloadId(v string) *ListAnswersOutput { +func (s *ListMilestonesOutput) SetWorkloadId(v string) *ListMilestonesOutput { s.WorkloadId = &v return s } -type ListCheckDetailsInput struct { +type ListNotificationsInput struct { _ struct{} `type:"structure"` - // The ID of a choice. - // - // ChoiceId is a required field - ChoiceId *string `min:"1" type:"string" required:"true"` - - // Well-Architected Lens ARN. - // - // LensArn is a required field - LensArn *string `type:"string" required:"true"` - // The maximum number of results to return for this request. MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - // - // PillarId is a required field - PillarId *string `min:"1" type:"string" required:"true"` - - // The ID of the question. - // - // QuestionId is a required field - QuestionId *string `min:"1" type:"string" required:"true"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -9994,7 +13392,7 @@ type ListCheckDetailsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckDetailsInput) String() string { +func (s ListNotificationsInput) String() string { return awsutil.Prettify(s) } @@ -10003,42 +13401,18 @@ func (s ListCheckDetailsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckDetailsInput) GoString() string { +func (s ListNotificationsInput) GoString() string { return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListCheckDetailsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListCheckDetailsInput"} - if s.ChoiceId == nil { - invalidParams.Add(request.NewErrParamRequired("ChoiceId")) - } - if s.ChoiceId != nil && len(*s.ChoiceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ChoiceId", 1)) - } - if s.LensArn == nil { - invalidParams.Add(request.NewErrParamRequired("LensArn")) - } - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - if s.PillarId == nil { - invalidParams.Add(request.NewErrParamRequired("PillarId")) - } - if s.PillarId != nil && len(*s.PillarId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) - } - if s.QuestionId == nil { - invalidParams.Add(request.NewErrParamRequired("QuestionId")) - } - if s.QuestionId != nil && len(*s.QuestionId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListNotificationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListNotificationsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -10047,57 +13421,32 @@ func (s *ListCheckDetailsInput) Validate() error { return nil } -// SetChoiceId sets the ChoiceId field's value. -func (s *ListCheckDetailsInput) SetChoiceId(v string) *ListCheckDetailsInput { - s.ChoiceId = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *ListCheckDetailsInput) SetLensArn(v string) *ListCheckDetailsInput { - s.LensArn = &v - return s -} - // SetMaxResults sets the MaxResults field's value. -func (s *ListCheckDetailsInput) SetMaxResults(v int64) *ListCheckDetailsInput { +func (s *ListNotificationsInput) SetMaxResults(v int64) *ListNotificationsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListCheckDetailsInput) SetNextToken(v string) *ListCheckDetailsInput { +func (s *ListNotificationsInput) SetNextToken(v string) *ListNotificationsInput { s.NextToken = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *ListCheckDetailsInput) SetPillarId(v string) *ListCheckDetailsInput { - s.PillarId = &v - return s -} - -// SetQuestionId sets the QuestionId field's value. -func (s *ListCheckDetailsInput) SetQuestionId(v string) *ListCheckDetailsInput { - s.QuestionId = &v - return s -} - // SetWorkloadId sets the WorkloadId field's value. -func (s *ListCheckDetailsInput) SetWorkloadId(v string) *ListCheckDetailsInput { +func (s *ListNotificationsInput) SetWorkloadId(v string) *ListNotificationsInput { s.WorkloadId = &v return s } -type ListCheckDetailsOutput struct { +type ListNotificationsOutput struct { _ struct{} `type:"structure"` - // The details about the Trusted Advisor checks related to the Well-Architected - // best practice. - CheckDetails []*CheckDetail `type:"list"` - // The token to use to retrieve the next set of results. NextToken *string `type:"string"` + + // List of lens notification summaries in a workload. + NotificationSummaries []*NotificationSummary `type:"list"` } // String returns the string representation. @@ -10105,7 +13454,7 @@ type ListCheckDetailsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckDetailsOutput) String() string { +func (s ListNotificationsOutput) String() string { return awsutil.Prettify(s) } @@ -10114,58 +13463,34 @@ func (s ListCheckDetailsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckDetailsOutput) GoString() string { +func (s ListNotificationsOutput) GoString() string { return s.String() } -// SetCheckDetails sets the CheckDetails field's value. -func (s *ListCheckDetailsOutput) SetCheckDetails(v []*CheckDetail) *ListCheckDetailsOutput { - s.CheckDetails = v - return s -} - // SetNextToken sets the NextToken field's value. -func (s *ListCheckDetailsOutput) SetNextToken(v string) *ListCheckDetailsOutput { +func (s *ListNotificationsOutput) SetNextToken(v string) *ListNotificationsOutput { s.NextToken = &v return s } -type ListCheckSummariesInput struct { - _ struct{} `type:"structure"` - - // The ID of a choice. - // - // ChoiceId is a required field - ChoiceId *string `min:"1" type:"string" required:"true"` +// SetNotificationSummaries sets the NotificationSummaries field's value. +func (s *ListNotificationsOutput) SetNotificationSummaries(v []*NotificationSummary) *ListNotificationsOutput { + s.NotificationSummaries = v + return s +} - // Well-Architected Lens ARN. - // - // LensArn is a required field - LensArn *string `type:"string" required:"true"` +type ListProfileNotificationsInput struct { + _ struct{} `type:"structure" nopayload:"true"` // The maximum number of results to return for this request. - MaxResults *int64 `min:"1" type:"integer"` + MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` - - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - // - // PillarId is a required field - PillarId *string `min:"1" type:"string" required:"true"` - - // The ID of the question. - // - // QuestionId is a required field - QuestionId *string `min:"1" type:"string" required:"true"` + NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"querystring" locationName:"WorkloadId" min:"32" type:"string"` } // String returns the string representation. @@ -10173,7 +13498,7 @@ type ListCheckSummariesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckSummariesInput) String() string { +func (s ListProfileNotificationsInput) String() string { return awsutil.Prettify(s) } @@ -10182,42 +13507,18 @@ func (s ListCheckSummariesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckSummariesInput) GoString() string { +func (s ListProfileNotificationsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListCheckSummariesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListCheckSummariesInput"} - if s.ChoiceId == nil { - invalidParams.Add(request.NewErrParamRequired("ChoiceId")) - } - if s.ChoiceId != nil && len(*s.ChoiceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ChoiceId", 1)) - } - if s.LensArn == nil { - invalidParams.Add(request.NewErrParamRequired("LensArn")) - } +func (s *ListProfileNotificationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListProfileNotificationsInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.PillarId == nil { - invalidParams.Add(request.NewErrParamRequired("PillarId")) - } - if s.PillarId != nil && len(*s.PillarId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) - } - if s.QuestionId == nil { - invalidParams.Add(request.NewErrParamRequired("QuestionId")) - } - if s.QuestionId != nil && len(*s.QuestionId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -10226,56 +13527,32 @@ func (s *ListCheckSummariesInput) Validate() error { return nil } -// SetChoiceId sets the ChoiceId field's value. -func (s *ListCheckSummariesInput) SetChoiceId(v string) *ListCheckSummariesInput { - s.ChoiceId = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *ListCheckSummariesInput) SetLensArn(v string) *ListCheckSummariesInput { - s.LensArn = &v - return s -} - // SetMaxResults sets the MaxResults field's value. -func (s *ListCheckSummariesInput) SetMaxResults(v int64) *ListCheckSummariesInput { +func (s *ListProfileNotificationsInput) SetMaxResults(v int64) *ListProfileNotificationsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListCheckSummariesInput) SetNextToken(v string) *ListCheckSummariesInput { +func (s *ListProfileNotificationsInput) SetNextToken(v string) *ListProfileNotificationsInput { s.NextToken = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *ListCheckSummariesInput) SetPillarId(v string) *ListCheckSummariesInput { - s.PillarId = &v - return s -} - -// SetQuestionId sets the QuestionId field's value. -func (s *ListCheckSummariesInput) SetQuestionId(v string) *ListCheckSummariesInput { - s.QuestionId = &v - return s -} - // SetWorkloadId sets the WorkloadId field's value. -func (s *ListCheckSummariesInput) SetWorkloadId(v string) *ListCheckSummariesInput { +func (s *ListProfileNotificationsInput) SetWorkloadId(v string) *ListProfileNotificationsInput { s.WorkloadId = &v return s } -type ListCheckSummariesOutput struct { +type ListProfileNotificationsOutput struct { _ struct{} `type:"structure"` - // List of Trusted Advisor summaries related to the Well-Architected best practice. - CheckSummaries []*CheckSummary `type:"list"` - // The token to use to retrieve the next set of results. NextToken *string `type:"string"` + + // Notification summaries. + NotificationSummaries []*ProfileNotificationSummary `type:"list"` } // String returns the string representation. @@ -10283,7 +13560,7 @@ type ListCheckSummariesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckSummariesOutput) String() string { +func (s ListProfileNotificationsOutput) String() string { return awsutil.Prettify(s) } @@ -10292,61 +13569,42 @@ func (s ListCheckSummariesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListCheckSummariesOutput) GoString() string { +func (s ListProfileNotificationsOutput) GoString() string { return s.String() } -// SetCheckSummaries sets the CheckSummaries field's value. -func (s *ListCheckSummariesOutput) SetCheckSummaries(v []*CheckSummary) *ListCheckSummariesOutput { - s.CheckSummaries = v +// SetNextToken sets the NextToken field's value. +func (s *ListProfileNotificationsOutput) SetNextToken(v string) *ListProfileNotificationsOutput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListCheckSummariesOutput) SetNextToken(v string) *ListCheckSummariesOutput { - s.NextToken = &v +// SetNotificationSummaries sets the NotificationSummaries field's value. +func (s *ListProfileNotificationsOutput) SetNotificationSummaries(v []*ProfileNotificationSummary) *ListProfileNotificationsOutput { + s.NotificationSummaries = v return s } -// Input to list lens review improvements. -type ListLensReviewImprovementsInput struct { +type ListProfileSharesInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` - // The maximum number of results to return for this request. MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` - // The token to use to retrieve the next set of results. NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - // The ID used to identify a pillar, for example, security. + // The profile ARN. // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `location:"querystring" locationName:"PillarId" min:"1" type:"string"` + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the profile is shared. + SharedWithPrefix *string `location:"querystring" locationName:"SharedWithPrefix" type:"string"` + + // The status of the share request. + Status *string `location:"querystring" locationName:"Status" type:"string" enum:"ShareStatus"` } // String returns the string representation. @@ -10354,7 +13612,7 @@ type ListLensReviewImprovementsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewImprovementsInput) String() string { +func (s ListProfileSharesInput) String() string { return awsutil.Prettify(s) } @@ -10363,33 +13621,21 @@ func (s ListLensReviewImprovementsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewImprovementsInput) GoString() string { +func (s ListProfileSharesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListLensReviewImprovementsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListLensReviewImprovementsInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } +func (s *ListProfileSharesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListProfileSharesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) - } - if s.PillarId != nil && len(*s.PillarId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("PillarId", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) } if invalidParams.Len() > 0 { @@ -10398,75 +13644,44 @@ func (s *ListLensReviewImprovementsInput) Validate() error { return nil } -// SetLensAlias sets the LensAlias field's value. -func (s *ListLensReviewImprovementsInput) SetLensAlias(v string) *ListLensReviewImprovementsInput { - s.LensAlias = &v - return s -} - // SetMaxResults sets the MaxResults field's value. -func (s *ListLensReviewImprovementsInput) SetMaxResults(v int64) *ListLensReviewImprovementsInput { +func (s *ListProfileSharesInput) SetMaxResults(v int64) *ListProfileSharesInput { s.MaxResults = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListLensReviewImprovementsInput) SetMilestoneNumber(v int64) *ListLensReviewImprovementsInput { - s.MilestoneNumber = &v - return s -} - // SetNextToken sets the NextToken field's value. -func (s *ListLensReviewImprovementsInput) SetNextToken(v string) *ListLensReviewImprovementsInput { +func (s *ListProfileSharesInput) SetNextToken(v string) *ListProfileSharesInput { s.NextToken = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *ListLensReviewImprovementsInput) SetPillarId(v string) *ListLensReviewImprovementsInput { - s.PillarId = &v - return s -} - -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListLensReviewImprovementsInput) SetWorkloadId(v string) *ListLensReviewImprovementsInput { - s.WorkloadId = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *ListProfileSharesInput) SetProfileArn(v string) *ListProfileSharesInput { + s.ProfileArn = &v return s } -// Output of a list lens review improvements call. -type ListLensReviewImprovementsOutput struct { - _ struct{} `type:"structure"` - - // List of improvement summaries of lens review in a workload. - ImprovementSummaries []*ImprovementSummary `type:"list"` - - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - LensAlias *string `min:"1" type:"string"` +// SetSharedWithPrefix sets the SharedWithPrefix field's value. +func (s *ListProfileSharesInput) SetSharedWithPrefix(v string) *ListProfileSharesInput { + s.SharedWithPrefix = &v + return s +} - // The ARN for the lens. - LensArn *string `type:"string"` +// SetStatus sets the Status field's value. +func (s *ListProfileSharesInput) SetStatus(v string) *ListProfileSharesInput { + s.Status = &v + return s +} - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` +type ListProfileSharesOutput struct { + _ struct{} `type:"structure"` // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // Profile share summaries. + ProfileShareSummaries []*ProfileShareSummary `type:"list"` } // String returns the string representation. @@ -10474,7 +13689,7 @@ type ListLensReviewImprovementsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewImprovementsOutput) String() string { +func (s ListProfileSharesOutput) String() string { return awsutil.Prettify(s) } @@ -10483,66 +13698,36 @@ func (s ListLensReviewImprovementsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewImprovementsOutput) GoString() string { +func (s ListProfileSharesOutput) GoString() string { return s.String() } -// SetImprovementSummaries sets the ImprovementSummaries field's value. -func (s *ListLensReviewImprovementsOutput) SetImprovementSummaries(v []*ImprovementSummary) *ListLensReviewImprovementsOutput { - s.ImprovementSummaries = v - return s -} - -// SetLensAlias sets the LensAlias field's value. -func (s *ListLensReviewImprovementsOutput) SetLensAlias(v string) *ListLensReviewImprovementsOutput { - s.LensAlias = &v - return s -} - -// SetLensArn sets the LensArn field's value. -func (s *ListLensReviewImprovementsOutput) SetLensArn(v string) *ListLensReviewImprovementsOutput { - s.LensArn = &v - return s -} - -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListLensReviewImprovementsOutput) SetMilestoneNumber(v int64) *ListLensReviewImprovementsOutput { - s.MilestoneNumber = &v - return s -} - // SetNextToken sets the NextToken field's value. -func (s *ListLensReviewImprovementsOutput) SetNextToken(v string) *ListLensReviewImprovementsOutput { +func (s *ListProfileSharesOutput) SetNextToken(v string) *ListProfileSharesOutput { s.NextToken = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListLensReviewImprovementsOutput) SetWorkloadId(v string) *ListLensReviewImprovementsOutput { - s.WorkloadId = &v +// SetProfileShareSummaries sets the ProfileShareSummaries field's value. +func (s *ListProfileSharesOutput) SetProfileShareSummaries(v []*ProfileShareSummary) *ListProfileSharesOutput { + s.ProfileShareSummaries = v return s } -// Input to list lens reviews. -type ListLensReviewsInput struct { +type ListProfilesInput struct { _ struct{} `type:"structure" nopayload:"true"` // The maximum number of results to return for this request. MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `location:"querystring" locationName:"MilestoneNumber" min:"1" type:"integer"` - // The token to use to retrieve the next set of results. NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // Prefix for profile name. + ProfileNamePrefix *string `location:"querystring" locationName:"ProfileNamePrefix" type:"string"` + + // Profile owner type. + ProfileOwnerType *string `location:"querystring" locationName:"ProfileOwnerType" type:"string" enum:"ProfileOwnerType"` } // String returns the string representation. @@ -10550,7 +13735,7 @@ type ListLensReviewsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewsInput) String() string { +func (s ListProfilesInput) String() string { return awsutil.Prettify(s) } @@ -10559,25 +13744,16 @@ func (s ListLensReviewsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewsInput) GoString() string { +func (s ListProfilesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListLensReviewsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListLensReviewsInput"} +func (s *ListProfilesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListProfilesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.MilestoneNumber != nil && *s.MilestoneNumber < 1 { - invalidParams.Add(request.NewErrParamMinValue("MilestoneNumber", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -10586,47 +13762,37 @@ func (s *ListLensReviewsInput) Validate() error { } // SetMaxResults sets the MaxResults field's value. -func (s *ListLensReviewsInput) SetMaxResults(v int64) *ListLensReviewsInput { +func (s *ListProfilesInput) SetMaxResults(v int64) *ListProfilesInput { s.MaxResults = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListLensReviewsInput) SetMilestoneNumber(v int64) *ListLensReviewsInput { - s.MilestoneNumber = &v +// SetNextToken sets the NextToken field's value. +func (s *ListProfilesInput) SetNextToken(v string) *ListProfilesInput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListLensReviewsInput) SetNextToken(v string) *ListLensReviewsInput { - s.NextToken = &v +// SetProfileNamePrefix sets the ProfileNamePrefix field's value. +func (s *ListProfilesInput) SetProfileNamePrefix(v string) *ListProfilesInput { + s.ProfileNamePrefix = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListLensReviewsInput) SetWorkloadId(v string) *ListLensReviewsInput { - s.WorkloadId = &v +// SetProfileOwnerType sets the ProfileOwnerType field's value. +func (s *ListProfilesInput) SetProfileOwnerType(v string) *ListProfilesInput { + s.ProfileOwnerType = &v return s } -// Output of a list lens reviews call. -type ListLensReviewsOutput struct { +type ListProfilesOutput struct { _ struct{} `type:"structure"` - // List of lens summaries of lens reviews of a workload. - LensReviewSummaries []*LensReviewSummary `type:"list"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` - // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // Profile summaries. + ProfileSummaries []*ProfileSummary `type:"list"` } // String returns the string representation. @@ -10634,7 +13800,7 @@ type ListLensReviewsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewsOutput) String() string { +func (s ListProfilesOutput) String() string { return awsutil.Prettify(s) } @@ -10643,50 +13809,29 @@ func (s ListLensReviewsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensReviewsOutput) GoString() string { +func (s ListProfilesOutput) GoString() string { return s.String() } -// SetLensReviewSummaries sets the LensReviewSummaries field's value. -func (s *ListLensReviewsOutput) SetLensReviewSummaries(v []*LensReviewSummary) *ListLensReviewsOutput { - s.LensReviewSummaries = v - return s -} - -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *ListLensReviewsOutput) SetMilestoneNumber(v int64) *ListLensReviewsOutput { - s.MilestoneNumber = &v - return s -} - // SetNextToken sets the NextToken field's value. -func (s *ListLensReviewsOutput) SetNextToken(v string) *ListLensReviewsOutput { +func (s *ListProfilesOutput) SetNextToken(v string) *ListProfilesOutput { s.NextToken = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListLensReviewsOutput) SetWorkloadId(v string) *ListLensReviewsOutput { - s.WorkloadId = &v +// SetProfileSummaries sets the ProfileSummaries field's value. +func (s *ListProfilesOutput) SetProfileSummaries(v []*ProfileSummary) *ListProfilesOutput { + s.ProfileSummaries = v return s } -type ListLensSharesInput struct { +// Input for List Share Invitations +type ListShareInvitationsInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The alias of the lens. - // - // For Amazon Web Services official lenses, this is either the lens alias, such - // as serverless, or the lens ARN, such as arn:aws:wellarchitected:us-east-1::lens/serverless. - // Note that some operations (such as ExportLens and CreateLensShare) are not - // permitted on Amazon Web Services official lenses. - // - // For custom lenses, this is the lens ARN, such as arn:aws:wellarchitected:us-west-2:123456789012:lens/0123456789abcdef01234567890abcdef. - // - // Each lens is identified by its LensSummary$LensAlias. - // - // LensAlias is a required field - LensAlias *string `location:"uri" locationName:"LensAlias" min:"1" type:"string" required:"true"` + // An optional string added to the beginning of each lens name returned in the + // results. + LensNamePrefix *string `location:"querystring" locationName:"LensNamePrefix" type:"string"` // The maximum number of results to return for this request. MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` @@ -10694,12 +13839,15 @@ type ListLensSharesInput struct { // The token to use to retrieve the next set of results. NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` - // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the lens is shared. - SharedWithPrefix *string `location:"querystring" locationName:"SharedWithPrefix" type:"string"` + // Profile name prefix. + ProfileNamePrefix *string `location:"querystring" locationName:"ProfileNamePrefix" type:"string"` - // The status of a workload share. - Status *string `location:"querystring" locationName:"Status" type:"string" enum:"ShareStatus"` + // The type of share invitations to be returned. + ShareResourceType *string `location:"querystring" locationName:"ShareResourceType" type:"string" enum:"ShareResourceType"` + + // An optional string added to the beginning of each workload name returned + // in the results. + WorkloadNamePrefix *string `location:"querystring" locationName:"WorkloadNamePrefix" type:"string"` } // String returns the string representation. @@ -10707,7 +13855,7 @@ type ListLensSharesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensSharesInput) String() string { +func (s ListShareInvitationsInput) String() string { return awsutil.Prettify(s) } @@ -10716,19 +13864,13 @@ func (s ListLensSharesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensSharesInput) GoString() string { +func (s ListShareInvitationsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListLensSharesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListLensSharesInput"} - if s.LensAlias == nil { - invalidParams.Add(request.NewErrParamRequired("LensAlias")) - } - if s.LensAlias != nil && len(*s.LensAlias) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensAlias", 1)) - } +func (s *ListShareInvitationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListShareInvitationsInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } @@ -10739,44 +13881,137 @@ func (s *ListLensSharesInput) Validate() error { return nil } -// SetLensAlias sets the LensAlias field's value. -func (s *ListLensSharesInput) SetLensAlias(v string) *ListLensSharesInput { - s.LensAlias = &v +// SetLensNamePrefix sets the LensNamePrefix field's value. +func (s *ListShareInvitationsInput) SetLensNamePrefix(v string) *ListShareInvitationsInput { + s.LensNamePrefix = &v return s } // SetMaxResults sets the MaxResults field's value. -func (s *ListLensSharesInput) SetMaxResults(v int64) *ListLensSharesInput { +func (s *ListShareInvitationsInput) SetMaxResults(v int64) *ListShareInvitationsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListLensSharesInput) SetNextToken(v string) *ListLensSharesInput { +func (s *ListShareInvitationsInput) SetNextToken(v string) *ListShareInvitationsInput { + s.NextToken = &v + return s +} + +// SetProfileNamePrefix sets the ProfileNamePrefix field's value. +func (s *ListShareInvitationsInput) SetProfileNamePrefix(v string) *ListShareInvitationsInput { + s.ProfileNamePrefix = &v + return s +} + +// SetShareResourceType sets the ShareResourceType field's value. +func (s *ListShareInvitationsInput) SetShareResourceType(v string) *ListShareInvitationsInput { + s.ShareResourceType = &v + return s +} + +// SetWorkloadNamePrefix sets the WorkloadNamePrefix field's value. +func (s *ListShareInvitationsInput) SetWorkloadNamePrefix(v string) *ListShareInvitationsInput { + s.WorkloadNamePrefix = &v + return s +} + +// Input for List Share Invitations +type ListShareInvitationsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next set of results. + NextToken *string `type:"string"` + + // List of share invitation summaries in a workload. + ShareInvitationSummaries []*ShareInvitationSummary `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListShareInvitationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListShareInvitationsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListShareInvitationsOutput) SetNextToken(v string) *ListShareInvitationsOutput { s.NextToken = &v return s } -// SetSharedWithPrefix sets the SharedWithPrefix field's value. -func (s *ListLensSharesInput) SetSharedWithPrefix(v string) *ListLensSharesInput { - s.SharedWithPrefix = &v - return s +// SetShareInvitationSummaries sets the ShareInvitationSummaries field's value. +func (s *ListShareInvitationsOutput) SetShareInvitationSummaries(v []*ShareInvitationSummary) *ListShareInvitationsOutput { + s.ShareInvitationSummaries = v + return s +} + +type ListTagsForResourceInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The ARN for the workload. + // + // WorkloadArn is a required field + WorkloadArn *string `location:"uri" locationName:"WorkloadArn" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTagsForResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} + if s.WorkloadArn == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadArn")) + } + if s.WorkloadArn != nil && len(*s.WorkloadArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetStatus sets the Status field's value. -func (s *ListLensSharesInput) SetStatus(v string) *ListLensSharesInput { - s.Status = &v +// SetWorkloadArn sets the WorkloadArn field's value. +func (s *ListTagsForResourceInput) SetWorkloadArn(v string) *ListTagsForResourceInput { + s.WorkloadArn = &v return s } -type ListLensSharesOutput struct { +type ListTagsForResourceOutput struct { _ struct{} `type:"structure"` - // A list of lens share summaries. - LensShareSummaries []*LensShareSummary `type:"list"` - - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The tags for the resource. + Tags map[string]*string `min:"1" type:"map"` } // String returns the string representation. @@ -10784,7 +14019,7 @@ type ListLensSharesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensSharesOutput) String() string { +func (s ListTagsForResourceOutput) String() string { return awsutil.Prettify(s) } @@ -10793,40 +14028,38 @@ func (s ListLensSharesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensSharesOutput) GoString() string { +func (s ListTagsForResourceOutput) GoString() string { return s.String() } -// SetLensShareSummaries sets the LensShareSummaries field's value. -func (s *ListLensSharesOutput) SetLensShareSummaries(v []*LensShareSummary) *ListLensSharesOutput { - s.LensShareSummaries = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListLensSharesOutput) SetNextToken(v string) *ListLensSharesOutput { - s.NextToken = &v +// SetTags sets the Tags field's value. +func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { + s.Tags = v return s } -// Input to list lenses. -type ListLensesInput struct { +// Input for List Workload Share +type ListWorkloadSharesInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The full name of the lens. - LensName *string `location:"querystring" locationName:"LensName" min:"1" type:"string"` - - // The status of lenses to be returned. - LensStatus *string `location:"querystring" locationName:"LensStatus" type:"string" enum:"LensStatusType"` - - // The type of lenses to be returned. - LensType *string `location:"querystring" locationName:"LensType" type:"string" enum:"LensType"` - // The maximum number of results to return for this request. MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` // The token to use to retrieve the next set of results. NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` + + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload is shared. + SharedWithPrefix *string `location:"querystring" locationName:"SharedWithPrefix" type:"string"` + + // The status of the share request. + Status *string `location:"querystring" locationName:"Status" type:"string" enum:"ShareStatus"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -10834,7 +14067,7 @@ type ListLensesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensesInput) String() string { +func (s ListWorkloadSharesInput) String() string { return awsutil.Prettify(s) } @@ -10843,19 +14076,22 @@ func (s ListLensesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensesInput) GoString() string { +func (s ListWorkloadSharesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListLensesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListLensesInput"} - if s.LensName != nil && len(*s.LensName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LensName", 1)) - } +func (s *ListWorkloadSharesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListWorkloadSharesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } if invalidParams.Len() > 0 { return invalidParams @@ -10863,45 +14099,49 @@ func (s *ListLensesInput) Validate() error { return nil } -// SetLensName sets the LensName field's value. -func (s *ListLensesInput) SetLensName(v string) *ListLensesInput { - s.LensName = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListWorkloadSharesInput) SetMaxResults(v int64) *ListWorkloadSharesInput { + s.MaxResults = &v return s } -// SetLensStatus sets the LensStatus field's value. -func (s *ListLensesInput) SetLensStatus(v string) *ListLensesInput { - s.LensStatus = &v +// SetNextToken sets the NextToken field's value. +func (s *ListWorkloadSharesInput) SetNextToken(v string) *ListWorkloadSharesInput { + s.NextToken = &v return s } -// SetLensType sets the LensType field's value. -func (s *ListLensesInput) SetLensType(v string) *ListLensesInput { - s.LensType = &v +// SetSharedWithPrefix sets the SharedWithPrefix field's value. +func (s *ListWorkloadSharesInput) SetSharedWithPrefix(v string) *ListWorkloadSharesInput { + s.SharedWithPrefix = &v return s } -// SetMaxResults sets the MaxResults field's value. -func (s *ListLensesInput) SetMaxResults(v int64) *ListLensesInput { - s.MaxResults = &v +// SetStatus sets the Status field's value. +func (s *ListWorkloadSharesInput) SetStatus(v string) *ListWorkloadSharesInput { + s.Status = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListLensesInput) SetNextToken(v string) *ListLensesInput { - s.NextToken = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListWorkloadSharesInput) SetWorkloadId(v string) *ListWorkloadSharesInput { + s.WorkloadId = &v return s } -// Output of a list lenses call. -type ListLensesOutput struct { +// Input for List Workload Share +type ListWorkloadSharesOutput struct { _ struct{} `type:"structure"` - // List of lens summaries of available lenses. - LensSummaries []*LensSummary `type:"list"` - // The token to use to retrieve the next set of results. NextToken *string `type:"string"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` + + // A list of workload share summaries. + WorkloadShareSummaries []*WorkloadShareSummary `type:"list"` } // String returns the string representation. @@ -10909,7 +14149,7 @@ type ListLensesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensesOutput) String() string { +func (s ListWorkloadSharesOutput) String() string { return awsutil.Prettify(s) } @@ -10918,24 +14158,30 @@ func (s ListLensesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListLensesOutput) GoString() string { +func (s ListWorkloadSharesOutput) GoString() string { return s.String() } -// SetLensSummaries sets the LensSummaries field's value. -func (s *ListLensesOutput) SetLensSummaries(v []*LensSummary) *ListLensesOutput { - s.LensSummaries = v +// SetNextToken sets the NextToken field's value. +func (s *ListWorkloadSharesOutput) SetNextToken(v string) *ListWorkloadSharesOutput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListLensesOutput) SetNextToken(v string) *ListLensesOutput { - s.NextToken = &v +// SetWorkloadId sets the WorkloadId field's value. +func (s *ListWorkloadSharesOutput) SetWorkloadId(v string) *ListWorkloadSharesOutput { + s.WorkloadId = &v return s } -// Input to list all milestones for a workload. -type ListMilestonesInput struct { +// SetWorkloadShareSummaries sets the WorkloadShareSummaries field's value. +func (s *ListWorkloadSharesOutput) SetWorkloadShareSummaries(v []*WorkloadShareSummary) *ListWorkloadSharesOutput { + s.WorkloadShareSummaries = v + return s +} + +// Input to list all workloads. +type ListWorkloadsInput struct { _ struct{} `type:"structure"` // The maximum number of results to return for this request. @@ -10944,11 +14190,9 @@ type ListMilestonesInput struct { // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // An optional string added to the beginning of each workload name returned + // in the results. + WorkloadNamePrefix *string `type:"string"` } // String returns the string representation. @@ -10956,7 +14200,7 @@ type ListMilestonesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListMilestonesInput) String() string { +func (s ListWorkloadsInput) String() string { return awsutil.Prettify(s) } @@ -10965,22 +14209,16 @@ func (s ListMilestonesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListMilestonesInput) GoString() string { +func (s ListWorkloadsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListMilestonesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListMilestonesInput"} +func (s *ListWorkloadsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListWorkloadsInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -10989,36 +14227,32 @@ func (s *ListMilestonesInput) Validate() error { } // SetMaxResults sets the MaxResults field's value. -func (s *ListMilestonesInput) SetMaxResults(v int64) *ListMilestonesInput { +func (s *ListWorkloadsInput) SetMaxResults(v int64) *ListWorkloadsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListMilestonesInput) SetNextToken(v string) *ListMilestonesInput { +func (s *ListWorkloadsInput) SetNextToken(v string) *ListWorkloadsInput { s.NextToken = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListMilestonesInput) SetWorkloadId(v string) *ListMilestonesInput { - s.WorkloadId = &v +// SetWorkloadNamePrefix sets the WorkloadNamePrefix field's value. +func (s *ListWorkloadsInput) SetWorkloadNamePrefix(v string) *ListWorkloadsInput { + s.WorkloadNamePrefix = &v return s } -// Output of a list milestones call. -type ListMilestonesOutput struct { +// Output of a list workloads call. +type ListWorkloadsOutput struct { _ struct{} `type:"structure"` - // A list of milestone summaries. - MilestoneSummaries []*MilestoneSummary `type:"list"` - // The token to use to retrieve the next set of results. NextToken *string `type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // A list of workload summaries. + WorkloadSummaries []*WorkloadSummary `type:"list"` } // String returns the string representation. @@ -11026,7 +14260,7 @@ type ListMilestonesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListMilestonesOutput) String() string { +func (s ListWorkloadsOutput) String() string { return awsutil.Prettify(s) } @@ -11035,40 +14269,104 @@ func (s ListMilestonesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListMilestonesOutput) GoString() string { +func (s ListWorkloadsOutput) GoString() string { return s.String() } -// SetMilestoneSummaries sets the MilestoneSummaries field's value. -func (s *ListMilestonesOutput) SetMilestoneSummaries(v []*MilestoneSummary) *ListMilestonesOutput { - s.MilestoneSummaries = v +// SetNextToken sets the NextToken field's value. +func (s *ListWorkloadsOutput) SetNextToken(v string) *ListWorkloadsOutput { + s.NextToken = &v + return s +} + +// SetWorkloadSummaries sets the WorkloadSummaries field's value. +func (s *ListWorkloadsOutput) SetWorkloadSummaries(v []*WorkloadSummary) *ListWorkloadsOutput { + s.WorkloadSummaries = v + return s +} + +// A milestone return object. +type Milestone struct { + _ struct{} `type:"structure"` + + // The name of the milestone in a workload. + // + // Milestone names must be unique within a workload. + MilestoneName *string `min:"3" type:"string"` + + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` + + // The date and time recorded. + RecordedAt *time.Time `type:"timestamp"` + + // A workload return object. + Workload *Workload `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Milestone) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Milestone) GoString() string { + return s.String() +} + +// SetMilestoneName sets the MilestoneName field's value. +func (s *Milestone) SetMilestoneName(v string) *Milestone { + s.MilestoneName = &v + return s +} + +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *Milestone) SetMilestoneNumber(v int64) *Milestone { + s.MilestoneNumber = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListMilestonesOutput) SetNextToken(v string) *ListMilestonesOutput { - s.NextToken = &v +// SetRecordedAt sets the RecordedAt field's value. +func (s *Milestone) SetRecordedAt(v time.Time) *Milestone { + s.RecordedAt = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListMilestonesOutput) SetWorkloadId(v string) *ListMilestonesOutput { - s.WorkloadId = &v +// SetWorkload sets the Workload field's value. +func (s *Milestone) SetWorkload(v *Workload) *Milestone { + s.Workload = v return s } -type ListNotificationsInput struct { +// A milestone summary return object. +type MilestoneSummary struct { _ struct{} `type:"structure"` - // The maximum number of results to return for this request. - MaxResults *int64 `min:"1" type:"integer"` + // The name of the milestone in a workload. + // + // Milestone names must be unique within a workload. + MilestoneName *string `min:"3" type:"string"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The milestone number. + // + // A workload can have a maximum of 100 milestones. + MilestoneNumber *int64 `min:"1" type:"integer"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // The date and time recorded. + RecordedAt *time.Time `type:"timestamp"` + + // A workload summary return object. + WorkloadSummary *WorkloadSummary `type:"structure"` } // String returns the string representation. @@ -11076,7 +14374,7 @@ type ListNotificationsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListNotificationsInput) String() string { +func (s MilestoneSummary) String() string { return awsutil.Prettify(s) } @@ -11085,49 +14383,43 @@ func (s ListNotificationsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListNotificationsInput) GoString() string { +func (s MilestoneSummary) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListNotificationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListNotificationsInput"} - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetMilestoneName sets the MilestoneName field's value. +func (s *MilestoneSummary) SetMilestoneName(v string) *MilestoneSummary { + s.MilestoneName = &v + return s } -// SetMaxResults sets the MaxResults field's value. -func (s *ListNotificationsInput) SetMaxResults(v int64) *ListNotificationsInput { - s.MaxResults = &v +// SetMilestoneNumber sets the MilestoneNumber field's value. +func (s *MilestoneSummary) SetMilestoneNumber(v int64) *MilestoneSummary { + s.MilestoneNumber = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListNotificationsInput) SetNextToken(v string) *ListNotificationsInput { - s.NextToken = &v +// SetRecordedAt sets the RecordedAt field's value. +func (s *MilestoneSummary) SetRecordedAt(v time.Time) *MilestoneSummary { + s.RecordedAt = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListNotificationsInput) SetWorkloadId(v string) *ListNotificationsInput { - s.WorkloadId = &v +// SetWorkloadSummary sets the WorkloadSummary field's value. +func (s *MilestoneSummary) SetWorkloadSummary(v *WorkloadSummary) *MilestoneSummary { + s.WorkloadSummary = v return s } -type ListNotificationsOutput struct { +// A notification summary return object. +type NotificationSummary struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // Summary of lens upgrade. + LensUpgradeSummary *LensUpgradeSummary `type:"structure"` - // List of lens notification summaries in a workload. - NotificationSummaries []*NotificationSummary `type:"list"` + // The type of notification. + Type *string `type:"string" enum:"NotificationType"` } // String returns the string representation. @@ -11135,7 +14427,7 @@ type ListNotificationsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListNotificationsOutput) String() string { +func (s NotificationSummary) String() string { return awsutil.Prettify(s) } @@ -11144,42 +14436,39 @@ func (s ListNotificationsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListNotificationsOutput) GoString() string { +func (s NotificationSummary) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *ListNotificationsOutput) SetNextToken(v string) *ListNotificationsOutput { - s.NextToken = &v +// SetLensUpgradeSummary sets the LensUpgradeSummary field's value. +func (s *NotificationSummary) SetLensUpgradeSummary(v *LensUpgradeSummary) *NotificationSummary { + s.LensUpgradeSummary = v return s } -// SetNotificationSummaries sets the NotificationSummaries field's value. -func (s *ListNotificationsOutput) SetNotificationSummaries(v []*NotificationSummary) *ListNotificationsOutput { - s.NotificationSummaries = v +// SetType sets the Type field's value. +func (s *NotificationSummary) SetType(v string) *NotificationSummary { + s.Type = &v return s } -// Input for List Share Invitations -type ListShareInvitationsInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // An optional string added to the beginning of each lens name returned in the - // results. - LensNamePrefix *string `location:"querystring" locationName:"LensNamePrefix" type:"string"` +// A pillar difference return object. +type PillarDifference struct { + _ struct{} `type:"structure"` - // The maximum number of results to return for this request. - MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` + // Indicates the type of change to the pillar. + DifferenceStatus *string `type:"string" enum:"DifferenceStatus"` - // The token to use to retrieve the next set of results. - NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` - // The type of share invitations to be returned. - ShareResourceType *string `location:"querystring" locationName:"ShareResourceType" type:"string" enum:"ShareResourceType"` + // The name of the pillar. + PillarName *string `min:"1" type:"string"` - // An optional string added to the beginning of each workload name returned - // in the results. - WorkloadNamePrefix *string `location:"querystring" locationName:"WorkloadNamePrefix" type:"string"` + // List of question differences. + QuestionDifferences []*QuestionDifference `type:"list"` } // String returns the string representation. @@ -11187,7 +14476,7 @@ type ListShareInvitationsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListShareInvitationsInput) String() string { +func (s PillarDifference) String() string { return awsutil.Prettify(s) } @@ -11196,62 +14485,48 @@ func (s ListShareInvitationsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListShareInvitationsInput) GoString() string { +func (s PillarDifference) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListShareInvitationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListShareInvitationsInput"} - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetLensNamePrefix sets the LensNamePrefix field's value. -func (s *ListShareInvitationsInput) SetLensNamePrefix(v string) *ListShareInvitationsInput { - s.LensNamePrefix = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListShareInvitationsInput) SetMaxResults(v int64) *ListShareInvitationsInput { - s.MaxResults = &v +// SetDifferenceStatus sets the DifferenceStatus field's value. +func (s *PillarDifference) SetDifferenceStatus(v string) *PillarDifference { + s.DifferenceStatus = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListShareInvitationsInput) SetNextToken(v string) *ListShareInvitationsInput { - s.NextToken = &v +// SetPillarId sets the PillarId field's value. +func (s *PillarDifference) SetPillarId(v string) *PillarDifference { + s.PillarId = &v return s } -// SetShareResourceType sets the ShareResourceType field's value. -func (s *ListShareInvitationsInput) SetShareResourceType(v string) *ListShareInvitationsInput { - s.ShareResourceType = &v +// SetPillarName sets the PillarName field's value. +func (s *PillarDifference) SetPillarName(v string) *PillarDifference { + s.PillarName = &v return s } -// SetWorkloadNamePrefix sets the WorkloadNamePrefix field's value. -func (s *ListShareInvitationsInput) SetWorkloadNamePrefix(v string) *ListShareInvitationsInput { - s.WorkloadNamePrefix = &v +// SetQuestionDifferences sets the QuestionDifferences field's value. +func (s *PillarDifference) SetQuestionDifferences(v []*QuestionDifference) *PillarDifference { + s.QuestionDifferences = v return s } -// Input for List Share Invitations -type ListShareInvitationsOutput struct { +// A metric for a particular pillar in a lens. +type PillarMetric struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` - // List of share invitation summaries in a workload. - ShareInvitationSummaries []*ShareInvitationSummary `type:"list"` + // The questions that have been identified as risks in the pillar. + Questions []*QuestionMetric `type:"list"` + + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` } // String returns the string representation. @@ -11259,7 +14534,7 @@ type ListShareInvitationsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListShareInvitationsOutput) String() string { +func (s PillarMetric) String() string { return awsutil.Prettify(s) } @@ -11268,76 +14543,48 @@ func (s ListShareInvitationsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListShareInvitationsOutput) GoString() string { +func (s PillarMetric) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *ListShareInvitationsOutput) SetNextToken(v string) *ListShareInvitationsOutput { - s.NextToken = &v +// SetPillarId sets the PillarId field's value. +func (s *PillarMetric) SetPillarId(v string) *PillarMetric { + s.PillarId = &v return s } -// SetShareInvitationSummaries sets the ShareInvitationSummaries field's value. -func (s *ListShareInvitationsOutput) SetShareInvitationSummaries(v []*ShareInvitationSummary) *ListShareInvitationsOutput { - s.ShareInvitationSummaries = v +// SetQuestions sets the Questions field's value. +func (s *PillarMetric) SetQuestions(v []*QuestionMetric) *PillarMetric { + s.Questions = v return s } -type ListTagsForResourceInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The ARN for the workload. - // - // WorkloadArn is a required field - WorkloadArn *string `location:"uri" locationName:"WorkloadArn" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceInput) String() string { - return awsutil.Prettify(s) +// SetRiskCounts sets the RiskCounts field's value. +func (s *PillarMetric) SetRiskCounts(v map[string]*int64) *PillarMetric { + s.RiskCounts = v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceInput) GoString() string { - return s.String() -} +// A pillar review summary of a lens review. +type PillarReviewSummary struct { + _ struct{} `type:"structure"` -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTagsForResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} - if s.WorkloadArn == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadArn")) - } - if s.WorkloadArn != nil && len(*s.WorkloadArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadArn", 1)) - } + // The notes associated with the workload. + Notes *string `type:"string"` - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} + // The ID used to identify a pillar, for example, security. + // + // A pillar is identified by its PillarReviewSummary$PillarId. + PillarId *string `min:"1" type:"string"` -// SetWorkloadArn sets the WorkloadArn field's value. -func (s *ListTagsForResourceInput) SetWorkloadArn(v string) *ListTagsForResourceInput { - s.WorkloadArn = &v - return s -} + // The name of the pillar. + PillarName *string `min:"1" type:"string"` -type ListTagsForResourceOutput struct { - _ struct{} `type:"structure"` + // A map from risk names to the count of how many questions have that rating. + PrioritizedRiskCounts map[string]*int64 `type:"map"` - // The tags for the resource. - Tags map[string]*string `min:"1" type:"map"` + // A map from risk names to the count of how many questions have that rating. + RiskCounts map[string]*int64 `type:"map"` } // String returns the string representation. @@ -11345,7 +14592,7 @@ type ListTagsForResourceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) String() string { +func (s PillarReviewSummary) String() string { return awsutil.Prettify(s) } @@ -11354,38 +14601,73 @@ func (s ListTagsForResourceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) GoString() string { +func (s PillarReviewSummary) GoString() string { return s.String() } -// SetTags sets the Tags field's value. -func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { - s.Tags = v +// SetNotes sets the Notes field's value. +func (s *PillarReviewSummary) SetNotes(v string) *PillarReviewSummary { + s.Notes = &v return s } -// Input for List Workload Share -type ListWorkloadSharesInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// SetPillarId sets the PillarId field's value. +func (s *PillarReviewSummary) SetPillarId(v string) *PillarReviewSummary { + s.PillarId = &v + return s +} - // The maximum number of results to return for this request. - MaxResults *int64 `location:"querystring" locationName:"MaxResults" min:"1" type:"integer"` +// SetPillarName sets the PillarName field's value. +func (s *PillarReviewSummary) SetPillarName(v string) *PillarReviewSummary { + s.PillarName = &v + return s +} - // The token to use to retrieve the next set of results. - NextToken *string `location:"querystring" locationName:"NextToken" type:"string"` +// SetPrioritizedRiskCounts sets the PrioritizedRiskCounts field's value. +func (s *PillarReviewSummary) SetPrioritizedRiskCounts(v map[string]*int64) *PillarReviewSummary { + s.PrioritizedRiskCounts = v + return s +} - // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. - SharedWithPrefix *string `location:"querystring" locationName:"SharedWithPrefix" type:"string"` +// SetRiskCounts sets the RiskCounts field's value. +func (s *PillarReviewSummary) SetRiskCounts(v map[string]*int64) *PillarReviewSummary { + s.RiskCounts = v + return s +} - // The status of a workload share. - Status *string `location:"querystring" locationName:"Status" type:"string" enum:"ShareStatus"` +// A profile. +type Profile struct { + _ struct{} `type:"structure"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - // - // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + // The date and time recorded. + CreatedAt *time.Time `type:"timestamp"` + + // An Amazon Web Services account ID. + Owner *string `min:"12" type:"string"` + + // The profile ARN. + ProfileArn *string `type:"string"` + + // The profile description. + ProfileDescription *string `min:"3" type:"string"` + + // The profile name. + ProfileName *string `min:"3" type:"string"` + + // Profile questions. + ProfileQuestions []*ProfileQuestion `type:"list"` + + // The profile version. + ProfileVersion *string `min:"1" type:"string"` + + // The ID assigned to the share invitation. + ShareInvitationId *string `type:"string"` + + // The tags assigned to the profile. + Tags map[string]*string `min:"1" type:"map"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -11393,7 +14675,7 @@ type ListWorkloadSharesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadSharesInput) String() string { +func (s Profile) String() string { return awsutil.Prettify(s) } @@ -11402,72 +14684,82 @@ func (s ListWorkloadSharesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadSharesInput) GoString() string { +func (s Profile) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListWorkloadSharesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListWorkloadSharesInput"} - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - if s.WorkloadId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkloadId")) - } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) - } +// SetCreatedAt sets the CreatedAt field's value. +func (s *Profile) SetCreatedAt(v time.Time) *Profile { + s.CreatedAt = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetOwner sets the Owner field's value. +func (s *Profile) SetOwner(v string) *Profile { + s.Owner = &v + return s } -// SetMaxResults sets the MaxResults field's value. -func (s *ListWorkloadSharesInput) SetMaxResults(v int64) *ListWorkloadSharesInput { - s.MaxResults = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *Profile) SetProfileArn(v string) *Profile { + s.ProfileArn = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListWorkloadSharesInput) SetNextToken(v string) *ListWorkloadSharesInput { - s.NextToken = &v +// SetProfileDescription sets the ProfileDescription field's value. +func (s *Profile) SetProfileDescription(v string) *Profile { + s.ProfileDescription = &v return s } -// SetSharedWithPrefix sets the SharedWithPrefix field's value. -func (s *ListWorkloadSharesInput) SetSharedWithPrefix(v string) *ListWorkloadSharesInput { - s.SharedWithPrefix = &v +// SetProfileName sets the ProfileName field's value. +func (s *Profile) SetProfileName(v string) *Profile { + s.ProfileName = &v return s } -// SetStatus sets the Status field's value. -func (s *ListWorkloadSharesInput) SetStatus(v string) *ListWorkloadSharesInput { - s.Status = &v +// SetProfileQuestions sets the ProfileQuestions field's value. +func (s *Profile) SetProfileQuestions(v []*ProfileQuestion) *Profile { + s.ProfileQuestions = v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListWorkloadSharesInput) SetWorkloadId(v string) *ListWorkloadSharesInput { - s.WorkloadId = &v +// SetProfileVersion sets the ProfileVersion field's value. +func (s *Profile) SetProfileVersion(v string) *Profile { + s.ProfileVersion = &v return s } -// Input for List Workload Share -type ListWorkloadSharesOutput struct { +// SetShareInvitationId sets the ShareInvitationId field's value. +func (s *Profile) SetShareInvitationId(v string) *Profile { + s.ShareInvitationId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Profile) SetTags(v map[string]*string) *Profile { + s.Tags = v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *Profile) SetUpdatedAt(v time.Time) *Profile { + s.UpdatedAt = &v + return s +} + +// The profile choice. +type ProfileChoice struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The description of a choice. + ChoiceDescription *string `min:"1" type:"string"` - // The ID assigned to the workload. This ID is unique within an Amazon Web Services - // Region. - WorkloadId *string `type:"string"` + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` - // A list of workload share summaries. - WorkloadShareSummaries []*WorkloadShareSummary `type:"list"` + // The title of a choice. + ChoiceTitle *string `min:"1" type:"string"` } // String returns the string representation. @@ -11475,7 +14767,7 @@ type ListWorkloadSharesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadSharesOutput) String() string { +func (s ProfileChoice) String() string { return awsutil.Prettify(s) } @@ -11484,41 +14776,56 @@ func (s ListWorkloadSharesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadSharesOutput) GoString() string { +func (s ProfileChoice) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *ListWorkloadSharesOutput) SetNextToken(v string) *ListWorkloadSharesOutput { - s.NextToken = &v +// SetChoiceDescription sets the ChoiceDescription field's value. +func (s *ProfileChoice) SetChoiceDescription(v string) *ProfileChoice { + s.ChoiceDescription = &v return s } -// SetWorkloadId sets the WorkloadId field's value. -func (s *ListWorkloadSharesOutput) SetWorkloadId(v string) *ListWorkloadSharesOutput { - s.WorkloadId = &v +// SetChoiceId sets the ChoiceId field's value. +func (s *ProfileChoice) SetChoiceId(v string) *ProfileChoice { + s.ChoiceId = &v return s } -// SetWorkloadShareSummaries sets the WorkloadShareSummaries field's value. -func (s *ListWorkloadSharesOutput) SetWorkloadShareSummaries(v []*WorkloadShareSummary) *ListWorkloadSharesOutput { - s.WorkloadShareSummaries = v +// SetChoiceTitle sets the ChoiceTitle field's value. +func (s *ProfileChoice) SetChoiceTitle(v string) *ProfileChoice { + s.ChoiceTitle = &v return s } -// Input to list all workloads. -type ListWorkloadsInput struct { +// The profile notification summary. +type ProfileNotificationSummary struct { _ struct{} `type:"structure"` - // The maximum number of results to return for this request. - MaxResults *int64 `min:"1" type:"integer"` + // The current profile version. + CurrentProfileVersion *string `min:"1" type:"string"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The latest profile version. + LatestProfileVersion *string `min:"1" type:"string"` - // An optional string added to the beginning of each workload name returned - // in the results. - WorkloadNamePrefix *string `type:"string"` + // The profile ARN. + ProfileArn *string `type:"string"` + + // The profile name. + ProfileName *string `min:"3" type:"string"` + + // Type of notification. + Type *string `type:"string" enum:"ProfileNotificationType"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + WorkloadId *string `min:"32" type:"string"` + + // The name of the workload. + // + // The name must be unique within an account within an Amazon Web Services Region. + // Spaces and capitalization are ignored when checking for uniqueness. + WorkloadName *string `min:"3" type:"string"` } // String returns the string representation. @@ -11526,7 +14833,7 @@ type ListWorkloadsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadsInput) String() string { +func (s ProfileNotificationSummary) String() string { return awsutil.Prettify(s) } @@ -11535,50 +14842,76 @@ func (s ListWorkloadsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadsInput) GoString() string { +func (s ProfileNotificationSummary) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListWorkloadsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListWorkloadsInput"} - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } +// SetCurrentProfileVersion sets the CurrentProfileVersion field's value. +func (s *ProfileNotificationSummary) SetCurrentProfileVersion(v string) *ProfileNotificationSummary { + s.CurrentProfileVersion = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetLatestProfileVersion sets the LatestProfileVersion field's value. +func (s *ProfileNotificationSummary) SetLatestProfileVersion(v string) *ProfileNotificationSummary { + s.LatestProfileVersion = &v + return s } -// SetMaxResults sets the MaxResults field's value. -func (s *ListWorkloadsInput) SetMaxResults(v int64) *ListWorkloadsInput { - s.MaxResults = &v +// SetProfileArn sets the ProfileArn field's value. +func (s *ProfileNotificationSummary) SetProfileArn(v string) *ProfileNotificationSummary { + s.ProfileArn = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListWorkloadsInput) SetNextToken(v string) *ListWorkloadsInput { - s.NextToken = &v +// SetProfileName sets the ProfileName field's value. +func (s *ProfileNotificationSummary) SetProfileName(v string) *ProfileNotificationSummary { + s.ProfileName = &v return s } -// SetWorkloadNamePrefix sets the WorkloadNamePrefix field's value. -func (s *ListWorkloadsInput) SetWorkloadNamePrefix(v string) *ListWorkloadsInput { - s.WorkloadNamePrefix = &v +// SetType sets the Type field's value. +func (s *ProfileNotificationSummary) SetType(v string) *ProfileNotificationSummary { + s.Type = &v return s } -// Output of a list workloads call. -type ListWorkloadsOutput struct { +// SetWorkloadId sets the WorkloadId field's value. +func (s *ProfileNotificationSummary) SetWorkloadId(v string) *ProfileNotificationSummary { + s.WorkloadId = &v + return s +} + +// SetWorkloadName sets the WorkloadName field's value. +func (s *ProfileNotificationSummary) SetWorkloadName(v string) *ProfileNotificationSummary { + s.WorkloadName = &v + return s +} + +// A profile question. +type ProfileQuestion struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. - NextToken *string `type:"string"` + // The maximum number of selected choices. + MaxSelectedChoices *int64 `type:"integer"` - // A list of workload summaries. - WorkloadSummaries []*WorkloadSummary `type:"list"` + // The minimum number of selected choices. + MinSelectedChoices *int64 `type:"integer"` + + // The question choices. + QuestionChoices []*ProfileChoice `type:"list"` + + // The description of the question. + QuestionDescription *string `min:"1" type:"string"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // The title of the question. + QuestionTitle *string `min:"1" type:"string"` + + // The selected choices. + SelectedChoiceIds []*string `type:"list"` } // String returns the string representation. @@ -11586,7 +14919,7 @@ type ListWorkloadsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadsOutput) String() string { +func (s ProfileQuestion) String() string { return awsutil.Prettify(s) } @@ -11595,41 +14928,61 @@ func (s ListWorkloadsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListWorkloadsOutput) GoString() string { +func (s ProfileQuestion) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *ListWorkloadsOutput) SetNextToken(v string) *ListWorkloadsOutput { - s.NextToken = &v +// SetMaxSelectedChoices sets the MaxSelectedChoices field's value. +func (s *ProfileQuestion) SetMaxSelectedChoices(v int64) *ProfileQuestion { + s.MaxSelectedChoices = &v + return s +} + +// SetMinSelectedChoices sets the MinSelectedChoices field's value. +func (s *ProfileQuestion) SetMinSelectedChoices(v int64) *ProfileQuestion { + s.MinSelectedChoices = &v + return s +} + +// SetQuestionChoices sets the QuestionChoices field's value. +func (s *ProfileQuestion) SetQuestionChoices(v []*ProfileChoice) *ProfileQuestion { + s.QuestionChoices = v + return s +} + +// SetQuestionDescription sets the QuestionDescription field's value. +func (s *ProfileQuestion) SetQuestionDescription(v string) *ProfileQuestion { + s.QuestionDescription = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *ProfileQuestion) SetQuestionId(v string) *ProfileQuestion { + s.QuestionId = &v + return s +} + +// SetQuestionTitle sets the QuestionTitle field's value. +func (s *ProfileQuestion) SetQuestionTitle(v string) *ProfileQuestion { + s.QuestionTitle = &v return s } -// SetWorkloadSummaries sets the WorkloadSummaries field's value. -func (s *ListWorkloadsOutput) SetWorkloadSummaries(v []*WorkloadSummary) *ListWorkloadsOutput { - s.WorkloadSummaries = v +// SetSelectedChoiceIds sets the SelectedChoiceIds field's value. +func (s *ProfileQuestion) SetSelectedChoiceIds(v []*string) *ProfileQuestion { + s.SelectedChoiceIds = v return s } -// A milestone return object. -type Milestone struct { +// An update to a profile question. +type ProfileQuestionUpdate struct { _ struct{} `type:"structure"` - // The name of the milestone in a workload. - // - // Milestone names must be unique within a workload. - MilestoneName *string `min:"3" type:"string"` - - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` - - // The date and time recorded. - RecordedAt *time.Time `type:"timestamp"` + // The ID of the question. + QuestionId *string `min:"1" type:"string"` - // A workload return object. - Workload *Workload `type:"structure"` + // The selected choices. + SelectedChoiceIds []*string `type:"list"` } // String returns the string representation. @@ -11637,7 +14990,7 @@ type Milestone struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Milestone) String() string { +func (s ProfileQuestionUpdate) String() string { return awsutil.Prettify(s) } @@ -11646,53 +14999,51 @@ func (s Milestone) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Milestone) GoString() string { +func (s ProfileQuestionUpdate) GoString() string { return s.String() } -// SetMilestoneName sets the MilestoneName field's value. -func (s *Milestone) SetMilestoneName(v string) *Milestone { - s.MilestoneName = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProfileQuestionUpdate) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProfileQuestionUpdate"} + if s.QuestionId != nil && len(*s.QuestionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QuestionId", 1)) + } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *Milestone) SetMilestoneNumber(v int64) *Milestone { - s.MilestoneNumber = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetRecordedAt sets the RecordedAt field's value. -func (s *Milestone) SetRecordedAt(v time.Time) *Milestone { - s.RecordedAt = &v +// SetQuestionId sets the QuestionId field's value. +func (s *ProfileQuestionUpdate) SetQuestionId(v string) *ProfileQuestionUpdate { + s.QuestionId = &v return s } -// SetWorkload sets the Workload field's value. -func (s *Milestone) SetWorkload(v *Workload) *Milestone { - s.Workload = v +// SetSelectedChoiceIds sets the SelectedChoiceIds field's value. +func (s *ProfileQuestionUpdate) SetSelectedChoiceIds(v []*string) *ProfileQuestionUpdate { + s.SelectedChoiceIds = v return s } -// A milestone summary return object. -type MilestoneSummary struct { +// Summary of a profile share. +type ProfileShareSummary struct { _ struct{} `type:"structure"` - // The name of the milestone in a workload. - // - // Milestone names must be unique within a workload. - MilestoneName *string `min:"3" type:"string"` + // The ID associated with the share. + ShareId *string `type:"string"` - // The milestone number. - // - // A workload can have a maximum of 100 milestones. - MilestoneNumber *int64 `min:"1" type:"integer"` + // The Amazon Web Services account ID, IAM role, organization ID, or organizational + // unit (OU) ID with which the workload, lens, or profile is shared. + SharedWith *string `min:"12" type:"string"` - // The date and time recorded. - RecordedAt *time.Time `type:"timestamp"` + // The status of the share request. + Status *string `type:"string" enum:"ShareStatus"` - // A workload summary return object. - WorkloadSummary *WorkloadSummary `type:"structure"` + // Profile share invitation status message. + StatusMessage *string `min:"1" type:"string"` } // String returns the string representation. @@ -11700,7 +15051,7 @@ type MilestoneSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MilestoneSummary) String() string { +func (s ProfileShareSummary) String() string { return awsutil.Prettify(s) } @@ -11709,43 +15060,58 @@ func (s MilestoneSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MilestoneSummary) GoString() string { +func (s ProfileShareSummary) GoString() string { return s.String() } -// SetMilestoneName sets the MilestoneName field's value. -func (s *MilestoneSummary) SetMilestoneName(v string) *MilestoneSummary { - s.MilestoneName = &v +// SetShareId sets the ShareId field's value. +func (s *ProfileShareSummary) SetShareId(v string) *ProfileShareSummary { + s.ShareId = &v return s } -// SetMilestoneNumber sets the MilestoneNumber field's value. -func (s *MilestoneSummary) SetMilestoneNumber(v int64) *MilestoneSummary { - s.MilestoneNumber = &v +// SetSharedWith sets the SharedWith field's value. +func (s *ProfileShareSummary) SetSharedWith(v string) *ProfileShareSummary { + s.SharedWith = &v return s } -// SetRecordedAt sets the RecordedAt field's value. -func (s *MilestoneSummary) SetRecordedAt(v time.Time) *MilestoneSummary { - s.RecordedAt = &v +// SetStatus sets the Status field's value. +func (s *ProfileShareSummary) SetStatus(v string) *ProfileShareSummary { + s.Status = &v return s } -// SetWorkloadSummary sets the WorkloadSummary field's value. -func (s *MilestoneSummary) SetWorkloadSummary(v *WorkloadSummary) *MilestoneSummary { - s.WorkloadSummary = v +// SetStatusMessage sets the StatusMessage field's value. +func (s *ProfileShareSummary) SetStatusMessage(v string) *ProfileShareSummary { + s.StatusMessage = &v return s } -// A notification summary return object. -type NotificationSummary struct { +// Summary of a profile. +type ProfileSummary struct { _ struct{} `type:"structure"` - // Summary of lens upgrade. - LensUpgradeSummary *LensUpgradeSummary `type:"structure"` + // The date and time recorded. + CreatedAt *time.Time `type:"timestamp"` - // The type of notification. - Type *string `type:"string" enum:"NotificationType"` + // An Amazon Web Services account ID. + Owner *string `min:"12" type:"string"` + + // The profile ARN. + ProfileArn *string `type:"string"` + + // The profile description. + ProfileDescription *string `min:"3" type:"string"` + + // The profile name. + ProfileName *string `min:"3" type:"string"` + + // The profile version. + ProfileVersion *string `min:"1" type:"string"` + + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -11753,7 +15119,7 @@ type NotificationSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s NotificationSummary) String() string { +func (s ProfileSummary) String() string { return awsutil.Prettify(s) } @@ -11762,39 +15128,67 @@ func (s NotificationSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s NotificationSummary) GoString() string { +func (s ProfileSummary) GoString() string { return s.String() } -// SetLensUpgradeSummary sets the LensUpgradeSummary field's value. -func (s *NotificationSummary) SetLensUpgradeSummary(v *LensUpgradeSummary) *NotificationSummary { - s.LensUpgradeSummary = v +// SetCreatedAt sets the CreatedAt field's value. +func (s *ProfileSummary) SetCreatedAt(v time.Time) *ProfileSummary { + s.CreatedAt = &v return s } -// SetType sets the Type field's value. -func (s *NotificationSummary) SetType(v string) *NotificationSummary { - s.Type = &v +// SetOwner sets the Owner field's value. +func (s *ProfileSummary) SetOwner(v string) *ProfileSummary { + s.Owner = &v return s } -// A pillar difference return object. -type PillarDifference struct { +// SetProfileArn sets the ProfileArn field's value. +func (s *ProfileSummary) SetProfileArn(v string) *ProfileSummary { + s.ProfileArn = &v + return s +} + +// SetProfileDescription sets the ProfileDescription field's value. +func (s *ProfileSummary) SetProfileDescription(v string) *ProfileSummary { + s.ProfileDescription = &v + return s +} + +// SetProfileName sets the ProfileName field's value. +func (s *ProfileSummary) SetProfileName(v string) *ProfileSummary { + s.ProfileName = &v + return s +} + +// SetProfileVersion sets the ProfileVersion field's value. +func (s *ProfileSummary) SetProfileVersion(v string) *ProfileSummary { + s.ProfileVersion = &v + return s +} + +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *ProfileSummary) SetUpdatedAt(v time.Time) *ProfileSummary { + s.UpdatedAt = &v + return s +} + +// The profile template. +type ProfileTemplate struct { _ struct{} `type:"structure"` - // Indicates the type of change to the pillar. - DifferenceStatus *string `type:"string" enum:"DifferenceStatus"` + // The date and time recorded. + CreatedAt *time.Time `type:"timestamp"` - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` + // The name of the profile template. + TemplateName *string `min:"3" type:"string"` - // The name of the pillar. - PillarName *string `min:"1" type:"string"` + // Profile template questions. + TemplateQuestions []*ProfileTemplateQuestion `type:"list"` - // List of question differences. - QuestionDifferences []*QuestionDifference `type:"list"` + // The date and time recorded. + UpdatedAt *time.Time `type:"timestamp"` } // String returns the string representation. @@ -11802,7 +15196,7 @@ type PillarDifference struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarDifference) String() string { +func (s ProfileTemplate) String() string { return awsutil.Prettify(s) } @@ -11811,48 +15205,46 @@ func (s PillarDifference) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarDifference) GoString() string { +func (s ProfileTemplate) GoString() string { return s.String() } -// SetDifferenceStatus sets the DifferenceStatus field's value. -func (s *PillarDifference) SetDifferenceStatus(v string) *PillarDifference { - s.DifferenceStatus = &v +// SetCreatedAt sets the CreatedAt field's value. +func (s *ProfileTemplate) SetCreatedAt(v time.Time) *ProfileTemplate { + s.CreatedAt = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *PillarDifference) SetPillarId(v string) *PillarDifference { - s.PillarId = &v +// SetTemplateName sets the TemplateName field's value. +func (s *ProfileTemplate) SetTemplateName(v string) *ProfileTemplate { + s.TemplateName = &v return s } -// SetPillarName sets the PillarName field's value. -func (s *PillarDifference) SetPillarName(v string) *PillarDifference { - s.PillarName = &v +// SetTemplateQuestions sets the TemplateQuestions field's value. +func (s *ProfileTemplate) SetTemplateQuestions(v []*ProfileTemplateQuestion) *ProfileTemplate { + s.TemplateQuestions = v return s } -// SetQuestionDifferences sets the QuestionDifferences field's value. -func (s *PillarDifference) SetQuestionDifferences(v []*QuestionDifference) *PillarDifference { - s.QuestionDifferences = v +// SetUpdatedAt sets the UpdatedAt field's value. +func (s *ProfileTemplate) SetUpdatedAt(v time.Time) *ProfileTemplate { + s.UpdatedAt = &v return s } -// A metric for a particular pillar in a lens. -type PillarMetric struct { +// A profile template choice. +type ProfileTemplateChoice struct { _ struct{} `type:"structure"` - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` + // The description of a choice. + ChoiceDescription *string `min:"1" type:"string"` - // The questions that have been identified as risks in the pillar. - Questions []*QuestionMetric `type:"list"` + // The ID of a choice. + ChoiceId *string `min:"1" type:"string"` - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` + // The title of a choice. + ChoiceTitle *string `min:"1" type:"string"` } // String returns the string representation. @@ -11860,7 +15252,7 @@ type PillarMetric struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarMetric) String() string { +func (s ProfileTemplateChoice) String() string { return awsutil.Prettify(s) } @@ -11869,45 +15261,49 @@ func (s PillarMetric) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarMetric) GoString() string { +func (s ProfileTemplateChoice) GoString() string { return s.String() } -// SetPillarId sets the PillarId field's value. -func (s *PillarMetric) SetPillarId(v string) *PillarMetric { - s.PillarId = &v +// SetChoiceDescription sets the ChoiceDescription field's value. +func (s *ProfileTemplateChoice) SetChoiceDescription(v string) *ProfileTemplateChoice { + s.ChoiceDescription = &v return s } -// SetQuestions sets the Questions field's value. -func (s *PillarMetric) SetQuestions(v []*QuestionMetric) *PillarMetric { - s.Questions = v +// SetChoiceId sets the ChoiceId field's value. +func (s *ProfileTemplateChoice) SetChoiceId(v string) *ProfileTemplateChoice { + s.ChoiceId = &v return s } -// SetRiskCounts sets the RiskCounts field's value. -func (s *PillarMetric) SetRiskCounts(v map[string]*int64) *PillarMetric { - s.RiskCounts = v +// SetChoiceTitle sets the ChoiceTitle field's value. +func (s *ProfileTemplateChoice) SetChoiceTitle(v string) *ProfileTemplateChoice { + s.ChoiceTitle = &v return s } -// A pillar review summary of a lens review. -type PillarReviewSummary struct { +// A profile template question. +type ProfileTemplateQuestion struct { _ struct{} `type:"structure"` - // The notes associated with the workload. - Notes *string `type:"string"` + // The maximum number of choices selected. + MaxSelectedChoices *int64 `type:"integer"` - // The ID used to identify a pillar, for example, security. - // - // A pillar is identified by its PillarReviewSummary$PillarId. - PillarId *string `min:"1" type:"string"` + // The minimum number of choices selected. + MinSelectedChoices *int64 `type:"integer"` - // The name of the pillar. - PillarName *string `min:"1" type:"string"` + // The question choices. + QuestionChoices []*ProfileTemplateChoice `type:"list"` - // A map from risk names to the count of how many questions have that rating. - RiskCounts map[string]*int64 `type:"map"` + // The description of the question. + QuestionDescription *string `min:"1" type:"string"` + + // The ID of the question. + QuestionId *string `min:"1" type:"string"` + + // The title of the question. + QuestionTitle *string `min:"1" type:"string"` } // String returns the string representation. @@ -11915,7 +15311,7 @@ type PillarReviewSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarReviewSummary) String() string { +func (s ProfileTemplateQuestion) String() string { return awsutil.Prettify(s) } @@ -11924,31 +15320,43 @@ func (s PillarReviewSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PillarReviewSummary) GoString() string { +func (s ProfileTemplateQuestion) GoString() string { return s.String() } -// SetNotes sets the Notes field's value. -func (s *PillarReviewSummary) SetNotes(v string) *PillarReviewSummary { - s.Notes = &v +// SetMaxSelectedChoices sets the MaxSelectedChoices field's value. +func (s *ProfileTemplateQuestion) SetMaxSelectedChoices(v int64) *ProfileTemplateQuestion { + s.MaxSelectedChoices = &v return s } -// SetPillarId sets the PillarId field's value. -func (s *PillarReviewSummary) SetPillarId(v string) *PillarReviewSummary { - s.PillarId = &v +// SetMinSelectedChoices sets the MinSelectedChoices field's value. +func (s *ProfileTemplateQuestion) SetMinSelectedChoices(v int64) *ProfileTemplateQuestion { + s.MinSelectedChoices = &v return s } -// SetPillarName sets the PillarName field's value. -func (s *PillarReviewSummary) SetPillarName(v string) *PillarReviewSummary { - s.PillarName = &v +// SetQuestionChoices sets the QuestionChoices field's value. +func (s *ProfileTemplateQuestion) SetQuestionChoices(v []*ProfileTemplateChoice) *ProfileTemplateQuestion { + s.QuestionChoices = v return s } -// SetRiskCounts sets the RiskCounts field's value. -func (s *PillarReviewSummary) SetRiskCounts(v map[string]*int64) *PillarReviewSummary { - s.RiskCounts = v +// SetQuestionDescription sets the QuestionDescription field's value. +func (s *ProfileTemplateQuestion) SetQuestionDescription(v string) *ProfileTemplateQuestion { + s.QuestionDescription = &v + return s +} + +// SetQuestionId sets the QuestionId field's value. +func (s *ProfileTemplateQuestion) SetQuestionId(v string) *ProfileTemplateQuestion { + s.QuestionId = &v + return s +} + +// SetQuestionTitle sets the QuestionTitle field's value. +func (s *ProfileTemplateQuestion) SetQuestionTitle(v string) *ProfileTemplateQuestion { + s.QuestionTitle = &v return s } @@ -12228,6 +15636,9 @@ type ShareInvitation struct { // The ARN for the lens. LensArn *string `type:"string"` + // The profile ARN. + ProfileArn *string `type:"string"` + // The ID assigned to the share invitation. ShareInvitationId *string `type:"string"` @@ -12236,7 +15647,7 @@ type ShareInvitation struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -12269,6 +15680,12 @@ func (s *ShareInvitation) SetLensArn(v string) *ShareInvitation { return s } +// SetProfileArn sets the ProfileArn field's value. +func (s *ShareInvitation) SetProfileArn(v string) *ShareInvitation { + s.ProfileArn = &v + return s +} + // SetShareInvitationId sets the ShareInvitationId field's value. func (s *ShareInvitation) SetShareInvitationId(v string) *ShareInvitation { s.ShareInvitationId = &v @@ -12297,9 +15714,15 @@ type ShareInvitationSummary struct { // The full name of the lens. LensName *string `min:"1" type:"string"` - // Permission granted on a workload share. + // Permission granted on a share request. PermissionType *string `type:"string" enum:"PermissionType"` + // The profile ARN. + ProfileArn *string `type:"string"` + + // The profile name. + ProfileName *string `min:"3" type:"string"` + // The ID assigned to the share invitation. ShareInvitationId *string `type:"string"` @@ -12307,15 +15730,15 @@ type ShareInvitationSummary struct { ShareResourceType *string `type:"string" enum:"ShareResourceType"` // An Amazon Web Services account ID. - SharedBy *string `type:"string"` + SharedBy *string `min:"12" type:"string"` // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. + // unit (OU) ID with which the workload, lens, or profile is shared. SharedWith *string `min:"12" type:"string"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` // The name of the workload. // @@ -12360,6 +15783,18 @@ func (s *ShareInvitationSummary) SetPermissionType(v string) *ShareInvitationSum return s } +// SetProfileArn sets the ProfileArn field's value. +func (s *ShareInvitationSummary) SetProfileArn(v string) *ShareInvitationSummary { + s.ProfileArn = &v + return s +} + +// SetProfileName sets the ProfileName field's value. +func (s *ShareInvitationSummary) SetProfileName(v string) *ShareInvitationSummary { + s.ProfileName = &v + return s +} + // SetShareInvitationId sets the ShareInvitationId field's value. func (s *ShareInvitationSummary) SetShareInvitationId(v string) *ShareInvitationSummary { s.ShareInvitationId = &v @@ -12689,7 +16124,7 @@ type UpdateAnswerInput struct { // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -12728,8 +16163,8 @@ func (s *UpdateAnswerInput) Validate() error { if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if s.ChoiceUpdates != nil { for i, v := range s.ChoiceUpdates { @@ -12820,7 +16255,7 @@ type UpdateAnswerOutput struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -12955,7 +16390,7 @@ type UpdateLensReviewInput struct { // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -12988,8 +16423,8 @@ func (s *UpdateLensReviewInput) Validate() error { if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -13031,7 +16466,7 @@ type UpdateLensReviewOutput struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` } // String returns the string representation. @@ -13064,6 +16499,117 @@ func (s *UpdateLensReviewOutput) SetWorkloadId(v string) *UpdateLensReviewOutput return s } +type UpdateProfileInput struct { + _ struct{} `type:"structure"` + + // The profile ARN. + // + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` + + // The profile description. + ProfileDescription *string `min:"3" type:"string"` + + // Profile questions. + ProfileQuestions []*ProfileQuestionUpdate `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateProfileInput"} + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) + } + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) + } + if s.ProfileDescription != nil && len(*s.ProfileDescription) < 3 { + invalidParams.Add(request.NewErrParamMinLen("ProfileDescription", 3)) + } + if s.ProfileQuestions != nil { + for i, v := range s.ProfileQuestions { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProfileQuestions", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetProfileArn sets the ProfileArn field's value. +func (s *UpdateProfileInput) SetProfileArn(v string) *UpdateProfileInput { + s.ProfileArn = &v + return s +} + +// SetProfileDescription sets the ProfileDescription field's value. +func (s *UpdateProfileInput) SetProfileDescription(v string) *UpdateProfileInput { + s.ProfileDescription = &v + return s +} + +// SetProfileQuestions sets the ProfileQuestions field's value. +func (s *UpdateProfileInput) SetProfileQuestions(v []*ProfileQuestionUpdate) *UpdateProfileInput { + s.ProfileQuestions = v + return s +} + +type UpdateProfileOutput struct { + _ struct{} `type:"structure"` + + // The profile. + Profile *Profile `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateProfileOutput) GoString() string { + return s.String() +} + +// SetProfile sets the Profile field's value. +func (s *UpdateProfileOutput) SetProfile(v *Profile) *UpdateProfileOutput { + s.Profile = v + return s +} + // Input for Update Share Invitation type UpdateShareInvitationInput struct { _ struct{} `type:"structure"` @@ -13275,7 +16821,7 @@ type UpdateWorkloadInput struct { // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` // The name of the workload. // @@ -13314,8 +16860,8 @@ func (s *UpdateWorkloadInput) Validate() error { if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if s.WorkloadName != nil && len(*s.WorkloadName) < 3 { invalidParams.Add(request.NewErrParamMinLen("WorkloadName", 3)) @@ -13465,12 +17011,12 @@ func (s *UpdateWorkloadOutput) SetWorkload(v *Workload) *UpdateWorkloadOutput { type UpdateWorkloadShareInput struct { _ struct{} `type:"structure"` - // Permission granted on a workload share. + // Permission granted on a share request. // // PermissionType is a required field PermissionType *string `type:"string" required:"true" enum:"PermissionType"` - // The ID associated with the workload share. + // The ID associated with the share. // // ShareId is a required field ShareId *string `location:"uri" locationName:"ShareId" type:"string" required:"true"` @@ -13479,7 +17025,7 @@ type UpdateWorkloadShareInput struct { // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -13515,8 +17061,8 @@ func (s *UpdateWorkloadShareInput) Validate() error { if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -13549,7 +17095,7 @@ type UpdateWorkloadShareOutput struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` // A workload share return object. WorkloadShare *WorkloadShare `type:"structure"` @@ -13600,7 +17146,7 @@ type UpgradeLensReviewInput struct { // Amazon Web Services SDKs automatically generate one for you. If you are not // using the Amazon Web Services SDK or the CLI, you must provide this token // or the request will fail. - ClientRequestToken *string `type:"string"` + ClientRequestToken *string `min:"1" type:"string"` // The alias of the lens. // @@ -13627,7 +17173,7 @@ type UpgradeLensReviewInput struct { // Region. // // WorkloadId is a required field - WorkloadId *string `location:"uri" locationName:"WorkloadId" type:"string" required:"true"` + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` } // String returns the string representation. @@ -13651,6 +17197,9 @@ func (s UpgradeLensReviewInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *UpgradeLensReviewInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpgradeLensReviewInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } if s.LensAlias == nil { invalidParams.Add(request.NewErrParamRequired("LensAlias")) } @@ -13666,8 +17215,8 @@ func (s *UpgradeLensReviewInput) Validate() error { if s.WorkloadId == nil { invalidParams.Add(request.NewErrParamRequired("WorkloadId")) } - if s.WorkloadId != nil && len(*s.WorkloadId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 1)) + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) } if invalidParams.Len() > 0 { @@ -13722,6 +17271,132 @@ func (s UpgradeLensReviewOutput) GoString() string { return s.String() } +type UpgradeProfileVersionInput struct { + _ struct{} `type:"structure"` + + // A unique case-sensitive string used to ensure that this request is idempotent + // (executes only once). + // + // You should not reuse the same token for other requests. If you retry a request + // with the same client request token and the same parameters after the original + // request has completed successfully, the result of the original request is + // returned. + // + // This token is listed as required, however, if you do not specify it, the + // Amazon Web Services SDKs automatically generate one for you. If you are not + // using the Amazon Web Services SDK or the CLI, you must provide this token + // or the request will fail. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The name of the milestone in a workload. + // + // Milestone names must be unique within a workload. + MilestoneName *string `min:"3" type:"string"` + + // The profile ARN. + // + // ProfileArn is a required field + ProfileArn *string `location:"uri" locationName:"ProfileArn" type:"string" required:"true"` + + // The ID assigned to the workload. This ID is unique within an Amazon Web Services + // Region. + // + // WorkloadId is a required field + WorkloadId *string `location:"uri" locationName:"WorkloadId" min:"32" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpgradeProfileVersionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpgradeProfileVersionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpgradeProfileVersionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpgradeProfileVersionInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.MilestoneName != nil && len(*s.MilestoneName) < 3 { + invalidParams.Add(request.NewErrParamMinLen("MilestoneName", 3)) + } + if s.ProfileArn == nil { + invalidParams.Add(request.NewErrParamRequired("ProfileArn")) + } + if s.ProfileArn != nil && len(*s.ProfileArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProfileArn", 1)) + } + if s.WorkloadId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkloadId")) + } + if s.WorkloadId != nil && len(*s.WorkloadId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("WorkloadId", 32)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *UpgradeProfileVersionInput) SetClientRequestToken(v string) *UpgradeProfileVersionInput { + s.ClientRequestToken = &v + return s +} + +// SetMilestoneName sets the MilestoneName field's value. +func (s *UpgradeProfileVersionInput) SetMilestoneName(v string) *UpgradeProfileVersionInput { + s.MilestoneName = &v + return s +} + +// SetProfileArn sets the ProfileArn field's value. +func (s *UpgradeProfileVersionInput) SetProfileArn(v string) *UpgradeProfileVersionInput { + s.ProfileArn = &v + return s +} + +// SetWorkloadId sets the WorkloadId field's value. +func (s *UpgradeProfileVersionInput) SetWorkloadId(v string) *UpgradeProfileVersionInput { + s.WorkloadId = &v + return s +} + +type UpgradeProfileVersionOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpgradeProfileVersionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpgradeProfileVersionOutput) GoString() string { + return s.String() +} + // The user input is not valid. type ValidationException struct { _ struct{} `type:"structure"` @@ -13980,12 +17655,18 @@ type Workload struct { Notes *string `type:"string"` // An Amazon Web Services account ID. - Owner *string `type:"string"` + Owner *string `min:"12" type:"string"` // The priorities of the pillars, which are used to order items in the improvement // plan. Each pillar is represented by its PillarReviewSummary$PillarId. PillarPriorities []*string `type:"list"` + // A map from risk names to the count of how many questions have that rating. + PrioritizedRiskCounts map[string]*int64 `type:"map"` + + // Profile associated with a workload. + Profiles []*WorkloadProfile `type:"list"` + // The review owner of the workload. The name, email address, or identifier // for the primary group or individual that owns the workload review process. ReviewOwner *string `min:"3" type:"string"` @@ -14010,7 +17691,7 @@ type Workload struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` // The name of the workload. // @@ -14133,6 +17814,18 @@ func (s *Workload) SetPillarPriorities(v []*string) *Workload { return s } +// SetPrioritizedRiskCounts sets the PrioritizedRiskCounts field's value. +func (s *Workload) SetPrioritizedRiskCounts(v map[string]*int64) *Workload { + s.PrioritizedRiskCounts = v + return s +} + +// SetProfiles sets the Profiles field's value. +func (s *Workload) SetProfiles(v []*WorkloadProfile) *Workload { + s.Profiles = v + return s +} + // SetReviewOwner sets the ReviewOwner field's value. func (s *Workload) SetReviewOwner(v string) *Workload { s.ReviewOwner = &v @@ -14230,29 +17923,70 @@ func (s *WorkloadDiscoveryConfig) SetWorkloadResourceDefinition(v []*string) *Wo return s } +// The profile associated with a workload. +type WorkloadProfile struct { + _ struct{} `type:"structure"` + + // The profile ARN. + ProfileArn *string `type:"string"` + + // The profile version. + ProfileVersion *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WorkloadProfile) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WorkloadProfile) GoString() string { + return s.String() +} + +// SetProfileArn sets the ProfileArn field's value. +func (s *WorkloadProfile) SetProfileArn(v string) *WorkloadProfile { + s.ProfileArn = &v + return s +} + +// SetProfileVersion sets the ProfileVersion field's value. +func (s *WorkloadProfile) SetProfileVersion(v string) *WorkloadProfile { + s.ProfileVersion = &v + return s +} + // A workload share return object. type WorkloadShare struct { _ struct{} `type:"structure"` - // Permission granted on a workload share. + // Permission granted on a share request. PermissionType *string `type:"string" enum:"PermissionType"` - // The ID associated with the workload share. + // The ID associated with the share. ShareId *string `type:"string"` // An Amazon Web Services account ID. - SharedBy *string `type:"string"` + SharedBy *string `min:"12" type:"string"` // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. + // unit (OU) ID with which the workload, lens, or profile is shared. SharedWith *string `min:"12" type:"string"` - // The status of a workload share. + // The status of the share request. Status *string `type:"string" enum:"ShareStatus"` // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` // The name of the workload. // @@ -14325,17 +18059,17 @@ func (s *WorkloadShare) SetWorkloadName(v string) *WorkloadShare { type WorkloadShareSummary struct { _ struct{} `type:"structure"` - // Permission granted on a workload share. + // Permission granted on a share request. PermissionType *string `type:"string" enum:"PermissionType"` - // The ID associated with the workload share. + // The ID associated with the share. ShareId *string `type:"string"` // The Amazon Web Services account ID, IAM role, organization ID, or organizational - // unit (OU) ID with which the workload is shared. + // unit (OU) ID with which the workload, lens, or profile is shared. SharedWith *string `min:"12" type:"string"` - // The status of a workload share. + // The status of the share request. Status *string `type:"string" enum:"ShareStatus"` // Optional message to compliment the Status field. @@ -14402,7 +18136,13 @@ type WorkloadSummary struct { Lenses []*string `type:"list"` // An Amazon Web Services account ID. - Owner *string `type:"string"` + Owner *string `min:"12" type:"string"` + + // A map from risk names to the count of how many questions have that rating. + PrioritizedRiskCounts map[string]*int64 `type:"map"` + + // Profile associated with a workload. + Profiles []*WorkloadProfile `type:"list"` // A map from risk names to the count of how many questions have that rating. RiskCounts map[string]*int64 `type:"map"` @@ -14415,7 +18155,7 @@ type WorkloadSummary struct { // The ID assigned to the workload. This ID is unique within an Amazon Web Services // Region. - WorkloadId *string `type:"string"` + WorkloadId *string `min:"32" type:"string"` // The name of the workload. // @@ -14460,6 +18200,18 @@ func (s *WorkloadSummary) SetOwner(v string) *WorkloadSummary { return s } +// SetPrioritizedRiskCounts sets the PrioritizedRiskCounts field's value. +func (s *WorkloadSummary) SetPrioritizedRiskCounts(v map[string]*int64) *WorkloadSummary { + s.PrioritizedRiskCounts = v + return s +} + +// SetProfiles sets the Profiles field's value. +func (s *WorkloadSummary) SetProfiles(v []*WorkloadProfile) *WorkloadSummary { + s.Profiles = v + return s +} + // SetRiskCounts sets the RiskCounts field's value. func (s *WorkloadSummary) SetRiskCounts(v map[string]*int64) *WorkloadSummary { s.RiskCounts = v @@ -14830,7 +18582,7 @@ func OrganizationSharingStatus_Values() []string { } } -// Permission granted on a workload share. +// Permission granted on a share request. const ( // PermissionTypeReadonly is a PermissionType enum value PermissionTypeReadonly = "READONLY" @@ -14847,6 +18599,70 @@ func PermissionType_Values() []string { } } +const ( + // ProfileNotificationTypeProfileAnswersUpdated is a ProfileNotificationType enum value + ProfileNotificationTypeProfileAnswersUpdated = "PROFILE_ANSWERS_UPDATED" + + // ProfileNotificationTypeProfileDeleted is a ProfileNotificationType enum value + ProfileNotificationTypeProfileDeleted = "PROFILE_DELETED" +) + +// ProfileNotificationType_Values returns all elements of the ProfileNotificationType enum +func ProfileNotificationType_Values() []string { + return []string{ + ProfileNotificationTypeProfileAnswersUpdated, + ProfileNotificationTypeProfileDeleted, + } +} + +const ( + // ProfileOwnerTypeSelf is a ProfileOwnerType enum value + ProfileOwnerTypeSelf = "SELF" + + // ProfileOwnerTypeShared is a ProfileOwnerType enum value + ProfileOwnerTypeShared = "SHARED" +) + +// ProfileOwnerType_Values returns all elements of the ProfileOwnerType enum +func ProfileOwnerType_Values() []string { + return []string{ + ProfileOwnerTypeSelf, + ProfileOwnerTypeShared, + } +} + +const ( + // QuestionPriorityPrioritized is a QuestionPriority enum value + QuestionPriorityPrioritized = "PRIORITIZED" + + // QuestionPriorityNone is a QuestionPriority enum value + QuestionPriorityNone = "NONE" +) + +// QuestionPriority_Values returns all elements of the QuestionPriority enum +func QuestionPriority_Values() []string { + return []string{ + QuestionPriorityPrioritized, + QuestionPriorityNone, + } +} + +const ( + // QuestionTypePrioritized is a QuestionType enum value + QuestionTypePrioritized = "PRIORITIZED" + + // QuestionTypeNonPrioritized is a QuestionType enum value + QuestionTypeNonPrioritized = "NON_PRIORITIZED" +) + +// QuestionType_Values returns all elements of the QuestionType enum +func QuestionType_Values() []string { + return []string{ + QuestionTypePrioritized, + QuestionTypeNonPrioritized, + } +} + const ( // ReportFormatPdf is a ReportFormat enum value ReportFormatPdf = "PDF" @@ -14915,6 +18731,9 @@ const ( // ShareResourceTypeLens is a ShareResourceType enum value ShareResourceTypeLens = "LENS" + + // ShareResourceTypeProfile is a ShareResourceType enum value + ShareResourceTypeProfile = "PROFILE" ) // ShareResourceType_Values returns all elements of the ShareResourceType enum @@ -14922,10 +18741,11 @@ func ShareResourceType_Values() []string { return []string{ ShareResourceTypeWorkload, ShareResourceTypeLens, + ShareResourceTypeProfile, } } -// The status of a workload share. +// The status of the share request. const ( // ShareStatusAccepted is a ShareStatus enum value ShareStatusAccepted = "ACCEPTED" diff --git a/service/wellarchitected/wellarchitectediface/interface.go b/service/wellarchitected/wellarchitectediface/interface.go index 5308d8049ce..e46f9c191a8 100644 --- a/service/wellarchitected/wellarchitectediface/interface.go +++ b/service/wellarchitected/wellarchitectediface/interface.go @@ -64,6 +64,10 @@ type WellArchitectedAPI interface { AssociateLensesWithContext(aws.Context, *wellarchitected.AssociateLensesInput, ...request.Option) (*wellarchitected.AssociateLensesOutput, error) AssociateLensesRequest(*wellarchitected.AssociateLensesInput) (*request.Request, *wellarchitected.AssociateLensesOutput) + AssociateProfiles(*wellarchitected.AssociateProfilesInput) (*wellarchitected.AssociateProfilesOutput, error) + AssociateProfilesWithContext(aws.Context, *wellarchitected.AssociateProfilesInput, ...request.Option) (*wellarchitected.AssociateProfilesOutput, error) + AssociateProfilesRequest(*wellarchitected.AssociateProfilesInput) (*request.Request, *wellarchitected.AssociateProfilesOutput) + CreateLensShare(*wellarchitected.CreateLensShareInput) (*wellarchitected.CreateLensShareOutput, error) CreateLensShareWithContext(aws.Context, *wellarchitected.CreateLensShareInput, ...request.Option) (*wellarchitected.CreateLensShareOutput, error) CreateLensShareRequest(*wellarchitected.CreateLensShareInput) (*request.Request, *wellarchitected.CreateLensShareOutput) @@ -76,6 +80,14 @@ type WellArchitectedAPI interface { CreateMilestoneWithContext(aws.Context, *wellarchitected.CreateMilestoneInput, ...request.Option) (*wellarchitected.CreateMilestoneOutput, error) CreateMilestoneRequest(*wellarchitected.CreateMilestoneInput) (*request.Request, *wellarchitected.CreateMilestoneOutput) + CreateProfile(*wellarchitected.CreateProfileInput) (*wellarchitected.CreateProfileOutput, error) + CreateProfileWithContext(aws.Context, *wellarchitected.CreateProfileInput, ...request.Option) (*wellarchitected.CreateProfileOutput, error) + CreateProfileRequest(*wellarchitected.CreateProfileInput) (*request.Request, *wellarchitected.CreateProfileOutput) + + CreateProfileShare(*wellarchitected.CreateProfileShareInput) (*wellarchitected.CreateProfileShareOutput, error) + CreateProfileShareWithContext(aws.Context, *wellarchitected.CreateProfileShareInput, ...request.Option) (*wellarchitected.CreateProfileShareOutput, error) + CreateProfileShareRequest(*wellarchitected.CreateProfileShareInput) (*request.Request, *wellarchitected.CreateProfileShareOutput) + CreateWorkload(*wellarchitected.CreateWorkloadInput) (*wellarchitected.CreateWorkloadOutput, error) CreateWorkloadWithContext(aws.Context, *wellarchitected.CreateWorkloadInput, ...request.Option) (*wellarchitected.CreateWorkloadOutput, error) CreateWorkloadRequest(*wellarchitected.CreateWorkloadInput) (*request.Request, *wellarchitected.CreateWorkloadOutput) @@ -92,6 +104,14 @@ type WellArchitectedAPI interface { DeleteLensShareWithContext(aws.Context, *wellarchitected.DeleteLensShareInput, ...request.Option) (*wellarchitected.DeleteLensShareOutput, error) DeleteLensShareRequest(*wellarchitected.DeleteLensShareInput) (*request.Request, *wellarchitected.DeleteLensShareOutput) + DeleteProfile(*wellarchitected.DeleteProfileInput) (*wellarchitected.DeleteProfileOutput, error) + DeleteProfileWithContext(aws.Context, *wellarchitected.DeleteProfileInput, ...request.Option) (*wellarchitected.DeleteProfileOutput, error) + DeleteProfileRequest(*wellarchitected.DeleteProfileInput) (*request.Request, *wellarchitected.DeleteProfileOutput) + + DeleteProfileShare(*wellarchitected.DeleteProfileShareInput) (*wellarchitected.DeleteProfileShareOutput, error) + DeleteProfileShareWithContext(aws.Context, *wellarchitected.DeleteProfileShareInput, ...request.Option) (*wellarchitected.DeleteProfileShareOutput, error) + DeleteProfileShareRequest(*wellarchitected.DeleteProfileShareInput) (*request.Request, *wellarchitected.DeleteProfileShareOutput) + DeleteWorkload(*wellarchitected.DeleteWorkloadInput) (*wellarchitected.DeleteWorkloadOutput, error) DeleteWorkloadWithContext(aws.Context, *wellarchitected.DeleteWorkloadInput, ...request.Option) (*wellarchitected.DeleteWorkloadOutput, error) DeleteWorkloadRequest(*wellarchitected.DeleteWorkloadInput) (*request.Request, *wellarchitected.DeleteWorkloadOutput) @@ -104,6 +124,10 @@ type WellArchitectedAPI interface { DisassociateLensesWithContext(aws.Context, *wellarchitected.DisassociateLensesInput, ...request.Option) (*wellarchitected.DisassociateLensesOutput, error) DisassociateLensesRequest(*wellarchitected.DisassociateLensesInput) (*request.Request, *wellarchitected.DisassociateLensesOutput) + DisassociateProfiles(*wellarchitected.DisassociateProfilesInput) (*wellarchitected.DisassociateProfilesOutput, error) + DisassociateProfilesWithContext(aws.Context, *wellarchitected.DisassociateProfilesInput, ...request.Option) (*wellarchitected.DisassociateProfilesOutput, error) + DisassociateProfilesRequest(*wellarchitected.DisassociateProfilesInput) (*request.Request, *wellarchitected.DisassociateProfilesOutput) + ExportLens(*wellarchitected.ExportLensInput) (*wellarchitected.ExportLensOutput, error) ExportLensWithContext(aws.Context, *wellarchitected.ExportLensInput, ...request.Option) (*wellarchitected.ExportLensOutput, error) ExportLensRequest(*wellarchitected.ExportLensInput) (*request.Request, *wellarchitected.ExportLensOutput) @@ -139,6 +163,14 @@ type WellArchitectedAPI interface { GetMilestoneWithContext(aws.Context, *wellarchitected.GetMilestoneInput, ...request.Option) (*wellarchitected.GetMilestoneOutput, error) GetMilestoneRequest(*wellarchitected.GetMilestoneInput) (*request.Request, *wellarchitected.GetMilestoneOutput) + GetProfile(*wellarchitected.GetProfileInput) (*wellarchitected.GetProfileOutput, error) + GetProfileWithContext(aws.Context, *wellarchitected.GetProfileInput, ...request.Option) (*wellarchitected.GetProfileOutput, error) + GetProfileRequest(*wellarchitected.GetProfileInput) (*request.Request, *wellarchitected.GetProfileOutput) + + GetProfileTemplate(*wellarchitected.GetProfileTemplateInput) (*wellarchitected.GetProfileTemplateOutput, error) + GetProfileTemplateWithContext(aws.Context, *wellarchitected.GetProfileTemplateInput, ...request.Option) (*wellarchitected.GetProfileTemplateOutput, error) + GetProfileTemplateRequest(*wellarchitected.GetProfileTemplateInput) (*request.Request, *wellarchitected.GetProfileTemplateOutput) + GetWorkload(*wellarchitected.GetWorkloadInput) (*wellarchitected.GetWorkloadOutput, error) GetWorkloadWithContext(aws.Context, *wellarchitected.GetWorkloadInput, ...request.Option) (*wellarchitected.GetWorkloadOutput, error) GetWorkloadRequest(*wellarchitected.GetWorkloadInput) (*request.Request, *wellarchitected.GetWorkloadOutput) @@ -210,6 +242,27 @@ type WellArchitectedAPI interface { ListNotificationsPages(*wellarchitected.ListNotificationsInput, func(*wellarchitected.ListNotificationsOutput, bool) bool) error ListNotificationsPagesWithContext(aws.Context, *wellarchitected.ListNotificationsInput, func(*wellarchitected.ListNotificationsOutput, bool) bool, ...request.Option) error + ListProfileNotifications(*wellarchitected.ListProfileNotificationsInput) (*wellarchitected.ListProfileNotificationsOutput, error) + ListProfileNotificationsWithContext(aws.Context, *wellarchitected.ListProfileNotificationsInput, ...request.Option) (*wellarchitected.ListProfileNotificationsOutput, error) + ListProfileNotificationsRequest(*wellarchitected.ListProfileNotificationsInput) (*request.Request, *wellarchitected.ListProfileNotificationsOutput) + + ListProfileNotificationsPages(*wellarchitected.ListProfileNotificationsInput, func(*wellarchitected.ListProfileNotificationsOutput, bool) bool) error + ListProfileNotificationsPagesWithContext(aws.Context, *wellarchitected.ListProfileNotificationsInput, func(*wellarchitected.ListProfileNotificationsOutput, bool) bool, ...request.Option) error + + ListProfileShares(*wellarchitected.ListProfileSharesInput) (*wellarchitected.ListProfileSharesOutput, error) + ListProfileSharesWithContext(aws.Context, *wellarchitected.ListProfileSharesInput, ...request.Option) (*wellarchitected.ListProfileSharesOutput, error) + ListProfileSharesRequest(*wellarchitected.ListProfileSharesInput) (*request.Request, *wellarchitected.ListProfileSharesOutput) + + ListProfileSharesPages(*wellarchitected.ListProfileSharesInput, func(*wellarchitected.ListProfileSharesOutput, bool) bool) error + ListProfileSharesPagesWithContext(aws.Context, *wellarchitected.ListProfileSharesInput, func(*wellarchitected.ListProfileSharesOutput, bool) bool, ...request.Option) error + + ListProfiles(*wellarchitected.ListProfilesInput) (*wellarchitected.ListProfilesOutput, error) + ListProfilesWithContext(aws.Context, *wellarchitected.ListProfilesInput, ...request.Option) (*wellarchitected.ListProfilesOutput, error) + ListProfilesRequest(*wellarchitected.ListProfilesInput) (*request.Request, *wellarchitected.ListProfilesOutput) + + ListProfilesPages(*wellarchitected.ListProfilesInput, func(*wellarchitected.ListProfilesOutput, bool) bool) error + ListProfilesPagesWithContext(aws.Context, *wellarchitected.ListProfilesInput, func(*wellarchitected.ListProfilesOutput, bool) bool, ...request.Option) error + ListShareInvitations(*wellarchitected.ListShareInvitationsInput) (*wellarchitected.ListShareInvitationsOutput, error) ListShareInvitationsWithContext(aws.Context, *wellarchitected.ListShareInvitationsInput, ...request.Option) (*wellarchitected.ListShareInvitationsOutput, error) ListShareInvitationsRequest(*wellarchitected.ListShareInvitationsInput) (*request.Request, *wellarchitected.ListShareInvitationsOutput) @@ -255,6 +308,10 @@ type WellArchitectedAPI interface { UpdateLensReviewWithContext(aws.Context, *wellarchitected.UpdateLensReviewInput, ...request.Option) (*wellarchitected.UpdateLensReviewOutput, error) UpdateLensReviewRequest(*wellarchitected.UpdateLensReviewInput) (*request.Request, *wellarchitected.UpdateLensReviewOutput) + UpdateProfile(*wellarchitected.UpdateProfileInput) (*wellarchitected.UpdateProfileOutput, error) + UpdateProfileWithContext(aws.Context, *wellarchitected.UpdateProfileInput, ...request.Option) (*wellarchitected.UpdateProfileOutput, error) + UpdateProfileRequest(*wellarchitected.UpdateProfileInput) (*request.Request, *wellarchitected.UpdateProfileOutput) + UpdateShareInvitation(*wellarchitected.UpdateShareInvitationInput) (*wellarchitected.UpdateShareInvitationOutput, error) UpdateShareInvitationWithContext(aws.Context, *wellarchitected.UpdateShareInvitationInput, ...request.Option) (*wellarchitected.UpdateShareInvitationOutput, error) UpdateShareInvitationRequest(*wellarchitected.UpdateShareInvitationInput) (*request.Request, *wellarchitected.UpdateShareInvitationOutput) @@ -270,6 +327,10 @@ type WellArchitectedAPI interface { UpgradeLensReview(*wellarchitected.UpgradeLensReviewInput) (*wellarchitected.UpgradeLensReviewOutput, error) UpgradeLensReviewWithContext(aws.Context, *wellarchitected.UpgradeLensReviewInput, ...request.Option) (*wellarchitected.UpgradeLensReviewOutput, error) UpgradeLensReviewRequest(*wellarchitected.UpgradeLensReviewInput) (*request.Request, *wellarchitected.UpgradeLensReviewOutput) + + UpgradeProfileVersion(*wellarchitected.UpgradeProfileVersionInput) (*wellarchitected.UpgradeProfileVersionOutput, error) + UpgradeProfileVersionWithContext(aws.Context, *wellarchitected.UpgradeProfileVersionInput, ...request.Option) (*wellarchitected.UpgradeProfileVersionOutput, error) + UpgradeProfileVersionRequest(*wellarchitected.UpgradeProfileVersionInput) (*request.Request, *wellarchitected.UpgradeProfileVersionOutput) } var _ WellArchitectedAPI = (*wellarchitected.WellArchitected)(nil)