Information for an HTTP method condition. Specify only when Field is http-request-method.
[Network Load Balancers] The IPv6 address.
", + "SubnetMapping$IPv6Address": "[Network Load Balancers] The IPv6 address.
" + } + }, "IncompatibleProtocolsException": { "base": "The specified configuration is not valid with this protocol.
", "refs": { @@ -767,10 +774,12 @@ "IpAddressType": { "base": null, "refs": { - "CreateLoadBalancerInput$IpAddressType": "[Application Load Balancers] The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
The IP address type. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The IP address type.
" + "SetIpAddressTypeInput$IpAddressType": "The IP address type. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4. You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener.
The IP address type.
", + "SetSubnetsInput$IpAddressType": "[Network Load Balancers] The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. Internal load balancers must use ipv4.
[Network Load Balancers] The IP address type.
" } }, "IsDefault": { @@ -892,7 +901,7 @@ "LoadBalancerAttributeKey": { "base": null, "refs": { - "LoadBalancerAttribute$Key": "The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false. The default is false.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false. The default is false.
access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor, defensive, and strictest. The default is defensive.
routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). The default is false.
routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value is true or false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The value is true or false. The default is false.
The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false. The default is false.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false. The default is false.
access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor, defensive, and strictest. The default is defensive.
routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). The default is false.
routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value is true or false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The value is true or false. The default is false.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The value is true or false. The default is false.
The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You cannot specify a protocol for a Gateway Load Balancer.
", + "CreateListenerInput$Protocol": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.
", "CreateTargetGroupInput$Protocol": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.
", "CreateTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
", "Listener$Protocol": "The protocol for connections from clients to the load balancer.
", - "ModifyListenerInput$Protocol": "The protocol for connections from clients to the load balancer. Application Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers support the TCP, TLS, UDP, and TCP_UDP protocols. You cannot specify a protocol for a Gateway Load Balancer.
", + "ModifyListenerInput$Protocol": "The protocol for connections from clients to the load balancer. Application Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers support the TCP, TLS, UDP, and TCP_UDP protocols. You can’t change the protocol to UDP or TCP_UDP if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.
", "ModifyTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. The TCP protocol is supported for health checks only if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
With Network Load Balancers, you can't modify this setting.
", "TargetGroup$Protocol": "The protocol to use for routing traffic to the targets.
", "TargetGroup$HealthCheckProtocol": "The protocol to use to connect with the target. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
" @@ -1452,8 +1461,8 @@ "SubnetMappings": { "base": null, "refs": { - "CreateLoadBalancerInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.
", - "SetSubnetsInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. If you need static IP addresses for your internet-facing load balancer, you can specify one Elastic IP address per subnet. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet.
" + "CreateLoadBalancerInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.
", + "SetSubnetsInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.
" } }, "SubnetNotFoundException": { @@ -1465,7 +1474,7 @@ "base": null, "refs": { "CreateLoadBalancerInput$Subnets": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones.
", - "SetSubnetsInput$Subnets": "The IDs of the public subnets. You must specify subnets from at least two Availability Zones. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
" + "SetSubnetsInput$Subnets": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones.
" } }, "Tag": { @@ -1573,7 +1582,7 @@ "TargetGroupAttributeKey": { "base": null, "refs": { - "TargetGroupAttribute$Key": "The name of the attribute.
The following attribute is supported by all load balancers:
deregistration_delay.timeout_seconds - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
stickiness.enabled - Indicates whether sticky sessions are enabled. The value is true or false. The default is false.
stickiness.type - The type of sticky sessions. The possible values are lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
The following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:
load_balancing.algorithm.type - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin.
slow_start.duration_seconds - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).
stickiness.lb_cookie.duration_seconds - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).
The following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:
lambda.multi_value_headers.enabled - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is true or false. The default is false. If the value is false and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.
The following attribute is supported only by Network Load Balancers:
proxy_protocol_v2.enabled - Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false.
The name of the attribute.
The following attribute is supported by all load balancers:
deregistration_delay.timeout_seconds - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
stickiness.enabled - Indicates whether sticky sessions are enabled. The value is true or false. The default is false.
stickiness.type - The type of sticky sessions. The possible values are lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
The following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:
load_balancing.algorithm.type - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin.
slow_start.duration_seconds - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).
stickiness.lb_cookie.duration_seconds - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).
The following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:
lambda.multi_value_headers.enabled - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is true or false. The default is false. If the value is false and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.
The following attributes are supported only by Network Load Balancers:
deregistration_delay.connection_termination.enabled - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is true or false. The default is false.
proxy_protocol_v2.enabled - Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false.
Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide.
", "AssociateProactiveEngagementDetails": "Initializes proactive engagement and sets the list of contacts for the DDoS Response Team (DRT) to use. You must provide at least one phone number in the emergency contact list.
After you have initialized proactive engagement using this call, to disable or enable proactive engagement, use the calls DisableProactiveEngagement and EnableProactiveEngagement.
This call defines the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you for escalations to the DRT and to initiate proactive customer support.
The contacts that you provide in the request replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings and then provide it to this call.
Enables AWS Shield Advanced for a specific AWS resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.
You can add protection to only a single resource with each CreateProtection request. If you want to add protection to multiple resources at once, use the AWS WAF console. For more information see Getting Started with AWS Shield Advanced and Add AWS Shield Advanced Protection to more AWS Resources.
", + "CreateProtectionGroup": "Creates a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", "CreateSubscription": "Activates AWS Shield Advanced for an account.
When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription request.
Deletes an AWS Shield Advanced Protection.
", + "DeleteProtectionGroup": "Removes the specified protection group.
", "DeleteSubscription": "Removes AWS Shield Advanced from an account. AWS Shield Advanced requires a 1-year subscription commitment. You cannot delete a subscription prior to the completion of that commitment.
", "DescribeAttack": "Describes the details of a DDoS attack.
", + "DescribeAttackStatistics": "Provides information about the number and type of attacks AWS Shield has detected in the last year for all resources that belong to your account, regardless of whether you've defined Shield protections for them. This operation is available to Shield customers as well as to Shield Advanced customers.
The operation returns data for the time range of midnight UTC, one year ago, to midnight UTC, today. For example, if the current time is 2020-10-26 15:39:32 PDT, equal to 2020-10-26 22:39:32 UTC, then the time range for the attack data returned is from 2019-10-26 00:00:00 UTC to 2020-10-26 00:00:00 UTC.
The time range indicates the period covered by the attack statistics data items.
", "DescribeDRTAccess": "Returns the current role and list of Amazon S3 log buckets used by the DDoS Response Team (DRT) to access your AWS account while assisting with attack mitigation.
", "DescribeEmergencyContactSettings": "A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
", "DescribeProtection": "Lists the details of a Protection object.
", + "DescribeProtectionGroup": "Returns the specification for the specified protection group.
", "DescribeSubscription": "Provides details about the AWS Shield Advanced subscription for an account.
", "DisableProactiveEngagement": "Removes authorization from the DDoS Response Team (DRT) to notify contacts about escalations to the DRT and to initiate proactive customer support.
", "DisassociateDRTLogBucket": "Removes the DDoS Response Team's (DRT) access to the specified Amazon S3 bucket containing your AWS WAF logs.
To make a DisassociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTLogBucket request to remove this access.
Authorizes the DDoS Response Team (DRT) to use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
", "GetSubscriptionState": "Returns the SubscriptionState, either Active or Inactive.
Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.
", + "ListProtectionGroups": "Retrieves the ProtectionGroup objects for the account.
", "ListProtections": "Lists all Protection objects for the account.
", + "ListResourcesInProtectionGroup": "Retrieves the resources that are included in the protection group.
", "UpdateEmergencyContactSettings": "Updates the details of the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
", + "UpdateProtectionGroup": "Updates an existing protection group. A protection group is a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", "UpdateSubscription": "Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.
" }, "shapes": { @@ -114,6 +121,18 @@ "AttackProperty$AttackPropertyIdentifier": "Defines the DDoS attack property information that is provided. The WORDPRESS_PINGBACK_REFLECTOR and WORDPRESS_PINGBACK_SOURCE values are valid only for WordPress reflective pingback DDoS attacks.
A single attack statistics data record. This is returned by DescribeAttackStatistics along with a time range indicating the time period that the attack statistics apply to.
", + "refs": { + "AttackStatisticsDataList$member": null + } + }, + "AttackStatisticsDataList": { + "base": null, + "refs": { + "DescribeAttackStatisticsResponse$DataItems": "The data that describes the attacks detected during the time period.
" + } + }, "AttackSummaries": { "base": null, "refs": { @@ -149,6 +168,20 @@ "AttackSummary$AttackVectors": "The list of attacks for a specified time period.
" } }, + "AttackVolume": { + "base": "Information about the volume of attacks during the time period, included in an AttackStatisticsDataItem. If the accompanying AttackCount in the statistics object is zero, this setting might be empty.
Information about the volume of attacks during the time period. If the accompanying AttackCount is zero, this setting might be empty.
Statistics objects for the various data types in AttackVolume.
", + "refs": { + "AttackVolume$BitsPerSecond": "A statistics object that uses bits per second as the unit. This is included for network level attacks.
", + "AttackVolume$PacketsPerSecond": "A statistics object that uses packets per second as the unit. This is included for network level attacks.
", + "AttackVolume$RequestsPerSecond": "A statistics object that uses requests per second as the unit. This is included for application level attacks, and is only available for accounts that are subscribed to Shield Advanced.
" + } + }, "AutoRenew": { "base": null, "refs": { @@ -168,6 +201,16 @@ "TopContributors$member": null } }, + "CreateProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "CreateProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "CreateProtectionRequest": { "base": null, "refs": { @@ -188,6 +231,16 @@ "refs": { } }, + "DeleteProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "DeleteProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "DeleteProtectionRequest": { "base": null, "refs": { @@ -218,6 +271,16 @@ "refs": { } }, + "DescribeAttackStatisticsRequest": { + "base": null, + "refs": { + } + }, + "DescribeAttackStatisticsResponse": { + "base": null, + "refs": { + } + }, "DescribeDRTAccessRequest": { "base": null, "refs": { @@ -238,6 +301,16 @@ "refs": { } }, + "DescribeProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "DescribeProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "DescribeProtectionRequest": { "base": null, "refs": { @@ -301,6 +374,7 @@ "Double": { "base": null, "refs": { + "AttackVolumeStatistics$Max": "The maximum attack volume observed for the given unit.
", "SummarizedCounter$Max": "The maximum value of the counter for a specified time period.
", "SummarizedCounter$Average": "The average value of the counter for a specified time period.
", "SummarizedCounter$Sum": "The total of counter values for a specified time period.
" @@ -393,7 +467,7 @@ } }, "InvalidParameterException": { - "base": "Exception that indicates that the parameters passed to the API are invalid.
", + "base": "Exception that indicates that the parameters passed to the API are invalid. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -423,6 +497,7 @@ "Limits": { "base": null, "refs": { + "ProtectionLimits$ProtectedResourceTypeLimits": "The maximum number of resource types that you can specify in a protection.
", "Subscription$Limits": "Specifies how many protections of a given type you can create.
" } }, @@ -441,6 +516,16 @@ "refs": { } }, + "ListProtectionGroupsRequest": { + "base": null, + "refs": { + } + }, + "ListProtectionGroupsResponse": { + "base": null, + "refs": { + } + }, "ListProtectionsRequest": { "base": null, "refs": { @@ -451,6 +536,16 @@ "refs": { } }, + "ListResourcesInProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "ListResourcesInProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "LockedSubscriptionException": { "base": "You are trying to update a subscription that has not yet completed the 1-year commitment. You can change the AutoRenew parameter during the last 30 days of your subscription. This exception indicates that you are attempting to change AutoRenew prior to that period.
The total contributions made to this attack by all contributors, not just the five listed in the TopContributors list.
The number of attacks detected during the time period. This is always present, but might be zero.
", "Contributor$Value": "The contribution of this contributor expressed in Protection units. For example 10,000.
The maximum number of protections that can be created for the specified Type.
The maximum number of protections that can be created for the specified Type.
The maximum number of resources you can specify for a single arbitrary pattern in a protection group.
", + "ProtectionGroupLimits$MaxProtectionGroups": "The maximum number of protection groups that you can have at one time.
" } }, "MaxResults": { "base": null, "refs": { - "ListAttacksRequest$MaxResults": "The maximum number of AttackSummary objects to be returned. If this is left blank, the first 20 results will be returned.
This is a maximum value; it is possible that AWS WAF will return the results in smaller batches. That is, the number of AttackSummary objects returned could be less than MaxResults, even if there are still more AttackSummary objects yet to return. If there are more AttackSummary objects to return, AWS WAF will always also return a NextToken.
The maximum number of Protection objects to be returned. If this is left blank the first 20 results will be returned.
This is a maximum value; it is possible that AWS WAF will return the results in smaller batches. That is, the number of Protection objects returned could be less than MaxResults, even if there are still more Protection objects yet to return. If there are more Protection objects to return, AWS WAF will always also return a NextToken.
The maximum number of AttackSummary objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of ProtectionGroup objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of Protection objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of resource ARN objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
If ENABLED, the DDoS Response Team (DRT) will use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
If PENDING, you have requested proactive engagement and the request is pending. The status changes to ENABLED when your request is fully processed.
If DISABLED, the DRT will not proactively notify contacts about escalations or to initiate proactive customer support.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
An object that represents a resource that is under DDoS protection.
", "refs": { @@ -526,6 +634,72 @@ "Protections$member": null } }, + "ProtectionGroup": { + "base": "A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", + "refs": { + "DescribeProtectionGroupResponse$ProtectionGroup": "A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", + "ProtectionGroups$member": null + } + }, + "ProtectionGroupAggregation": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$Aggregation": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Limits settings on protection groups with arbitrary pattern type.
", + "refs": { + "ProtectionGroupPatternTypeLimits$ArbitraryPatternLimits": "Limits settings on protection groups with arbitrary pattern type.
" + } + }, + "ProtectionGroupId": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "DeleteProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "DescribeProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "ListResourcesInProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "ProtectionGroup$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "UpdateProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
" + } + }, + "ProtectionGroupLimits": { + "base": "Limits settings on protection groups for your subscription.
", + "refs": { + "SubscriptionLimits$ProtectionGroupLimits": "Limits settings on protection groups for your subscription.
" + } + }, + "ProtectionGroupMembers": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$Members": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
", + "ProtectionGroup$Pattern": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
", + "UpdateProtectionGroupRequest$Pattern": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
" + } + }, + "ProtectionGroupPatternTypeLimits": { + "base": "Limits settings by pattern type in the protection groups for your subscription.
", + "refs": { + "ProtectionGroupLimits$PatternTypeLimits": "Limits settings by pattern type in the protection groups for your subscription.
" + } + }, + "ProtectionGroups": { + "base": null, + "refs": { + "ListProtectionGroupsResponse$ProtectionGroups": "" + } + }, "ProtectionId": { "base": null, "refs": { @@ -537,11 +711,17 @@ "Protection$Id": "The unique identifier (ID) of the protection.
" } }, + "ProtectionLimits": { + "base": "Limits settings on protections for your subscription.
", + "refs": { + "SubscriptionLimits$ProtectionLimits": "Limits settings on protections for your subscription.
" + } + }, "ProtectionName": { "base": null, "refs": { "CreateProtectionRequest$Name": "Friendly name for the Protection you are creating.
The friendly name of the protection. For example, My CloudFront distributions.
The name of the protection. For example, My CloudFront distributions.
Exception indicating the specified resource already exists.
", + "base": "Exception indicating the specified resource already exists. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -562,7 +742,9 @@ "CreateProtectionRequest$ResourceArn": "The ARN (Amazon Resource Name) of the resource to be protected.
The ARN should be in one of the following formats:
For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
For an Elastic Load Balancer (Classic Load Balancer): arn:aws:elasticloadbalancing:region:account-id:loadbalancer/load-balancer-name
For an AWS CloudFront distribution: arn:aws:cloudfront::account-id:distribution/distribution-id
For an AWS Global Accelerator accelerator: arn:aws:globalaccelerator::account-id:accelerator/accelerator-id
For Amazon Route 53: arn:aws:route53:::hostedzone/hosted-zone-id
For an Elastic IP address: arn:aws:ec2:region:account-id:eip-allocation/allocation-id
The ARN (Amazon Resource Name) of the AWS resource for the Protection object that is described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID, but not both.
The ARN (Amazon Resource Name) of the AWS resource that is protected.
", - "ResourceArnFilterList$member": null + "ProtectionGroupMembers$member": null, + "ResourceArnFilterList$member": null, + "ResourceArnList$member": null } }, "ResourceArnFilterList": { @@ -571,8 +753,14 @@ "ListAttacksRequest$ResourceArns": "The ARN (Amazon Resource Name) of the resource that was attacked. If this is left blank, all applicable resources for this account will be included.
" } }, + "ResourceArnList": { + "base": null, + "refs": { + "ListResourcesInProtectionGroupResponse$ResourceArns": "The Amazon Resource Names (ARNs) of the resources that are included in the protection group.
" + } + }, "ResourceNotFoundException": { - "base": "Exception indicating the specified resource does not exist.
", + "base": "Exception indicating the specified resource does not exist. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -592,10 +780,14 @@ "Contributor$Name": "The name of the contributor. This is dependent on the AttackPropertyIdentifier. For example, if the AttackPropertyIdentifier is SOURCE_COUNTRY, the Name could be United States.
The type of protection.
", "Mitigation$MitigationName": "The name of the mitigation taken for this attack.
", + "ResourceAlreadyExistsException$resourceType": "The type of resource that already exists.
", + "ResourceNotFoundException$resourceType": "Type of resource.
", "SubResourceSummary$Id": "The unique identifier (ID) of the SubResource.
The attack type, for example, SNMP reflection or SYN flood.
", "SummarizedCounter$Name": "The counter name.
", - "SummarizedCounter$Unit": "The unit of the counters.
" + "SummarizedCounter$Unit": "The unit of the counters.
", + "ValidationExceptionField$name": "The name of the parameter that failed validation.
", + "ValidationExceptionField$message": "The message describing why the parameter failed validation.
" } }, "SubResourceSummary": { @@ -622,6 +814,12 @@ "DescribeSubscriptionResponse$Subscription": "The AWS Shield Advanced subscription details for an account.
" } }, + "SubscriptionLimits": { + "base": "Limits settings for your subscription.
", + "refs": { + "Subscription$SubscriptionLimits": "Limits settings for your subscription.
" + } + }, "SubscriptionState": { "base": null, "refs": { @@ -655,8 +853,9 @@ } }, "TimeRange": { - "base": "The time range.
", + "base": "The time range.
", "refs": { + "DescribeAttackStatisticsResponse$TimeRange": null, "ListAttacksRequest$StartTime": "The start of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by WAF is Unix time in seconds. However any valid timestamp format is allowed.
The end of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by WAF is Unix time in seconds. However any valid timestamp format is allowed.
The ListAttacksRequest.NextMarker value from a previous call to ListAttacksRequest. Pass null if this is the first call.
The token returned by a previous call to indicate that there is more data available. If not null, more results are available. Pass this value for the NextMarker parameter in a subsequent call to ListAttacks to retrieve the next set of items.
AWS WAF might return the list of AttackSummary objects in batches smaller than the number specified by MaxResults. If there are more AttackSummary objects to return, AWS WAF will always also return a NextToken.
The token returned by a previous call to indicate that there is more data available. If not null, more results are available. Pass this value for the NextMarker parameter in a subsequent call to ListAttacks to retrieve the next set of items.
Shield Advanced might return the list of AttackSummary objects in batches smaller than the number specified by MaxResults. If there are more attack summary objects to return, Shield Advanced will always also return a NextToken.
The next token value from a previous call to ListProtectionGroups. Pass null if this is the first call.
If you specify a value for MaxResults and you have more protection groups than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
The ListProtectionsRequest.NextToken value from a previous call to ListProtections. Pass null if this is the first call.
If you specify a value for MaxResults and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
AWS WAF might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, AWS WAF will always also return a NextToken.
If you specify a value for MaxResults and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
Shield Advanced might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, Shield Advanced will always also return a NextToken.
The next token value from a previous call to ListResourcesInProtectionGroup. Pass null if this is the first call.
If you specify a value for MaxResults and you have more resources in the protection group than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
The array of Contributor objects that includes the top five contributors to an attack.
" + "AttackProperty$TopContributors": "The array of contributor objects that includes the top five contributors to an attack.
" } }, "Unit": { @@ -699,6 +902,16 @@ "refs": { } }, + "UpdateProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "UpdateProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "UpdateSubscriptionRequest": { "base": null, "refs": { @@ -709,6 +922,24 @@ "refs": { } }, + "ValidationExceptionField": { + "base": "Provides information about a particular parameter passed inside a request that resulted in an exception.
", + "refs": { + "ValidationExceptionFieldList$member": null + } + }, + "ValidationExceptionFieldList": { + "base": null, + "refs": { + "InvalidParameterException$fields": "Fields that caused the exception.
" + } + }, + "ValidationExceptionReason": { + "base": null, + "refs": { + "InvalidParameterException$reason": "Additional information about the exception.
" + } + }, "errorMessage": { "base": null, "refs": { diff --git a/models/apis/shield/2016-06-02/paginators-1.json b/models/apis/shield/2016-06-02/paginators-1.json index cffb14b6819..362ad5d7198 100644 --- a/models/apis/shield/2016-06-02/paginators-1.json +++ b/models/apis/shield/2016-06-02/paginators-1.json @@ -6,11 +6,21 @@ "output_token": "NextToken", "result_key": "AttackSummaries" }, + "ListProtectionGroups": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken" + }, "ListProtections": { "input_token": "NextToken", "limit_key": "MaxResults", "output_token": "NextToken", "result_key": "Protections" + }, + "ListResourcesInProtectionGroup": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken" } } } \ No newline at end of file diff --git a/models/apis/textract/2018-06-27/api-2.json b/models/apis/textract/2018-06-27/api-2.json index 58972b2eb01..4e2e88d31cf 100644 --- a/models/apis/textract/2018-06-27/api-2.json +++ b/models/apis/textract/2018-06-27/api-2.json @@ -100,6 +100,7 @@ "errors":[ {"shape":"InvalidParameterException"}, {"shape":"InvalidS3ObjectException"}, + {"shape":"InvalidKMSKeyException"}, {"shape":"UnsupportedDocumentException"}, {"shape":"DocumentTooLargeException"}, {"shape":"BadDocumentException"}, @@ -122,6 +123,7 @@ "errors":[ {"shape":"InvalidParameterException"}, {"shape":"InvalidS3ObjectException"}, + {"shape":"InvalidKMSKeyException"}, {"shape":"UnsupportedDocumentException"}, {"shape":"DocumentTooLargeException"}, {"shape":"BadDocumentException"}, @@ -174,6 +176,7 @@ "BlockType":{"shape":"BlockType"}, "Confidence":{"shape":"Percent"}, "Text":{"shape":"String"}, + "TextType":{"shape":"TextType"}, "RowIndex":{"shape":"UInteger"}, "ColumnIndex":{"shape":"UInteger"}, "RowSpan":{"shape":"UInteger"}, @@ -432,6 +435,12 @@ }, "exception":true }, + "InvalidKMSKeyException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "InvalidParameterException":{ "type":"structure", "members":{ @@ -465,6 +474,12 @@ "min":1, "pattern":"[a-zA-Z0-9_.\\-:]+" }, + "KMSKeyId":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$" + }, "LimitExceededException":{ "type":"structure", "members":{ @@ -606,7 +621,8 @@ "ClientRequestToken":{"shape":"ClientRequestToken"}, "JobTag":{"shape":"JobTag"}, "NotificationChannel":{"shape":"NotificationChannel"}, - "OutputConfig":{"shape":"OutputConfig"} + "OutputConfig":{"shape":"OutputConfig"}, + "KMSKeyId":{"shape":"KMSKeyId"} } }, "StartDocumentAnalysisResponse":{ @@ -623,7 +639,8 @@ "ClientRequestToken":{"shape":"ClientRequestToken"}, "JobTag":{"shape":"JobTag"}, "NotificationChannel":{"shape":"NotificationChannel"}, - "OutputConfig":{"shape":"OutputConfig"} + "OutputConfig":{"shape":"OutputConfig"}, + "KMSKeyId":{"shape":"KMSKeyId"} } }, "StartDocumentTextDetectionResponse":{ @@ -634,6 +651,13 @@ }, "StatusMessage":{"type":"string"}, "String":{"type":"string"}, + "TextType":{ + "type":"string", + "enum":[ + "HANDWRITING", + "PRINTED" + ] + }, "ThrottlingException":{ "type":"structure", "members":{ diff --git a/models/apis/textract/2018-06-27/docs-2.json b/models/apis/textract/2018-06-27/docs-2.json index 342a017144e..d4fc187b6cd 100644 --- a/models/apis/textract/2018-06-27/docs-2.json +++ b/models/apis/textract/2018-06-27/docs-2.json @@ -110,7 +110,7 @@ } }, "DocumentTooLargeException": { - "base": "The document can't be processed because it's too large. The maximum document size for synchronous operations 5 MB. The maximum document size for asynchronous operations is 500 MB for PDF files.
", + "base": "The document can't be processed because it's too large. The maximum document size for synchronous operations 10 MB. The maximum document size for asynchronous operations is 500 MB for PDF files.
", "refs": { } }, @@ -268,6 +268,11 @@ "refs": { } }, + "InvalidKMSKeyException": { + "base": "Indicates you do not have decrypt permissions with the KMS key entered, or the KMS key was entered incorrectly.
", + "refs": { + } + }, "InvalidParameterException": { "base": "An input parameter violated a constraint. For example, in synchronous operations, an InvalidParameterException exception occurs when neither of the S3Object or Bytes values are supplied in the Document request parameter. Validate your parameter before calling the API operation again.
An identifier that you specify that's included in the completion notification published to the Amazon SNS topic. For example, you can use JobTag to identify the type of document that the completion notification corresponds to (such as a tax form or a receipt).
The KMS key used to encrypt the inference results. This can be in either Key ID or Key Alias format. When a KMS key is provided, the KMS key will be used for server-side encryption of the objects in the customer bucket. When this parameter is not enabled, the result will be encrypted server side,using SSE-S3.
", + "StartDocumentTextDetectionRequest$KMSKeyId": "The KMS key used to encrypt the inference results. This can be in either Key ID or Key Alias format. When a KMS key is provided, the KMS key will be used for server-side encryption of the objects in the customer bucket. When this parameter is not enabled, the result will be encrypted server side,using SSE-S3.
" + } + }, "LimitExceededException": { "base": "An Amazon Textract service limit was exceeded. For example, if you start too many asynchronous jobs concurrently, calls to start operations (StartDocumentTextDetection, for example) raise a LimitExceededException exception (HTTP status code: 400) until the number of concurrently running jobs is below the Amazon Textract service limit.
The service code.
" } }, + "TextType": { + "base": null, + "refs": { + "Block$TextType": "The kind of text that Amazon Textract has detected. Can check for handwritten text and printed text.
" + } + }, "ThrottlingException": { "base": "Amazon Textract is temporarily unable to process the request. Try your call again.
", "refs": { diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 4d783373fa1..563ddd6d05b 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -653,6 +653,7 @@ }, "appsync" : { "endpoints" : { + "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, "ap-south-1" : { }, @@ -665,6 +666,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { }, "us-east-2" : { }, @@ -2851,6 +2853,7 @@ }, "glue" : { "endpoints" : { + "af-south-1" : { }, "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, @@ -6544,7 +6547,8 @@ }, "appsync" : { "endpoints" : { - "cn-north-1" : { } + "cn-north-1" : { }, + "cn-northwest-1" : { } } }, "athena" : { @@ -8104,6 +8108,17 @@ "us-gov-west-1" : { } } }, + "lakeformation" : { + "endpoints" : { + "fips-us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "lakeformation-fips.us-gov-west-1.amazonaws.com" + }, + "us-gov-west-1" : { } + } + }, "lambda" : { "endpoints" : { "fips-us-gov-east-1" : { @@ -9108,6 +9123,14 @@ "us-iso-east-1" : { } } }, + "translate" : { + "defaults" : { + "protocols" : [ "https" ] + }, + "endpoints" : { + "us-iso-east-1" : { } + } + }, "workspaces" : { "endpoints" : { "us-iso-east-1" : { } diff --git a/service/elbv2/api.go b/service/elbv2/api.go index 09539b9ab2c..cc0486d15c2 100644 --- a/service/elbv2/api.go +++ b/service/elbv2/api.go @@ -4185,7 +4185,8 @@ type CreateListenerInput struct { // The protocol for connections from clients to the load balancer. For Application // Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load - // Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You cannot + // Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t + // specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot // specify a protocol for a Gateway Load Balancer. Protocol *string `type:"string" enum:"ProtocolEnum"` @@ -4331,10 +4332,9 @@ type CreateLoadBalancerInput struct { // pool (CoIP pool). CustomerOwnedIpv4Pool *string `type:"string"` - // [Application Load Balancers] The type of IP addresses used by the subnets - // for your load balancer. The possible values are ipv4 (for IPv4 addresses) - // and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must - // use ipv4. + // The type of IP addresses used by the subnets for your load balancer. The + // possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and + // IPv6 addresses). Internal load balancers must use ipv4. IpAddressType *string `type:"string" enum:"IpAddressType"` // The name of the load balancer. @@ -4380,7 +4380,8 @@ type CreateLoadBalancerInput struct { // Zones. You can specify one Elastic IP address per subnet if you need static // IP addresses for your internet-facing load balancer. For internal load balancers, // you can specify one private IP address per subnet from the IPv4 range of - // the subnet. + // the subnet. For internet-facing load balancer, you can specify one IPv6 address + // per subnet. // // [Gateway Load Balancers] You can specify subnets from one or more Availability // Zones. You cannot specify Elastic IP addresses for your subnets. @@ -6673,6 +6674,9 @@ type LoadBalancerAddress struct { // an internal-facing load balancer. AllocationId *string `type:"string"` + // [Network Load Balancers] The IPv6 address. + IPv6Address *string `type:"string"` + // The static IP address. IpAddress *string `type:"string"` @@ -6696,6 +6700,12 @@ func (s *LoadBalancerAddress) SetAllocationId(v string) *LoadBalancerAddress { return s } +// SetIPv6Address sets the IPv6Address field's value. +func (s *LoadBalancerAddress) SetIPv6Address(v string) *LoadBalancerAddress { + s.IPv6Address = &v + return s +} + // SetIpAddress sets the IpAddress field's value. func (s *LoadBalancerAddress) SetIpAddress(v string) *LoadBalancerAddress { s.IpAddress = &v @@ -6751,6 +6761,10 @@ type LoadBalancerAttribute struct { // is true or false. The default is true. Elastic Load Balancing requires // that message header names contain only alphanumeric characters and hyphens. // + // * waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load + // balancer to route requests to targets if it is unable to forward the request + // to AWS WAF. The value is true or false. The default is false. + // // The following attribute is supported by Network Load Balancers and Gateway // Load Balancers: // @@ -6899,8 +6913,9 @@ type ModifyListenerInput struct { // The protocol for connections from clients to the load balancer. Application // Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers - // support the TCP, TLS, UDP, and TCP_UDP protocols. You cannot specify a protocol - // for a Gateway Load Balancer. + // support the TCP, TLS, UDP, and TCP_UDP protocols. You can’t change the + // protocol to UDP or TCP_UDP if dual-stack mode is enabled. You cannot specify + // a protocol for a Gateway Load Balancer. Protocol *string `type:"string" enum:"ProtocolEnum"` // [HTTPS and TLS listeners] The security policy that defines which protocols @@ -8108,7 +8123,8 @@ type SetIpAddressTypeInput struct { // The IP address type. The possible values are ipv4 (for IPv4 addresses) and // dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use - // ipv4. + // ipv4. You can’t specify dualstack for a load balancer with a UDP or TCP_UDP + // listener. // // IpAddressType is a required field IpAddressType *string `type:"string" required:"true" enum:"IpAddressType"` @@ -8329,6 +8345,13 @@ func (s *SetSecurityGroupsOutput) SetSecurityGroupIds(v []*string) *SetSecurityG type SetSubnetsInput struct { _ struct{} `type:"structure"` + // [Network Load Balancers] The type of IP addresses used by the subnets for + // your load balancer. The possible values are ipv4 (for IPv4 addresses) and + // dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for + // a load balancer with a UDP or TCP_UDP listener. Internal load balancers must + // use ipv4. + IpAddressType *string `type:"string" enum:"IpAddressType"` + // The Amazon Resource Name (ARN) of the load balancer. // // LoadBalancerArn is a required field @@ -8340,16 +8363,32 @@ type SetSubnetsInput struct { // [Application Load Balancers] You must specify subnets from at least two Availability // Zones. You cannot specify Elastic IP addresses for your subnets. // + // [Application Load Balancers on Outposts] You must specify one Outpost subnet. + // + // [Application Load Balancers on Local Zones] You can specify subnets from + // one or more Local Zones. + // // [Network Load Balancers] You can specify subnets from one or more Availability - // Zones. If you need static IP addresses for your internet-facing load balancer, - // you can specify one Elastic IP address per subnet. For internal load balancers, + // Zones. You can specify one Elastic IP address per subnet if you need static + // IP addresses for your internet-facing load balancer. For internal load balancers, // you can specify one private IP address per subnet from the IPv4 range of - // the subnet. + // the subnet. For internet-facing load balancer, you can specify one IPv6 address + // per subnet. SubnetMappings []*SubnetMapping `type:"list"` - // The IDs of the public subnets. You must specify subnets from at least two - // Availability Zones. You can specify only one subnet per Availability Zone. - // You must specify either subnets or subnet mappings. + // The IDs of the public subnets. You can specify only one subnet per Availability + // Zone. You must specify either subnets or subnet mappings. + // + // [Application Load Balancers] You must specify subnets from at least two Availability + // Zones. + // + // [Application Load Balancers on Outposts] You must specify one Outpost subnet. + // + // [Application Load Balancers on Local Zones] You can specify subnets from + // one or more Local Zones. + // + // [Network Load Balancers] You can specify subnets from one or more Availability + // Zones. Subnets []*string `type:"list"` } @@ -8376,6 +8415,12 @@ func (s *SetSubnetsInput) Validate() error { return nil } +// SetIpAddressType sets the IpAddressType field's value. +func (s *SetSubnetsInput) SetIpAddressType(v string) *SetSubnetsInput { + s.IpAddressType = &v + return s +} + // SetLoadBalancerArn sets the LoadBalancerArn field's value. func (s *SetSubnetsInput) SetLoadBalancerArn(v string) *SetSubnetsInput { s.LoadBalancerArn = &v @@ -8399,6 +8444,9 @@ type SetSubnetsOutput struct { // Information about the subnets. AvailabilityZones []*AvailabilityZone `type:"list"` + + // [Network Load Balancers] The IP address type. + IpAddressType *string `type:"string" enum:"IpAddressType"` } // String returns the string representation @@ -8417,6 +8465,12 @@ func (s *SetSubnetsOutput) SetAvailabilityZones(v []*AvailabilityZone) *SetSubne return s } +// SetIpAddressType sets the IpAddressType field's value. +func (s *SetSubnetsOutput) SetIpAddressType(v string) *SetSubnetsOutput { + s.IpAddressType = &v + return s +} + // Information about a source IP condition. // // You can use this condition to route based on the IP address of the source @@ -8501,6 +8555,9 @@ type SubnetMapping struct { // an internet-facing load balancer. AllocationId *string `type:"string"` + // [Network Load Balancers] The IPv6 address. + IPv6Address *string `type:"string"` + // [Network Load Balancers] The private IPv4 address for an internal load balancer. PrivateIPv4Address *string `type:"string"` @@ -8524,6 +8581,12 @@ func (s *SubnetMapping) SetAllocationId(v string) *SubnetMapping { return s } +// SetIPv6Address sets the IPv6Address field's value. +func (s *SubnetMapping) SetIPv6Address(v string) *SubnetMapping { + s.IPv6Address = &v + return s +} + // SetPrivateIPv4Address sets the PrivateIPv4Address field's value. func (s *SubnetMapping) SetPrivateIPv4Address(v string) *SubnetMapping { s.PrivateIPv4Address = &v @@ -8932,7 +8995,11 @@ type TargetGroupAttribute struct { // contains a duplicate header field name or query parameter key, the load // balancer uses the last value sent by the client. // - // The following attribute is supported only by Network Load Balancers: + // The following attributes are supported only by Network Load Balancers: + // + // * deregistration_delay.connection_termination.enabled - Indicates whether + // the load balancer terminates connections at the end of the deregistration + // timeout. The value is true or false. The default is false. // // * proxy_protocol_v2.enabled - Indicates whether Proxy Protocol version // 2 is enabled. The value is true or false. The default is false. diff --git a/service/shield/api.go b/service/shield/api.go index bbbfcde82ad..912d49c7cb6 100644 --- a/service/shield/api.go +++ b/service/shield/api.go @@ -94,6 +94,7 @@ func (c *Shield) AssociateDRTLogBucketRequest(input *AssociateDRTLogBucketInput) // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * AccessDeniedForDependencyException // In order to grant the necessary access to the DDoS Response Team (DRT), the @@ -106,7 +107,8 @@ func (c *Shield) AssociateDRTLogBucketRequest(input *AssociateDRTLogBucketInput) // client. Retrieve the resource and then retry your request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/AssociateDRTLogBucket func (c *Shield) AssociateDRTLogBucket(input *AssociateDRTLogBucketInput) (*AssociateDRTLogBucketOutput, error) { @@ -222,6 +224,7 @@ func (c *Shield) AssociateDRTRoleRequest(input *AssociateDRTRoleInput) (req *req // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * AccessDeniedForDependencyException // In order to grant the necessary access to the DDoS Response Team (DRT), the @@ -234,7 +237,8 @@ func (c *Shield) AssociateDRTRoleRequest(input *AssociateDRTRoleInput) (req *req // client. Retrieve the resource and then retry your request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/AssociateDRTRole func (c *Shield) AssociateDRTRole(input *AssociateDRTRoleInput) (*AssociateDRTRoleOutput, error) { @@ -332,10 +336,12 @@ func (c *Shield) AssociateHealthCheckRequest(input *AssociateHealthCheckInput) ( // Limit is the threshold that would be exceeded. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -443,9 +449,11 @@ func (c *Shield) AssociateProactiveEngagementDetailsRequest(input *AssociateProa // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -556,14 +564,16 @@ func (c *Shield) CreateProtectionRequest(input *CreateProtectionInput) (req *req // Limit is the threshold that would be exceeded. // // * ResourceAlreadyExistsException -// Exception indicating the specified resource already exists. +// Exception indicating the specified resource already exists. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another // client. Retrieve the resource and then retry your request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/CreateProtection func (c *Shield) CreateProtection(input *CreateProtectionInput) (*CreateProtectionOutput, error) { @@ -587,6 +597,112 @@ func (c *Shield) CreateProtectionWithContext(ctx aws.Context, input *CreateProte return out, req.Send() } +const opCreateProtectionGroup = "CreateProtectionGroup" + +// CreateProtectionGroupRequest generates a "aws/request.Request" representing the +// client's request for the CreateProtectionGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateProtectionGroup for more information on using the CreateProtectionGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateProtectionGroupRequest method. +// req, resp := client.CreateProtectionGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/CreateProtectionGroup +func (c *Shield) CreateProtectionGroupRequest(input *CreateProtectionGroupInput) (req *request.Request, output *CreateProtectionGroupOutput) { + op := &request.Operation{ + Name: opCreateProtectionGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateProtectionGroupInput{} + } + + output = &CreateProtectionGroupOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// CreateProtectionGroup API operation for AWS Shield. +// +// Creates a grouping of protected resources so they can be handled as a collective. +// This resource grouping improves the accuracy of detection and reduces false +// positives. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation CreateProtectionGroup for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * ResourceAlreadyExistsException +// Exception indicating the specified resource already exists. If available, +// this exception includes details in additional properties. +// +// * OptimisticLockException +// Exception that indicates that the resource state has been modified by another +// client. Retrieve the resource and then retry your request. +// +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// * InvalidParameterException +// Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. +// +// * LimitsExceededException +// Exception that indicates that the operation would exceed a limit. +// +// Type is the type of limit that would be exceeded. +// +// Limit is the threshold that would be exceeded. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/CreateProtectionGroup +func (c *Shield) CreateProtectionGroup(input *CreateProtectionGroupInput) (*CreateProtectionGroupOutput, error) { + req, out := c.CreateProtectionGroupRequest(input) + return out, req.Send() +} + +// CreateProtectionGroupWithContext is the same as CreateProtectionGroup with the addition of +// the ability to pass a context and additional request options. +// +// See CreateProtectionGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) CreateProtectionGroupWithContext(ctx aws.Context, input *CreateProtectionGroupInput, opts ...request.Option) (*CreateProtectionGroupOutput, error) { + req, out := c.CreateProtectionGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateSubscription = "CreateSubscription" // CreateSubscriptionRequest generates a "aws/request.Request" representing the @@ -651,7 +767,8 @@ func (c *Shield) CreateSubscriptionRequest(input *CreateSubscriptionInput) (req // You can retry the request. // // * ResourceAlreadyExistsException -// Exception indicating the specified resource already exists. +// Exception indicating the specified resource already exists. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/CreateSubscription func (c *Shield) CreateSubscription(input *CreateSubscriptionInput) (*CreateSubscriptionOutput, error) { @@ -735,7 +852,8 @@ func (c *Shield) DeleteProtectionRequest(input *DeleteProtectionInput) (req *req // You can retry the request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -763,6 +881,95 @@ func (c *Shield) DeleteProtectionWithContext(ctx aws.Context, input *DeleteProte return out, req.Send() } +const opDeleteProtectionGroup = "DeleteProtectionGroup" + +// DeleteProtectionGroupRequest generates a "aws/request.Request" representing the +// client's request for the DeleteProtectionGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteProtectionGroup for more information on using the DeleteProtectionGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteProtectionGroupRequest method. +// req, resp := client.DeleteProtectionGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DeleteProtectionGroup +func (c *Shield) DeleteProtectionGroupRequest(input *DeleteProtectionGroupInput) (req *request.Request, output *DeleteProtectionGroupOutput) { + op := &request.Operation{ + Name: opDeleteProtectionGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteProtectionGroupInput{} + } + + output = &DeleteProtectionGroupOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteProtectionGroup API operation for AWS Shield. +// +// Removes the specified protection group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation DeleteProtectionGroup for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * OptimisticLockException +// Exception that indicates that the resource state has been modified by another +// client. Retrieve the resource and then retry your request. +// +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DeleteProtectionGroup +func (c *Shield) DeleteProtectionGroup(input *DeleteProtectionGroupInput) (*DeleteProtectionGroupOutput, error) { + req, out := c.DeleteProtectionGroupRequest(input) + return out, req.Send() +} + +// DeleteProtectionGroupWithContext is the same as DeleteProtectionGroup with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteProtectionGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) DeleteProtectionGroupWithContext(ctx aws.Context, input *DeleteProtectionGroupInput, opts ...request.Option) (*DeleteProtectionGroupOutput, error) { + req, out := c.DeleteProtectionGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteSubscription = "DeleteSubscription" // DeleteSubscriptionRequest generates a "aws/request.Request" representing the @@ -836,7 +1043,8 @@ func (c *Shield) DeleteSubscriptionRequest(input *DeleteSubscriptionInput) (req // change AutoRenew prior to that period. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DeleteSubscription // @@ -948,6 +1156,97 @@ func (c *Shield) DescribeAttackWithContext(ctx aws.Context, input *DescribeAttac return out, req.Send() } +const opDescribeAttackStatistics = "DescribeAttackStatistics" + +// DescribeAttackStatisticsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeAttackStatistics operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeAttackStatistics for more information on using the DescribeAttackStatistics +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeAttackStatisticsRequest method. +// req, resp := client.DescribeAttackStatisticsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeAttackStatistics +func (c *Shield) DescribeAttackStatisticsRequest(input *DescribeAttackStatisticsInput) (req *request.Request, output *DescribeAttackStatisticsOutput) { + op := &request.Operation{ + Name: opDescribeAttackStatistics, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeAttackStatisticsInput{} + } + + output = &DescribeAttackStatisticsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeAttackStatistics API operation for AWS Shield. +// +// Provides information about the number and type of attacks AWS Shield has +// detected in the last year for all resources that belong to your account, +// regardless of whether you've defined Shield protections for them. This operation +// is available to Shield customers as well as to Shield Advanced customers. +// +// The operation returns data for the time range of midnight UTC, one year ago, +// to midnight UTC, today. For example, if the current time is 2020-10-26 15:39:32 +// PDT, equal to 2020-10-26 22:39:32 UTC, then the time range for the attack +// data returned is from 2019-10-26 00:00:00 UTC to 2020-10-26 00:00:00 UTC. +// +// The time range indicates the period covered by the attack statistics data +// items. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation DescribeAttackStatistics for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeAttackStatistics +func (c *Shield) DescribeAttackStatistics(input *DescribeAttackStatisticsInput) (*DescribeAttackStatisticsOutput, error) { + req, out := c.DescribeAttackStatisticsRequest(input) + return out, req.Send() +} + +// DescribeAttackStatisticsWithContext is the same as DescribeAttackStatistics with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeAttackStatistics for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) DescribeAttackStatisticsWithContext(ctx aws.Context, input *DescribeAttackStatisticsInput, opts ...request.Option) (*DescribeAttackStatisticsOutput, error) { + req, out := c.DescribeAttackStatisticsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeDRTAccess = "DescribeDRTAccess" // DescribeDRTAccessRequest generates a "aws/request.Request" representing the @@ -1009,7 +1308,8 @@ func (c *Shield) DescribeDRTAccessRequest(input *DescribeDRTAccessInput) (req *r // You can retry the request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeDRTAccess func (c *Shield) DescribeDRTAccess(input *DescribeDRTAccessInput) (*DescribeDRTAccessOutput, error) { @@ -1094,7 +1394,8 @@ func (c *Shield) DescribeEmergencyContactSettingsRequest(input *DescribeEmergenc // You can retry the request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeEmergencyContactSettings func (c *Shield) DescribeEmergencyContactSettings(input *DescribeEmergencyContactSettingsInput) (*DescribeEmergencyContactSettingsOutput, error) { @@ -1178,9 +1479,11 @@ func (c *Shield) DescribeProtectionRequest(input *DescribeProtectionInput) (req // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeProtection func (c *Shield) DescribeProtection(input *DescribeProtectionInput) (*DescribeProtectionOutput, error) { @@ -1204,58 +1507,58 @@ func (c *Shield) DescribeProtectionWithContext(ctx aws.Context, input *DescribeP return out, req.Send() } -const opDescribeSubscription = "DescribeSubscription" +const opDescribeProtectionGroup = "DescribeProtectionGroup" -// DescribeSubscriptionRequest generates a "aws/request.Request" representing the -// client's request for the DescribeSubscription operation. The "output" return +// DescribeProtectionGroupRequest generates a "aws/request.Request" representing the +// client's request for the DescribeProtectionGroup operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeSubscription for more information on using the DescribeSubscription +// See DescribeProtectionGroup for more information on using the DescribeProtectionGroup // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeSubscriptionRequest method. -// req, resp := client.DescribeSubscriptionRequest(params) +// // Example sending a request using the DescribeProtectionGroupRequest method. +// req, resp := client.DescribeProtectionGroupRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeSubscription -func (c *Shield) DescribeSubscriptionRequest(input *DescribeSubscriptionInput) (req *request.Request, output *DescribeSubscriptionOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeProtectionGroup +func (c *Shield) DescribeProtectionGroupRequest(input *DescribeProtectionGroupInput) (req *request.Request, output *DescribeProtectionGroupOutput) { op := &request.Operation{ - Name: opDescribeSubscription, + Name: opDescribeProtectionGroup, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeSubscriptionInput{} + input = &DescribeProtectionGroupInput{} } - output = &DescribeSubscriptionOutput{} + output = &DescribeProtectionGroupOutput{} req = c.newRequest(op, input, output) return } -// DescribeSubscription API operation for AWS Shield. +// DescribeProtectionGroup API operation for AWS Shield. // -// Provides details about the AWS Shield Advanced subscription for an account. +// Returns the specification for the specified protection group. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Shield's -// API operation DescribeSubscription for usage and error information. +// API operation DescribeProtectionGroup for usage and error information. // // Returned Error Types: // * InternalErrorException @@ -1263,84 +1566,169 @@ func (c *Shield) DescribeSubscriptionRequest(input *DescribeSubscriptionInput) ( // You can retry the request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeSubscription -func (c *Shield) DescribeSubscription(input *DescribeSubscriptionInput) (*DescribeSubscriptionOutput, error) { - req, out := c.DescribeSubscriptionRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeProtectionGroup +func (c *Shield) DescribeProtectionGroup(input *DescribeProtectionGroupInput) (*DescribeProtectionGroupOutput, error) { + req, out := c.DescribeProtectionGroupRequest(input) return out, req.Send() } -// DescribeSubscriptionWithContext is the same as DescribeSubscription with the addition of +// DescribeProtectionGroupWithContext is the same as DescribeProtectionGroup with the addition of // the ability to pass a context and additional request options. // -// See DescribeSubscription for details on how to use this API operation. +// See DescribeProtectionGroup for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Shield) DescribeSubscriptionWithContext(ctx aws.Context, input *DescribeSubscriptionInput, opts ...request.Option) (*DescribeSubscriptionOutput, error) { - req, out := c.DescribeSubscriptionRequest(input) +func (c *Shield) DescribeProtectionGroupWithContext(ctx aws.Context, input *DescribeProtectionGroupInput, opts ...request.Option) (*DescribeProtectionGroupOutput, error) { + req, out := c.DescribeProtectionGroupRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDisableProactiveEngagement = "DisableProactiveEngagement" +const opDescribeSubscription = "DescribeSubscription" -// DisableProactiveEngagementRequest generates a "aws/request.Request" representing the -// client's request for the DisableProactiveEngagement operation. The "output" return +// DescribeSubscriptionRequest generates a "aws/request.Request" representing the +// client's request for the DescribeSubscription operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DisableProactiveEngagement for more information on using the DisableProactiveEngagement +// See DescribeSubscription for more information on using the DescribeSubscription // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DisableProactiveEngagementRequest method. -// req, resp := client.DisableProactiveEngagementRequest(params) +// // Example sending a request using the DescribeSubscriptionRequest method. +// req, resp := client.DescribeSubscriptionRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableProactiveEngagement -func (c *Shield) DisableProactiveEngagementRequest(input *DisableProactiveEngagementInput) (req *request.Request, output *DisableProactiveEngagementOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeSubscription +func (c *Shield) DescribeSubscriptionRequest(input *DescribeSubscriptionInput) (req *request.Request, output *DescribeSubscriptionOutput) { op := &request.Operation{ - Name: opDisableProactiveEngagement, + Name: opDescribeSubscription, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DisableProactiveEngagementInput{} + input = &DescribeSubscriptionInput{} } - output = &DisableProactiveEngagementOutput{} + output = &DescribeSubscriptionOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DisableProactiveEngagement API operation for AWS Shield. +// DescribeSubscription API operation for AWS Shield. // -// Removes authorization from the DDoS Response Team (DRT) to notify contacts -// about escalations to the DRT and to initiate proactive customer support. +// Provides details about the AWS Shield Advanced subscription for an account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Shield's -// API operation DisableProactiveEngagement for usage and error information. +// API operation DescribeSubscription for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeSubscription +func (c *Shield) DescribeSubscription(input *DescribeSubscriptionInput) (*DescribeSubscriptionOutput, error) { + req, out := c.DescribeSubscriptionRequest(input) + return out, req.Send() +} + +// DescribeSubscriptionWithContext is the same as DescribeSubscription with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeSubscription for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) DescribeSubscriptionWithContext(ctx aws.Context, input *DescribeSubscriptionInput, opts ...request.Option) (*DescribeSubscriptionOutput, error) { + req, out := c.DescribeSubscriptionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisableProactiveEngagement = "DisableProactiveEngagement" + +// DisableProactiveEngagementRequest generates a "aws/request.Request" representing the +// client's request for the DisableProactiveEngagement operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableProactiveEngagement for more information on using the DisableProactiveEngagement +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisableProactiveEngagementRequest method. +// req, resp := client.DisableProactiveEngagementRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableProactiveEngagement +func (c *Shield) DisableProactiveEngagementRequest(input *DisableProactiveEngagementInput) (req *request.Request, output *DisableProactiveEngagementOutput) { + op := &request.Operation{ + Name: opDisableProactiveEngagement, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableProactiveEngagementInput{} + } + + output = &DisableProactiveEngagementOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DisableProactiveEngagement API operation for AWS Shield. +// +// Removes authorization from the DDoS Response Team (DRT) to notify contacts +// about escalations to the DRT and to initiate proactive customer support. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation DisableProactiveEngagement for usage and error information. // // Returned Error Types: // * InternalErrorException @@ -1353,9 +1741,11 @@ func (c *Shield) DisableProactiveEngagementRequest(input *DisableProactiveEngage // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -1468,7 +1858,8 @@ func (c *Shield) DisassociateDRTLogBucketRequest(input *DisassociateDRTLogBucket // client. Retrieve the resource and then retry your request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisassociateDRTLogBucket func (c *Shield) DisassociateDRTLogBucket(input *DisassociateDRTLogBucketInput) (*DisassociateDRTLogBucketOutput, error) { @@ -1567,7 +1958,8 @@ func (c *Shield) DisassociateDRTRoleRequest(input *DisassociateDRTRoleInput) (re // client. Retrieve the resource and then retry your request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisassociateDRTRole func (c *Shield) DisassociateDRTRole(input *DisassociateDRTRoleInput) (*DisassociateDRTRoleOutput, error) { @@ -1660,9 +2052,11 @@ func (c *Shield) DisassociateHealthCheckRequest(input *DisassociateHealthCheckIn // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -1757,9 +2151,11 @@ func (c *Shield) EnableProactiveEngagementRequest(input *EnableProactiveEngageme // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -1934,6 +2330,7 @@ func (c *Shield) ListAttacksRequest(input *ListAttacksInput) (req *request.Reque // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * InvalidOperationException // Exception that indicates that the operation would not cause any change to @@ -2013,35 +2410,35 @@ func (c *Shield) ListAttacksPagesWithContext(ctx aws.Context, input *ListAttacks return p.Err() } -const opListProtections = "ListProtections" +const opListProtectionGroups = "ListProtectionGroups" -// ListProtectionsRequest generates a "aws/request.Request" representing the -// client's request for the ListProtections operation. The "output" return +// ListProtectionGroupsRequest generates a "aws/request.Request" representing the +// client's request for the ListProtectionGroups operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListProtections for more information on using the ListProtections +// See ListProtectionGroups for more information on using the ListProtectionGroups // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the ListProtectionsRequest method. -// req, resp := client.ListProtectionsRequest(params) +// // Example sending a request using the ListProtectionGroupsRequest method. +// req, resp := client.ListProtectionGroupsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtections -func (c *Shield) ListProtectionsRequest(input *ListProtectionsInput) (req *request.Request, output *ListProtectionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtectionGroups +func (c *Shield) ListProtectionGroupsRequest(input *ListProtectionGroupsInput) (req *request.Request, output *ListProtectionGroupsOutput) { op := &request.Operation{ - Name: opListProtections, + Name: opListProtectionGroups, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ @@ -2053,24 +2450,24 @@ func (c *Shield) ListProtectionsRequest(input *ListProtectionsInput) (req *reque } if input == nil { - input = &ListProtectionsInput{} + input = &ListProtectionGroupsInput{} } - output = &ListProtectionsOutput{} + output = &ListProtectionGroupsOutput{} req = c.newRequest(op, input, output) return } -// ListProtections API operation for AWS Shield. +// ListProtectionGroups API operation for AWS Shield. // -// Lists all Protection objects for the account. +// Retrieves the ProtectionGroup objects for the account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Shield's -// API operation ListProtections for usage and error information. +// API operation ListProtectionGroups for usage and error information. // // Returned Error Types: // * InternalErrorException @@ -2078,71 +2475,72 @@ func (c *Shield) ListProtectionsRequest(input *ListProtectionsInput) (req *reque // You can retry the request. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * InvalidPaginationTokenException // Exception that indicates that the NextToken specified in the request is invalid. // Submit the request using the NextToken value that was returned in the response. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtections -func (c *Shield) ListProtections(input *ListProtectionsInput) (*ListProtectionsOutput, error) { - req, out := c.ListProtectionsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtectionGroups +func (c *Shield) ListProtectionGroups(input *ListProtectionGroupsInput) (*ListProtectionGroupsOutput, error) { + req, out := c.ListProtectionGroupsRequest(input) return out, req.Send() } -// ListProtectionsWithContext is the same as ListProtections with the addition of +// ListProtectionGroupsWithContext is the same as ListProtectionGroups with the addition of // the ability to pass a context and additional request options. // -// See ListProtections for details on how to use this API operation. +// See ListProtectionGroups for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Shield) ListProtectionsWithContext(ctx aws.Context, input *ListProtectionsInput, opts ...request.Option) (*ListProtectionsOutput, error) { - req, out := c.ListProtectionsRequest(input) +func (c *Shield) ListProtectionGroupsWithContext(ctx aws.Context, input *ListProtectionGroupsInput, opts ...request.Option) (*ListProtectionGroupsOutput, error) { + req, out := c.ListProtectionGroupsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListProtectionsPages iterates over the pages of a ListProtections operation, +// ListProtectionGroupsPages iterates over the pages of a ListProtectionGroups operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListProtections method for more information on how to use this operation. +// See ListProtectionGroups method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListProtections operation. +// // Example iterating over at most 3 pages of a ListProtectionGroups operation. // pageNum := 0 -// err := client.ListProtectionsPages(params, -// func(page *shield.ListProtectionsOutput, lastPage bool) bool { +// err := client.ListProtectionGroupsPages(params, +// func(page *shield.ListProtectionGroupsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) // -func (c *Shield) ListProtectionsPages(input *ListProtectionsInput, fn func(*ListProtectionsOutput, bool) bool) error { - return c.ListProtectionsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *Shield) ListProtectionGroupsPages(input *ListProtectionGroupsInput, fn func(*ListProtectionGroupsOutput, bool) bool) error { + return c.ListProtectionGroupsPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListProtectionsPagesWithContext same as ListProtectionsPages except +// ListProtectionGroupsPagesWithContext same as ListProtectionGroupsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Shield) ListProtectionsPagesWithContext(ctx aws.Context, input *ListProtectionsInput, fn func(*ListProtectionsOutput, bool) bool, opts ...request.Option) error { +func (c *Shield) ListProtectionGroupsPagesWithContext(ctx aws.Context, input *ListProtectionGroupsInput, fn func(*ListProtectionGroupsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListProtectionsInput + var inCpy *ListProtectionGroupsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListProtectionsRequest(inCpy) + req, _ := c.ListProtectionGroupsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -2150,7 +2548,7 @@ func (c *Shield) ListProtectionsPagesWithContext(ctx aws.Context, input *ListPro } for p.Next() { - if !fn(p.Page().(*ListProtectionsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListProtectionGroupsOutput), !p.HasNextPage()) { break } } @@ -2158,171 +2556,562 @@ func (c *Shield) ListProtectionsPagesWithContext(ctx aws.Context, input *ListPro return p.Err() } -const opUpdateEmergencyContactSettings = "UpdateEmergencyContactSettings" +const opListProtections = "ListProtections" -// UpdateEmergencyContactSettingsRequest generates a "aws/request.Request" representing the -// client's request for the UpdateEmergencyContactSettings operation. The "output" return +// ListProtectionsRequest generates a "aws/request.Request" representing the +// client's request for the ListProtections operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateEmergencyContactSettings for more information on using the UpdateEmergencyContactSettings +// See ListProtections for more information on using the ListProtections // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the UpdateEmergencyContactSettingsRequest method. -// req, resp := client.UpdateEmergencyContactSettingsRequest(params) +// // Example sending a request using the ListProtectionsRequest method. +// req, resp := client.ListProtectionsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateEmergencyContactSettings -func (c *Shield) UpdateEmergencyContactSettingsRequest(input *UpdateEmergencyContactSettingsInput) (req *request.Request, output *UpdateEmergencyContactSettingsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtections +func (c *Shield) ListProtectionsRequest(input *ListProtectionsInput) (req *request.Request, output *ListProtectionsOutput) { op := &request.Operation{ - Name: opUpdateEmergencyContactSettings, + Name: opListProtections, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdateEmergencyContactSettingsInput{} + input = &ListProtectionsInput{} } - output = &UpdateEmergencyContactSettingsOutput{} + output = &ListProtectionsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateEmergencyContactSettings API operation for AWS Shield. +// ListProtections API operation for AWS Shield. // -// Updates the details of the list of email addresses and phone numbers that -// the DDoS Response Team (DRT) can use to contact you if you have proactive -// engagement enabled, for escalations to the DRT and to initiate proactive -// customer support. +// Lists all Protection objects for the account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Shield's -// API operation UpdateEmergencyContactSettings for usage and error information. +// API operation ListProtections for usage and error information. // // Returned Error Types: // * InternalErrorException // Exception that indicates that a problem occurred with the service infrastructure. // You can retry the request. // -// * InvalidParameterException -// Exception that indicates that the parameters passed to the API are invalid. -// -// * OptimisticLockException -// Exception that indicates that the resource state has been modified by another -// client. Retrieve the resource and then retry your request. -// // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateEmergencyContactSettings -func (c *Shield) UpdateEmergencyContactSettings(input *UpdateEmergencyContactSettingsInput) (*UpdateEmergencyContactSettingsOutput, error) { - req, out := c.UpdateEmergencyContactSettingsRequest(input) +// * InvalidPaginationTokenException +// Exception that indicates that the NextToken specified in the request is invalid. +// Submit the request using the NextToken value that was returned in the response. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtections +func (c *Shield) ListProtections(input *ListProtectionsInput) (*ListProtectionsOutput, error) { + req, out := c.ListProtectionsRequest(input) return out, req.Send() } -// UpdateEmergencyContactSettingsWithContext is the same as UpdateEmergencyContactSettings with the addition of +// ListProtectionsWithContext is the same as ListProtections with the addition of // the ability to pass a context and additional request options. // -// See UpdateEmergencyContactSettings for details on how to use this API operation. +// See ListProtections for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Shield) UpdateEmergencyContactSettingsWithContext(ctx aws.Context, input *UpdateEmergencyContactSettingsInput, opts ...request.Option) (*UpdateEmergencyContactSettingsOutput, error) { - req, out := c.UpdateEmergencyContactSettingsRequest(input) +func (c *Shield) ListProtectionsWithContext(ctx aws.Context, input *ListProtectionsInput, opts ...request.Option) (*ListProtectionsOutput, error) { + req, out := c.ListProtectionsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateSubscription = "UpdateSubscription" +// ListProtectionsPages iterates over the pages of a ListProtections operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListProtections method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListProtections operation. +// pageNum := 0 +// err := client.ListProtectionsPages(params, +// func(page *shield.ListProtectionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Shield) ListProtectionsPages(input *ListProtectionsInput, fn func(*ListProtectionsOutput, bool) bool) error { + return c.ListProtectionsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdateSubscriptionRequest generates a "aws/request.Request" representing the -// client's request for the UpdateSubscription operation. The "output" return +// ListProtectionsPagesWithContext same as ListProtectionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) ListProtectionsPagesWithContext(ctx aws.Context, input *ListProtectionsInput, fn func(*ListProtectionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListProtectionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListProtectionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListProtectionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListResourcesInProtectionGroup = "ListResourcesInProtectionGroup" + +// ListResourcesInProtectionGroupRequest generates a "aws/request.Request" representing the +// client's request for the ListResourcesInProtectionGroup operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateSubscription for more information on using the UpdateSubscription +// See ListResourcesInProtectionGroup for more information on using the ListResourcesInProtectionGroup // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the UpdateSubscriptionRequest method. -// req, resp := client.UpdateSubscriptionRequest(params) +// // Example sending a request using the ListResourcesInProtectionGroupRequest method. +// req, resp := client.ListResourcesInProtectionGroupRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateSubscription -func (c *Shield) UpdateSubscriptionRequest(input *UpdateSubscriptionInput) (req *request.Request, output *UpdateSubscriptionOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListResourcesInProtectionGroup +func (c *Shield) ListResourcesInProtectionGroupRequest(input *ListResourcesInProtectionGroupInput) (req *request.Request, output *ListResourcesInProtectionGroupOutput) { op := &request.Operation{ - Name: opUpdateSubscription, + Name: opListResourcesInProtectionGroup, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdateSubscriptionInput{} + input = &ListResourcesInProtectionGroupInput{} } - output = &UpdateSubscriptionOutput{} + output = &ListResourcesInProtectionGroupOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateSubscription API operation for AWS Shield. +// ListResourcesInProtectionGroup API operation for AWS Shield. // -// Updates the details of an existing subscription. Only enter values for parameters -// you want to change. Empty parameters are not updated. +// Retrieves the resources that are included in the protection group. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Shield's -// API operation UpdateSubscription for usage and error information. +// API operation ListResourcesInProtectionGroup for usage and error information. // // Returned Error Types: // * InternalErrorException // Exception that indicates that a problem occurred with the service infrastructure. // You can retry the request. // -// * LockedSubscriptionException -// You are trying to update a subscription that has not yet completed the 1-year +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// * InvalidPaginationTokenException +// Exception that indicates that the NextToken specified in the request is invalid. +// Submit the request using the NextToken value that was returned in the response. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListResourcesInProtectionGroup +func (c *Shield) ListResourcesInProtectionGroup(input *ListResourcesInProtectionGroupInput) (*ListResourcesInProtectionGroupOutput, error) { + req, out := c.ListResourcesInProtectionGroupRequest(input) + return out, req.Send() +} + +// ListResourcesInProtectionGroupWithContext is the same as ListResourcesInProtectionGroup with the addition of +// the ability to pass a context and additional request options. +// +// See ListResourcesInProtectionGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) ListResourcesInProtectionGroupWithContext(ctx aws.Context, input *ListResourcesInProtectionGroupInput, opts ...request.Option) (*ListResourcesInProtectionGroupOutput, error) { + req, out := c.ListResourcesInProtectionGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListResourcesInProtectionGroupPages iterates over the pages of a ListResourcesInProtectionGroup operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListResourcesInProtectionGroup method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListResourcesInProtectionGroup operation. +// pageNum := 0 +// err := client.ListResourcesInProtectionGroupPages(params, +// func(page *shield.ListResourcesInProtectionGroupOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Shield) ListResourcesInProtectionGroupPages(input *ListResourcesInProtectionGroupInput, fn func(*ListResourcesInProtectionGroupOutput, bool) bool) error { + return c.ListResourcesInProtectionGroupPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListResourcesInProtectionGroupPagesWithContext same as ListResourcesInProtectionGroupPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) ListResourcesInProtectionGroupPagesWithContext(ctx aws.Context, input *ListResourcesInProtectionGroupInput, fn func(*ListResourcesInProtectionGroupOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListResourcesInProtectionGroupInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListResourcesInProtectionGroupRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListResourcesInProtectionGroupOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opUpdateEmergencyContactSettings = "UpdateEmergencyContactSettings" + +// UpdateEmergencyContactSettingsRequest generates a "aws/request.Request" representing the +// client's request for the UpdateEmergencyContactSettings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateEmergencyContactSettings for more information on using the UpdateEmergencyContactSettings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateEmergencyContactSettingsRequest method. +// req, resp := client.UpdateEmergencyContactSettingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateEmergencyContactSettings +func (c *Shield) UpdateEmergencyContactSettingsRequest(input *UpdateEmergencyContactSettingsInput) (req *request.Request, output *UpdateEmergencyContactSettingsOutput) { + op := &request.Operation{ + Name: opUpdateEmergencyContactSettings, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateEmergencyContactSettingsInput{} + } + + output = &UpdateEmergencyContactSettingsOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateEmergencyContactSettings API operation for AWS Shield. +// +// Updates the details of the list of email addresses and phone numbers that +// the DDoS Response Team (DRT) can use to contact you if you have proactive +// engagement enabled, for escalations to the DRT and to initiate proactive +// customer support. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation UpdateEmergencyContactSettings for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * InvalidParameterException +// Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. +// +// * OptimisticLockException +// Exception that indicates that the resource state has been modified by another +// client. Retrieve the resource and then retry your request. +// +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateEmergencyContactSettings +func (c *Shield) UpdateEmergencyContactSettings(input *UpdateEmergencyContactSettingsInput) (*UpdateEmergencyContactSettingsOutput, error) { + req, out := c.UpdateEmergencyContactSettingsRequest(input) + return out, req.Send() +} + +// UpdateEmergencyContactSettingsWithContext is the same as UpdateEmergencyContactSettings with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateEmergencyContactSettings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) UpdateEmergencyContactSettingsWithContext(ctx aws.Context, input *UpdateEmergencyContactSettingsInput, opts ...request.Option) (*UpdateEmergencyContactSettingsOutput, error) { + req, out := c.UpdateEmergencyContactSettingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateProtectionGroup = "UpdateProtectionGroup" + +// UpdateProtectionGroupRequest generates a "aws/request.Request" representing the +// client's request for the UpdateProtectionGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateProtectionGroup for more information on using the UpdateProtectionGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateProtectionGroupRequest method. +// req, resp := client.UpdateProtectionGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateProtectionGroup +func (c *Shield) UpdateProtectionGroupRequest(input *UpdateProtectionGroupInput) (req *request.Request, output *UpdateProtectionGroupOutput) { + op := &request.Operation{ + Name: opUpdateProtectionGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateProtectionGroupInput{} + } + + output = &UpdateProtectionGroupOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateProtectionGroup API operation for AWS Shield. +// +// Updates an existing protection group. A protection group is a grouping of +// protected resources so they can be handled as a collective. This resource +// grouping improves the accuracy of detection and reduces false positives. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation UpdateProtectionGroup for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * ResourceNotFoundException +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. +// +// * OptimisticLockException +// Exception that indicates that the resource state has been modified by another +// client. Retrieve the resource and then retry your request. +// +// * InvalidParameterException +// Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateProtectionGroup +func (c *Shield) UpdateProtectionGroup(input *UpdateProtectionGroupInput) (*UpdateProtectionGroupOutput, error) { + req, out := c.UpdateProtectionGroupRequest(input) + return out, req.Send() +} + +// UpdateProtectionGroupWithContext is the same as UpdateProtectionGroup with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateProtectionGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Shield) UpdateProtectionGroupWithContext(ctx aws.Context, input *UpdateProtectionGroupInput, opts ...request.Option) (*UpdateProtectionGroupOutput, error) { + req, out := c.UpdateProtectionGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateSubscription = "UpdateSubscription" + +// UpdateSubscriptionRequest generates a "aws/request.Request" representing the +// client's request for the UpdateSubscription operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateSubscription for more information on using the UpdateSubscription +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateSubscriptionRequest method. +// req, resp := client.UpdateSubscriptionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateSubscription +func (c *Shield) UpdateSubscriptionRequest(input *UpdateSubscriptionInput) (req *request.Request, output *UpdateSubscriptionOutput) { + op := &request.Operation{ + Name: opUpdateSubscription, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateSubscriptionInput{} + } + + output = &UpdateSubscriptionOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateSubscription API operation for AWS Shield. +// +// Updates the details of an existing subscription. Only enter values for parameters +// you want to change. Empty parameters are not updated. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Shield's +// API operation UpdateSubscription for usage and error information. +// +// Returned Error Types: +// * InternalErrorException +// Exception that indicates that a problem occurred with the service infrastructure. +// You can retry the request. +// +// * LockedSubscriptionException +// You are trying to update a subscription that has not yet completed the 1-year // commitment. You can change the AutoRenew parameter during the last 30 days // of your subscription. This exception indicates that you are attempting to // change AutoRenew prior to that period. // // * ResourceNotFoundException -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. // // * InvalidParameterException // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. // // * OptimisticLockException // Exception that indicates that the resource state has been modified by another @@ -2831,7 +3620,7 @@ type AttackProperty struct { // pingback DDoS attacks. AttackPropertyIdentifier *string `type:"string" enum:"AttackPropertyIdentifier"` - // The array of Contributor objects that includes the top five contributors + // The array of contributor objects that includes the top five contributors // to an attack. TopContributors []*Contributor `type:"list"` @@ -2883,6 +3672,45 @@ func (s *AttackProperty) SetUnit(v string) *AttackProperty { return s } +// A single attack statistics data record. This is returned by DescribeAttackStatistics +// along with a time range indicating the time period that the attack statistics +// apply to. +type AttackStatisticsDataItem struct { + _ struct{} `type:"structure"` + + // The number of attacks detected during the time period. This is always present, + // but might be zero. + // + // AttackCount is a required field + AttackCount *int64 `type:"long" required:"true"` + + // Information about the volume of attacks during the time period. If the accompanying + // AttackCount is zero, this setting might be empty. + AttackVolume *AttackVolume `type:"structure"` +} + +// String returns the string representation +func (s AttackStatisticsDataItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AttackStatisticsDataItem) GoString() string { + return s.String() +} + +// SetAttackCount sets the AttackCount field's value. +func (s *AttackStatisticsDataItem) SetAttackCount(v int64) *AttackStatisticsDataItem { + s.AttackCount = &v + return s +} + +// SetAttackVolume sets the AttackVolume field's value. +func (s *AttackStatisticsDataItem) SetAttackVolume(v *AttackVolume) *AttackStatisticsDataItem { + s.AttackVolume = v + return s +} + // Summarizes all DDoS attacks for a specified time period. type AttackSummary struct { _ struct{} `type:"structure"` @@ -2985,62 +3813,262 @@ type AttackVectorDescription struct { // // * UDS_REFLECTION // - // * MEMCACHED_REFLECTION + // * MEMCACHED_REFLECTION + // + // VectorType is a required field + VectorType *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s AttackVectorDescription) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AttackVectorDescription) GoString() string { + return s.String() +} + +// SetVectorType sets the VectorType field's value. +func (s *AttackVectorDescription) SetVectorType(v string) *AttackVectorDescription { + s.VectorType = &v + return s +} + +// Information about the volume of attacks during the time period, included +// in an AttackStatisticsDataItem. If the accompanying AttackCount in the statistics +// object is zero, this setting might be empty. +type AttackVolume struct { + _ struct{} `type:"structure"` + + // A statistics object that uses bits per second as the unit. This is included + // for network level attacks. + BitsPerSecond *AttackVolumeStatistics `type:"structure"` + + // A statistics object that uses packets per second as the unit. This is included + // for network level attacks. + PacketsPerSecond *AttackVolumeStatistics `type:"structure"` + + // A statistics object that uses requests per second as the unit. This is included + // for application level attacks, and is only available for accounts that are + // subscribed to Shield Advanced. + RequestsPerSecond *AttackVolumeStatistics `type:"structure"` +} + +// String returns the string representation +func (s AttackVolume) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AttackVolume) GoString() string { + return s.String() +} + +// SetBitsPerSecond sets the BitsPerSecond field's value. +func (s *AttackVolume) SetBitsPerSecond(v *AttackVolumeStatistics) *AttackVolume { + s.BitsPerSecond = v + return s +} + +// SetPacketsPerSecond sets the PacketsPerSecond field's value. +func (s *AttackVolume) SetPacketsPerSecond(v *AttackVolumeStatistics) *AttackVolume { + s.PacketsPerSecond = v + return s +} + +// SetRequestsPerSecond sets the RequestsPerSecond field's value. +func (s *AttackVolume) SetRequestsPerSecond(v *AttackVolumeStatistics) *AttackVolume { + s.RequestsPerSecond = v + return s +} + +// Statistics objects for the various data types in AttackVolume. +type AttackVolumeStatistics struct { + _ struct{} `type:"structure"` + + // The maximum attack volume observed for the given unit. + // + // Max is a required field + Max *float64 `type:"double" required:"true"` +} + +// String returns the string representation +func (s AttackVolumeStatistics) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AttackVolumeStatistics) GoString() string { + return s.String() +} + +// SetMax sets the Max field's value. +func (s *AttackVolumeStatistics) SetMax(v float64) *AttackVolumeStatistics { + s.Max = &v + return s +} + +// A contributor to the attack and their contribution. +type Contributor struct { + _ struct{} `type:"structure"` + + // The name of the contributor. This is dependent on the AttackPropertyIdentifier. + // For example, if the AttackPropertyIdentifier is SOURCE_COUNTRY, the Name + // could be United States. + Name *string `type:"string"` + + // The contribution of this contributor expressed in Protection units. For example + // 10,000. + Value *int64 `type:"long"` +} + +// String returns the string representation +func (s Contributor) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Contributor) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *Contributor) SetName(v string) *Contributor { + s.Name = &v + return s +} + +// SetValue sets the Value field's value. +func (s *Contributor) SetValue(v int64) *Contributor { + s.Value = &v + return s +} + +type CreateProtectionGroupInput struct { + _ struct{} `type:"structure"` + + // Defines how AWS Shield combines resource data for the group in order to detect, + // mitigate, and report events. + // + // * Sum - Use the total traffic across the group. This is a good choice + // for most cases. Examples include Elastic IP addresses for EC2 instances + // that scale manually or automatically. + // + // * Mean - Use the average of the traffic across the group. This is a good + // choice for resources that share traffic uniformly. Examples include accelerators + // and load balancers. + // + // * Max - Use the highest traffic from each resource. This is useful for + // resources that don't share traffic and for resources that share that traffic + // in a non-uniform way. Examples include CloudFront distributions and origin + // resources for CloudFront distributions. + // + // Aggregation is a required field + Aggregation *string `type:"string" required:"true" enum:"ProtectionGroupAggregation"` + + // The Amazon Resource Names (ARNs) of the resources to include in the protection + // group. You must set this when you set Pattern to ARBITRARY and you must not + // set it for any other Pattern setting. + Members []*string `type:"list"` + + // The criteria to use to choose the protected resources for inclusion in the + // group. You can include all resources that have protections, provide a list + // of resource Amazon Resource Names (ARNs), or include all resources of a specified + // resource type. + // + // Pattern is a required field + Pattern *string `type:"string" required:"true" enum:"ProtectionGroupPattern"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. // - // VectorType is a required field - VectorType *string `type:"string" required:"true"` + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` + + // The resource type to include in the protection group. All protected resources + // of this type are included in the protection group. Newly protected resources + // of this type are automatically added to the group. You must set this when + // you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other + // Pattern setting. + ResourceType *string `type:"string" enum:"ProtectedResourceType"` } // String returns the string representation -func (s AttackVectorDescription) String() string { +func (s CreateProtectionGroupInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AttackVectorDescription) GoString() string { +func (s CreateProtectionGroupInput) GoString() string { return s.String() } -// SetVectorType sets the VectorType field's value. -func (s *AttackVectorDescription) SetVectorType(v string) *AttackVectorDescription { - s.VectorType = &v +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateProtectionGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateProtectionGroupInput"} + if s.Aggregation == nil { + invalidParams.Add(request.NewErrParamRequired("Aggregation")) + } + if s.Pattern == nil { + invalidParams.Add(request.NewErrParamRequired("Pattern")) + } + if s.ProtectionGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("ProtectionGroupId")) + } + if s.ProtectionGroupId != nil && len(*s.ProtectionGroupId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProtectionGroupId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregation sets the Aggregation field's value. +func (s *CreateProtectionGroupInput) SetAggregation(v string) *CreateProtectionGroupInput { + s.Aggregation = &v return s } -// A contributor to the attack and their contribution. -type Contributor struct { - _ struct{} `type:"structure"` +// SetMembers sets the Members field's value. +func (s *CreateProtectionGroupInput) SetMembers(v []*string) *CreateProtectionGroupInput { + s.Members = v + return s +} - // The name of the contributor. This is dependent on the AttackPropertyIdentifier. - // For example, if the AttackPropertyIdentifier is SOURCE_COUNTRY, the Name - // could be United States. - Name *string `type:"string"` +// SetPattern sets the Pattern field's value. +func (s *CreateProtectionGroupInput) SetPattern(v string) *CreateProtectionGroupInput { + s.Pattern = &v + return s +} - // The contribution of this contributor expressed in Protection units. For example - // 10,000. - Value *int64 `type:"long"` +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *CreateProtectionGroupInput) SetProtectionGroupId(v string) *CreateProtectionGroupInput { + s.ProtectionGroupId = &v + return s } -// String returns the string representation -func (s Contributor) String() string { - return awsutil.Prettify(s) +// SetResourceType sets the ResourceType field's value. +func (s *CreateProtectionGroupInput) SetResourceType(v string) *CreateProtectionGroupInput { + s.ResourceType = &v + return s } -// GoString returns the string representation -func (s Contributor) GoString() string { - return s.String() +type CreateProtectionGroupOutput struct { + _ struct{} `type:"structure"` } -// SetName sets the Name field's value. -func (s *Contributor) SetName(v string) *Contributor { - s.Name = &v - return s +// String returns the string representation +func (s CreateProtectionGroupOutput) String() string { + return awsutil.Prettify(s) } -// SetValue sets the Value field's value. -func (s *Contributor) SetValue(v int64) *Contributor { - s.Value = &v - return s +// GoString returns the string representation +func (s CreateProtectionGroupOutput) GoString() string { + return s.String() } type CreateProtectionInput struct { @@ -3166,6 +4194,63 @@ func (s CreateSubscriptionOutput) GoString() string { return s.String() } +type DeleteProtectionGroupInput struct { + _ struct{} `type:"structure"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. + // + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteProtectionGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteProtectionGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteProtectionGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteProtectionGroupInput"} + if s.ProtectionGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("ProtectionGroupId")) + } + if s.ProtectionGroupId != nil && len(*s.ProtectionGroupId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProtectionGroupId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *DeleteProtectionGroupInput) SetProtectionGroupId(v string) *DeleteProtectionGroupInput { + s.ProtectionGroupId = &v + return s +} + +type DeleteProtectionGroupOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteProtectionGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteProtectionGroupOutput) GoString() string { + return s.String() +} + type DeleteProtectionInput struct { _ struct{} `type:"structure"` @@ -3315,6 +4400,56 @@ func (s *DescribeAttackOutput) SetAttack(v *AttackDetail) *DescribeAttackOutput return s } +type DescribeAttackStatisticsInput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DescribeAttackStatisticsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeAttackStatisticsInput) GoString() string { + return s.String() +} + +type DescribeAttackStatisticsOutput struct { + _ struct{} `type:"structure"` + + // The data that describes the attacks detected during the time period. + // + // DataItems is a required field + DataItems []*AttackStatisticsDataItem `type:"list" required:"true"` + + // The time range. + // + // TimeRange is a required field + TimeRange *TimeRange `type:"structure" required:"true"` +} + +// String returns the string representation +func (s DescribeAttackStatisticsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeAttackStatisticsOutput) GoString() string { + return s.String() +} + +// SetDataItems sets the DataItems field's value. +func (s *DescribeAttackStatisticsOutput) SetDataItems(v []*AttackStatisticsDataItem) *DescribeAttackStatisticsOutput { + s.DataItems = v + return s +} + +// SetTimeRange sets the TimeRange field's value. +func (s *DescribeAttackStatisticsOutput) SetTimeRange(v *TimeRange) *DescribeAttackStatisticsOutput { + s.TimeRange = v + return s +} + type DescribeDRTAccessInput struct { _ struct{} `type:"structure"` } @@ -3401,6 +4536,76 @@ func (s *DescribeEmergencyContactSettingsOutput) SetEmergencyContactList(v []*Em return s } +type DescribeProtectionGroupInput struct { + _ struct{} `type:"structure"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. + // + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s DescribeProtectionGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeProtectionGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeProtectionGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeProtectionGroupInput"} + if s.ProtectionGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("ProtectionGroupId")) + } + if s.ProtectionGroupId != nil && len(*s.ProtectionGroupId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProtectionGroupId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *DescribeProtectionGroupInput) SetProtectionGroupId(v string) *DescribeProtectionGroupInput { + s.ProtectionGroupId = &v + return s +} + +type DescribeProtectionGroupOutput struct { + _ struct{} `type:"structure"` + + // A grouping of protected resources that you and AWS Shield Advanced can monitor + // as a collective. This resource grouping improves the accuracy of detection + // and reduces false positives. + // + // ProtectionGroup is a required field + ProtectionGroup *ProtectionGroup `type:"structure" required:"true"` +} + +// String returns the string representation +func (s DescribeProtectionGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeProtectionGroupOutput) GoString() string { + return s.String() +} + +// SetProtectionGroup sets the ProtectionGroup field's value. +func (s *DescribeProtectionGroupOutput) SetProtectionGroup(v *ProtectionGroup) *DescribeProtectionGroupOutput { + s.ProtectionGroup = v + return s +} + type DescribeProtectionInput struct { _ struct{} `type:"structure"` @@ -4005,11 +5210,18 @@ func (s *InvalidPaginationTokenException) RequestID() string { } // Exception that indicates that the parameters passed to the API are invalid. +// If available, this exception includes details in additional properties. type InvalidParameterException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Fields that caused the exception. + Fields []*ValidationExceptionField `locationName:"fields" type:"list"` + Message_ *string `locationName:"message" type:"string"` + + // Additional information about the exception. + Reason *string `locationName:"reason" type:"string" enum:"ValidationExceptionReason"` } // String returns the string representation @@ -4047,7 +5259,7 @@ func (s *InvalidParameterException) OrigErr() error { } func (s *InvalidParameterException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. @@ -4223,14 +5435,14 @@ type ListAttacksInput struct { // is allowed. EndTime *TimeRange `type:"structure"` - // The maximum number of AttackSummary objects to be returned. If this is left - // blank, the first 20 results will be returned. + // The maximum number of AttackSummary objects to return. If you leave this + // blank, Shield Advanced returns the first 20 results. // - // This is a maximum value; it is possible that AWS WAF will return the results - // in smaller batches. That is, the number of AttackSummary objects returned - // could be less than MaxResults, even if there are still more AttackSummary - // objects yet to return. If there are more AttackSummary objects to return, - // AWS WAF will always also return a NextToken. + // This is a maximum value. Shield Advanced might return the results in smaller + // batches. That is, the number of objects returned could be less than MaxResults, + // even if there are still more objects yet to return. If there are more objects + // to return, Shield Advanced returns a value in NextToken that you can use + // in your next request, to get the next batch of objects. MaxResults *int64 `type:"integer"` // The ListAttacksRequest.NextMarker value from a previous call to ListAttacksRequest. @@ -4278,79 +5490,166 @@ func (s *ListAttacksInput) SetEndTime(v *TimeRange) *ListAttacksInput { } // SetMaxResults sets the MaxResults field's value. -func (s *ListAttacksInput) SetMaxResults(v int64) *ListAttacksInput { +func (s *ListAttacksInput) SetMaxResults(v int64) *ListAttacksInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAttacksInput) SetNextToken(v string) *ListAttacksInput { + s.NextToken = &v + return s +} + +// SetResourceArns sets the ResourceArns field's value. +func (s *ListAttacksInput) SetResourceArns(v []*string) *ListAttacksInput { + s.ResourceArns = v + return s +} + +// SetStartTime sets the StartTime field's value. +func (s *ListAttacksInput) SetStartTime(v *TimeRange) *ListAttacksInput { + s.StartTime = v + return s +} + +type ListAttacksOutput struct { + _ struct{} `type:"structure"` + + // The attack information for the specified time range. + AttackSummaries []*AttackSummary `type:"list"` + + // The token returned by a previous call to indicate that there is more data + // available. If not null, more results are available. Pass this value for the + // NextMarker parameter in a subsequent call to ListAttacks to retrieve the + // next set of items. + // + // Shield Advanced might return the list of AttackSummary objects in batches + // smaller than the number specified by MaxResults. If there are more attack + // summary objects to return, Shield Advanced will always also return a NextToken. + NextToken *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s ListAttacksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListAttacksOutput) GoString() string { + return s.String() +} + +// SetAttackSummaries sets the AttackSummaries field's value. +func (s *ListAttacksOutput) SetAttackSummaries(v []*AttackSummary) *ListAttacksOutput { + s.AttackSummaries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAttacksOutput) SetNextToken(v string) *ListAttacksOutput { + s.NextToken = &v + return s +} + +type ListProtectionGroupsInput struct { + _ struct{} `type:"structure"` + + // The maximum number of ProtectionGroup objects to return. If you leave this + // blank, Shield Advanced returns the first 20 results. + // + // This is a maximum value. Shield Advanced might return the results in smaller + // batches. That is, the number of objects returned could be less than MaxResults, + // even if there are still more objects yet to return. If there are more objects + // to return, Shield Advanced returns a value in NextToken that you can use + // in your next request, to get the next batch of objects. + MaxResults *int64 `type:"integer"` + + // The next token value from a previous call to ListProtectionGroups. Pass null + // if this is the first call. + NextToken *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s ListProtectionGroupsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListProtectionGroupsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListProtectionGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListProtectionGroupsInput"} + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListProtectionGroupsInput) SetMaxResults(v int64) *ListProtectionGroupsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListAttacksInput) SetNextToken(v string) *ListAttacksInput { +func (s *ListProtectionGroupsInput) SetNextToken(v string) *ListProtectionGroupsInput { s.NextToken = &v return s } -// SetResourceArns sets the ResourceArns field's value. -func (s *ListAttacksInput) SetResourceArns(v []*string) *ListAttacksInput { - s.ResourceArns = v - return s -} - -// SetStartTime sets the StartTime field's value. -func (s *ListAttacksInput) SetStartTime(v *TimeRange) *ListAttacksInput { - s.StartTime = v - return s -} - -type ListAttacksOutput struct { +type ListProtectionGroupsOutput struct { _ struct{} `type:"structure"` - // The attack information for the specified time range. - AttackSummaries []*AttackSummary `type:"list"` - - // The token returned by a previous call to indicate that there is more data - // available. If not null, more results are available. Pass this value for the - // NextMarker parameter in a subsequent call to ListAttacks to retrieve the - // next set of items. - // - // AWS WAF might return the list of AttackSummary objects in batches smaller - // than the number specified by MaxResults. If there are more AttackSummary - // objects to return, AWS WAF will always also return a NextToken. + // If you specify a value for MaxResults and you have more protection groups + // than the value of MaxResults, AWS Shield Advanced returns this token that + // you can use in your next request, to get the next batch of objects. NextToken *string `min:"1" type:"string"` + + // ProtectionGroups is a required field + ProtectionGroups []*ProtectionGroup `type:"list" required:"true"` } // String returns the string representation -func (s ListAttacksOutput) String() string { +func (s ListProtectionGroupsOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ListAttacksOutput) GoString() string { +func (s ListProtectionGroupsOutput) GoString() string { return s.String() } -// SetAttackSummaries sets the AttackSummaries field's value. -func (s *ListAttacksOutput) SetAttackSummaries(v []*AttackSummary) *ListAttacksOutput { - s.AttackSummaries = v +// SetNextToken sets the NextToken field's value. +func (s *ListProtectionGroupsOutput) SetNextToken(v string) *ListProtectionGroupsOutput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListAttacksOutput) SetNextToken(v string) *ListAttacksOutput { - s.NextToken = &v +// SetProtectionGroups sets the ProtectionGroups field's value. +func (s *ListProtectionGroupsOutput) SetProtectionGroups(v []*ProtectionGroup) *ListProtectionGroupsOutput { + s.ProtectionGroups = v return s } type ListProtectionsInput struct { _ struct{} `type:"structure"` - // The maximum number of Protection objects to be returned. If this is left - // blank the first 20 results will be returned. + // The maximum number of Protection objects to return. If you leave this blank, + // Shield Advanced returns the first 20 results. // - // This is a maximum value; it is possible that AWS WAF will return the results - // in smaller batches. That is, the number of Protection objects returned could - // be less than MaxResults, even if there are still more Protection objects - // yet to return. If there are more Protection objects to return, AWS WAF will - // always also return a NextToken. + // This is a maximum value. Shield Advanced might return the results in smaller + // batches. That is, the number of objects returned could be less than MaxResults, + // even if there are still more objects yet to return. If there are more objects + // to return, Shield Advanced returns a value in NextToken that you can use + // in your next request, to get the next batch of objects. MaxResults *int64 `type:"integer"` // The ListProtectionsRequest.NextToken value from a previous call to ListProtections. @@ -4402,9 +5701,9 @@ type ListProtectionsOutput struct { // second and subsequent ListProtections requests, specify the value of NextToken // from the previous response to get information about another batch of Protections. // - // AWS WAF might return the list of Protection objects in batches smaller than - // the number specified by MaxResults. If there are more Protection objects - // to return, AWS WAF will always also return a NextToken. + // Shield Advanced might return the list of Protection objects in batches smaller + // than the number specified by MaxResults. If there are more Protection objects + // to return, Shield Advanced will always also return a NextToken. NextToken *string `min:"1" type:"string"` // The array of enabled Protection objects. @@ -4433,6 +5732,116 @@ func (s *ListProtectionsOutput) SetProtections(v []*Protection) *ListProtections return s } +type ListResourcesInProtectionGroupInput struct { + _ struct{} `type:"structure"` + + // The maximum number of resource ARN objects to return. If you leave this blank, + // Shield Advanced returns the first 20 results. + // + // This is a maximum value. Shield Advanced might return the results in smaller + // batches. That is, the number of objects returned could be less than MaxResults, + // even if there are still more objects yet to return. If there are more objects + // to return, Shield Advanced returns a value in NextToken that you can use + // in your next request, to get the next batch of objects. + MaxResults *int64 `type:"integer"` + + // The next token value from a previous call to ListResourcesInProtectionGroup. + // Pass null if this is the first call. + NextToken *string `min:"1" type:"string"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. + // + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListResourcesInProtectionGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListResourcesInProtectionGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListResourcesInProtectionGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListResourcesInProtectionGroupInput"} + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.ProtectionGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("ProtectionGroupId")) + } + if s.ProtectionGroupId != nil && len(*s.ProtectionGroupId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProtectionGroupId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListResourcesInProtectionGroupInput) SetMaxResults(v int64) *ListResourcesInProtectionGroupInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListResourcesInProtectionGroupInput) SetNextToken(v string) *ListResourcesInProtectionGroupInput { + s.NextToken = &v + return s +} + +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *ListResourcesInProtectionGroupInput) SetProtectionGroupId(v string) *ListResourcesInProtectionGroupInput { + s.ProtectionGroupId = &v + return s +} + +type ListResourcesInProtectionGroupOutput struct { + _ struct{} `type:"structure"` + + // If you specify a value for MaxResults and you have more resources in the + // protection group than the value of MaxResults, AWS Shield Advanced returns + // this token that you can use in your next request, to get the next batch of + // objects. + NextToken *string `min:"1" type:"string"` + + // The Amazon Resource Names (ARNs) of the resources that are included in the + // protection group. + // + // ResourceArns is a required field + ResourceArns []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s ListResourcesInProtectionGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListResourcesInProtectionGroupOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListResourcesInProtectionGroupOutput) SetNextToken(v string) *ListResourcesInProtectionGroupOutput { + s.NextToken = &v + return s +} + +// SetResourceArns sets the ResourceArns field's value. +func (s *ListResourcesInProtectionGroupOutput) SetResourceArns(v []*string) *ListResourcesInProtectionGroupOutput { + s.ResourceArns = v + return s +} + // You are trying to update a subscription that has not yet completed the 1-year // commitment. You can change the AutoRenew parameter during the last 30 days // of your subscription. This exception indicates that you are attempting to @@ -4553,140 +5962,354 @@ func (s *NoAssociatedRoleException) Message() string { return "" } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *NoAssociatedRoleException) OrigErr() error { - return nil +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *NoAssociatedRoleException) OrigErr() error { + return nil +} + +func (s *NoAssociatedRoleException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *NoAssociatedRoleException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *NoAssociatedRoleException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Exception that indicates that the resource state has been modified by another +// client. Retrieve the resource and then retry your request. +type OptimisticLockException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s OptimisticLockException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OptimisticLockException) GoString() string { + return s.String() +} + +func newErrorOptimisticLockException(v protocol.ResponseMetadata) error { + return &OptimisticLockException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *OptimisticLockException) Code() string { + return "OptimisticLockException" +} + +// Message returns the exception's message. +func (s *OptimisticLockException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *OptimisticLockException) OrigErr() error { + return nil +} + +func (s *OptimisticLockException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *OptimisticLockException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *OptimisticLockException) RequestID() string { + return s.RespMetadata.RequestID +} + +// An object that represents a resource that is under DDoS protection. +type Protection struct { + _ struct{} `type:"structure"` + + // The unique identifier (ID) for the Route 53 health check that's associated + // with the protection. + HealthCheckIds []*string `type:"list"` + + // The unique identifier (ID) of the protection. + Id *string `min:"1" type:"string"` + + // The name of the protection. For example, My CloudFront distributions. + Name *string `min:"1" type:"string"` + + // The ARN (Amazon Resource Name) of the AWS resource that is protected. + ResourceArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s Protection) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Protection) GoString() string { + return s.String() +} + +// SetHealthCheckIds sets the HealthCheckIds field's value. +func (s *Protection) SetHealthCheckIds(v []*string) *Protection { + s.HealthCheckIds = v + return s +} + +// SetId sets the Id field's value. +func (s *Protection) SetId(v string) *Protection { + s.Id = &v + return s +} + +// SetName sets the Name field's value. +func (s *Protection) SetName(v string) *Protection { + s.Name = &v + return s +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *Protection) SetResourceArn(v string) *Protection { + s.ResourceArn = &v + return s +} + +// A grouping of protected resources that you and AWS Shield Advanced can monitor +// as a collective. This resource grouping improves the accuracy of detection +// and reduces false positives. +type ProtectionGroup struct { + _ struct{} `type:"structure"` + + // Defines how AWS Shield combines resource data for the group in order to detect, + // mitigate, and report events. + // + // * Sum - Use the total traffic across the group. This is a good choice + // for most cases. Examples include Elastic IP addresses for EC2 instances + // that scale manually or automatically. + // + // * Mean - Use the average of the traffic across the group. This is a good + // choice for resources that share traffic uniformly. Examples include accelerators + // and load balancers. + // + // * Max - Use the highest traffic from each resource. This is useful for + // resources that don't share traffic and for resources that share that traffic + // in a non-uniform way. Examples include CloudFront distributions and origin + // resources for CloudFront distributions. + // + // Aggregation is a required field + Aggregation *string `type:"string" required:"true" enum:"ProtectionGroupAggregation"` + + // The Amazon Resource Names (ARNs) of the resources to include in the protection + // group. You must set this when you set Pattern to ARBITRARY and you must not + // set it for any other Pattern setting. + // + // Members is a required field + Members []*string `type:"list" required:"true"` + + // The criteria to use to choose the protected resources for inclusion in the + // group. You can include all resources that have protections, provide a list + // of resource Amazon Resource Names (ARNs), or include all resources of a specified + // resource type. + // + // Pattern is a required field + Pattern *string `type:"string" required:"true" enum:"ProtectionGroupPattern"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. + // + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` + + // The resource type to include in the protection group. All protected resources + // of this type are included in the protection group. You must set this when + // you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other + // Pattern setting. + ResourceType *string `type:"string" enum:"ProtectedResourceType"` +} + +// String returns the string representation +func (s ProtectionGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ProtectionGroup) GoString() string { + return s.String() +} + +// SetAggregation sets the Aggregation field's value. +func (s *ProtectionGroup) SetAggregation(v string) *ProtectionGroup { + s.Aggregation = &v + return s } -func (s *NoAssociatedRoleException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// SetMembers sets the Members field's value. +func (s *ProtectionGroup) SetMembers(v []*string) *ProtectionGroup { + s.Members = v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *NoAssociatedRoleException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetPattern sets the Pattern field's value. +func (s *ProtectionGroup) SetPattern(v string) *ProtectionGroup { + s.Pattern = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *NoAssociatedRoleException) RequestID() string { - return s.RespMetadata.RequestID +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *ProtectionGroup) SetProtectionGroupId(v string) *ProtectionGroup { + s.ProtectionGroupId = &v + return s } -// Exception that indicates that the resource state has been modified by another -// client. Retrieve the resource and then retry your request. -type OptimisticLockException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// SetResourceType sets the ResourceType field's value. +func (s *ProtectionGroup) SetResourceType(v string) *ProtectionGroup { + s.ResourceType = &v + return s +} - Message_ *string `locationName:"message" type:"string"` +// Limits settings on protection groups with arbitrary pattern type. +type ProtectionGroupArbitraryPatternLimits struct { + _ struct{} `type:"structure"` + + // The maximum number of resources you can specify for a single arbitrary pattern + // in a protection group. + // + // MaxMembers is a required field + MaxMembers *int64 `type:"long" required:"true"` } // String returns the string representation -func (s OptimisticLockException) String() string { +func (s ProtectionGroupArbitraryPatternLimits) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s OptimisticLockException) GoString() string { +func (s ProtectionGroupArbitraryPatternLimits) GoString() string { return s.String() } -func newErrorOptimisticLockException(v protocol.ResponseMetadata) error { - return &OptimisticLockException{ - RespMetadata: v, - } +// SetMaxMembers sets the MaxMembers field's value. +func (s *ProtectionGroupArbitraryPatternLimits) SetMaxMembers(v int64) *ProtectionGroupArbitraryPatternLimits { + s.MaxMembers = &v + return s } -// Code returns the exception type name. -func (s *OptimisticLockException) Code() string { - return "OptimisticLockException" -} +// Limits settings on protection groups for your subscription. +type ProtectionGroupLimits struct { + _ struct{} `type:"structure"` -// Message returns the exception's message. -func (s *OptimisticLockException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" + // The maximum number of protection groups that you can have at one time. + // + // MaxProtectionGroups is a required field + MaxProtectionGroups *int64 `type:"long" required:"true"` + + // Limits settings by pattern type in the protection groups for your subscription. + // + // PatternTypeLimits is a required field + PatternTypeLimits *ProtectionGroupPatternTypeLimits `type:"structure" required:"true"` } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *OptimisticLockException) OrigErr() error { - return nil +// String returns the string representation +func (s ProtectionGroupLimits) String() string { + return awsutil.Prettify(s) } -func (s *OptimisticLockException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// GoString returns the string representation +func (s ProtectionGroupLimits) GoString() string { + return s.String() } -// Status code returns the HTTP status code for the request's response error. -func (s *OptimisticLockException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetMaxProtectionGroups sets the MaxProtectionGroups field's value. +func (s *ProtectionGroupLimits) SetMaxProtectionGroups(v int64) *ProtectionGroupLimits { + s.MaxProtectionGroups = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *OptimisticLockException) RequestID() string { - return s.RespMetadata.RequestID +// SetPatternTypeLimits sets the PatternTypeLimits field's value. +func (s *ProtectionGroupLimits) SetPatternTypeLimits(v *ProtectionGroupPatternTypeLimits) *ProtectionGroupLimits { + s.PatternTypeLimits = v + return s } -// An object that represents a resource that is under DDoS protection. -type Protection struct { +// Limits settings by pattern type in the protection groups for your subscription. +type ProtectionGroupPatternTypeLimits struct { _ struct{} `type:"structure"` - // The unique identifier (ID) for the Route 53 health check that's associated - // with the protection. - HealthCheckIds []*string `type:"list"` - - // The unique identifier (ID) of the protection. - Id *string `min:"1" type:"string"` - - // The friendly name of the protection. For example, My CloudFront distributions. - Name *string `min:"1" type:"string"` - - // The ARN (Amazon Resource Name) of the AWS resource that is protected. - ResourceArn *string `min:"1" type:"string"` + // Limits settings on protection groups with arbitrary pattern type. + // + // ArbitraryPatternLimits is a required field + ArbitraryPatternLimits *ProtectionGroupArbitraryPatternLimits `type:"structure" required:"true"` } // String returns the string representation -func (s Protection) String() string { +func (s ProtectionGroupPatternTypeLimits) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s Protection) GoString() string { +func (s ProtectionGroupPatternTypeLimits) GoString() string { return s.String() } -// SetHealthCheckIds sets the HealthCheckIds field's value. -func (s *Protection) SetHealthCheckIds(v []*string) *Protection { - s.HealthCheckIds = v +// SetArbitraryPatternLimits sets the ArbitraryPatternLimits field's value. +func (s *ProtectionGroupPatternTypeLimits) SetArbitraryPatternLimits(v *ProtectionGroupArbitraryPatternLimits) *ProtectionGroupPatternTypeLimits { + s.ArbitraryPatternLimits = v return s } -// SetId sets the Id field's value. -func (s *Protection) SetId(v string) *Protection { - s.Id = &v - return s +// Limits settings on protections for your subscription. +type ProtectionLimits struct { + _ struct{} `type:"structure"` + + // The maximum number of resource types that you can specify in a protection. + // + // ProtectedResourceTypeLimits is a required field + ProtectedResourceTypeLimits []*Limit `type:"list" required:"true"` } -// SetName sets the Name field's value. -func (s *Protection) SetName(v string) *Protection { - s.Name = &v - return s +// String returns the string representation +func (s ProtectionLimits) String() string { + return awsutil.Prettify(s) } -// SetResourceArn sets the ResourceArn field's value. -func (s *Protection) SetResourceArn(v string) *Protection { - s.ResourceArn = &v +// GoString returns the string representation +func (s ProtectionLimits) GoString() string { + return s.String() +} + +// SetProtectedResourceTypeLimits sets the ProtectedResourceTypeLimits field's value. +func (s *ProtectionLimits) SetProtectedResourceTypeLimits(v []*Limit) *ProtectionLimits { + s.ProtectedResourceTypeLimits = v return s } -// Exception indicating the specified resource already exists. +// Exception indicating the specified resource already exists. If available, +// this exception includes details in additional properties. type ResourceAlreadyExistsException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` + + // The type of resource that already exists. + ResourceType *string `locationName:"resourceType" type:"string"` } // String returns the string representation @@ -4724,7 +6347,7 @@ func (s *ResourceAlreadyExistsException) OrigErr() error { } func (s *ResourceAlreadyExistsException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. @@ -4737,12 +6360,16 @@ func (s *ResourceAlreadyExistsException) RequestID() string { return s.RespMetadata.RequestID } -// Exception indicating the specified resource does not exist. +// Exception indicating the specified resource does not exist. If available, +// this exception includes details in additional properties. type ResourceNotFoundException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` + + // Type of resource. + ResourceType *string `locationName:"resourceType" type:"string"` } // String returns the string representation @@ -4780,7 +6407,7 @@ func (s *ResourceNotFoundException) OrigErr() error { } func (s *ResourceNotFoundException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. @@ -4878,6 +6505,11 @@ type Subscription struct { // see timestamp (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#parameter-types). StartTime *time.Time `type:"timestamp"` + // Limits settings for your subscription. + // + // SubscriptionLimits is a required field + SubscriptionLimits *SubscriptionLimits `type:"structure" required:"true"` + // The length, in seconds, of the AWS Shield Advanced subscription for the account. TimeCommitmentInSeconds *int64 `type:"long"` } @@ -4922,12 +6554,55 @@ func (s *Subscription) SetStartTime(v time.Time) *Subscription { return s } +// SetSubscriptionLimits sets the SubscriptionLimits field's value. +func (s *Subscription) SetSubscriptionLimits(v *SubscriptionLimits) *Subscription { + s.SubscriptionLimits = v + return s +} + // SetTimeCommitmentInSeconds sets the TimeCommitmentInSeconds field's value. func (s *Subscription) SetTimeCommitmentInSeconds(v int64) *Subscription { s.TimeCommitmentInSeconds = &v return s } +// Limits settings for your subscription. +type SubscriptionLimits struct { + _ struct{} `type:"structure"` + + // Limits settings on protection groups for your subscription. + // + // ProtectionGroupLimits is a required field + ProtectionGroupLimits *ProtectionGroupLimits `type:"structure" required:"true"` + + // Limits settings on protections for your subscription. + // + // ProtectionLimits is a required field + ProtectionLimits *ProtectionLimits `type:"structure" required:"true"` +} + +// String returns the string representation +func (s SubscriptionLimits) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SubscriptionLimits) GoString() string { + return s.String() +} + +// SetProtectionGroupLimits sets the ProtectionGroupLimits field's value. +func (s *SubscriptionLimits) SetProtectionGroupLimits(v *ProtectionGroupLimits) *SubscriptionLimits { + s.ProtectionGroupLimits = v + return s +} + +// SetProtectionLimits sets the ProtectionLimits field's value. +func (s *SubscriptionLimits) SetProtectionLimits(v *ProtectionLimits) *SubscriptionLimits { + s.ProtectionLimits = v + return s +} + // A summary of information about the attack. type SummarizedAttackVector struct { _ struct{} `type:"structure"` @@ -5129,6 +6804,131 @@ func (s UpdateEmergencyContactSettingsOutput) GoString() string { return s.String() } +type UpdateProtectionGroupInput struct { + _ struct{} `type:"structure"` + + // Defines how AWS Shield combines resource data for the group in order to detect, + // mitigate, and report events. + // + // * Sum - Use the total traffic across the group. This is a good choice + // for most cases. Examples include Elastic IP addresses for EC2 instances + // that scale manually or automatically. + // + // * Mean - Use the average of the traffic across the group. This is a good + // choice for resources that share traffic uniformly. Examples include accelerators + // and load balancers. + // + // * Max - Use the highest traffic from each resource. This is useful for + // resources that don't share traffic and for resources that share that traffic + // in a non-uniform way. Examples include CloudFront distributions and origin + // resources for CloudFront distributions. + // + // Aggregation is a required field + Aggregation *string `type:"string" required:"true" enum:"ProtectionGroupAggregation"` + + // The Amazon Resource Names (ARNs) of the resources to include in the protection + // group. You must set this when you set Pattern to ARBITRARY and you must not + // set it for any other Pattern setting. + Members []*string `type:"list"` + + // The criteria to use to choose the protected resources for inclusion in the + // group. You can include all resources that have protections, provide a list + // of resource Amazon Resource Names (ARNs), or include all resources of a specified + // resource type. + // + // Pattern is a required field + Pattern *string `type:"string" required:"true" enum:"ProtectionGroupPattern"` + + // The name of the protection group. You use this to identify the protection + // group in lists and to manage the protection group, for example to update, + // delete, or describe it. + // + // ProtectionGroupId is a required field + ProtectionGroupId *string `min:"1" type:"string" required:"true"` + + // The resource type to include in the protection group. All protected resources + // of this type are included in the protection group. You must set this when + // you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other + // Pattern setting. + ResourceType *string `type:"string" enum:"ProtectedResourceType"` +} + +// String returns the string representation +func (s UpdateProtectionGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateProtectionGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateProtectionGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateProtectionGroupInput"} + if s.Aggregation == nil { + invalidParams.Add(request.NewErrParamRequired("Aggregation")) + } + if s.Pattern == nil { + invalidParams.Add(request.NewErrParamRequired("Pattern")) + } + if s.ProtectionGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("ProtectionGroupId")) + } + if s.ProtectionGroupId != nil && len(*s.ProtectionGroupId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProtectionGroupId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregation sets the Aggregation field's value. +func (s *UpdateProtectionGroupInput) SetAggregation(v string) *UpdateProtectionGroupInput { + s.Aggregation = &v + return s +} + +// SetMembers sets the Members field's value. +func (s *UpdateProtectionGroupInput) SetMembers(v []*string) *UpdateProtectionGroupInput { + s.Members = v + return s +} + +// SetPattern sets the Pattern field's value. +func (s *UpdateProtectionGroupInput) SetPattern(v string) *UpdateProtectionGroupInput { + s.Pattern = &v + return s +} + +// SetProtectionGroupId sets the ProtectionGroupId field's value. +func (s *UpdateProtectionGroupInput) SetProtectionGroupId(v string) *UpdateProtectionGroupInput { + s.ProtectionGroupId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *UpdateProtectionGroupInput) SetResourceType(v string) *UpdateProtectionGroupInput { + s.ResourceType = &v + return s +} + +type UpdateProtectionGroupOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateProtectionGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateProtectionGroupOutput) GoString() string { + return s.String() +} + type UpdateSubscriptionInput struct { _ struct{} `type:"structure"` @@ -5170,6 +6970,44 @@ func (s UpdateSubscriptionOutput) GoString() string { return s.String() } +// Provides information about a particular parameter passed inside a request +// that resulted in an exception. +type ValidationExceptionField struct { + _ struct{} `type:"structure"` + + // The message describing why the parameter failed validation. + // + // Message is a required field + Message *string `locationName:"message" type:"string" required:"true"` + + // The name of the parameter that failed validation. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` +} + +// String returns the string representation +func (s ValidationExceptionField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationExceptionField) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField { + s.Message = &v + return s +} + +// SetName sets the Name field's value. +func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField { + s.Name = &v + return s +} + const ( // AttackLayerNetwork is a AttackLayer enum value AttackLayerNetwork = "NETWORK" @@ -5262,6 +7100,78 @@ func ProactiveEngagementStatus_Values() []string { } } +const ( + // ProtectedResourceTypeCloudfrontDistribution is a ProtectedResourceType enum value + ProtectedResourceTypeCloudfrontDistribution = "CLOUDFRONT_DISTRIBUTION" + + // ProtectedResourceTypeRoute53HostedZone is a ProtectedResourceType enum value + ProtectedResourceTypeRoute53HostedZone = "ROUTE_53_HOSTED_ZONE" + + // ProtectedResourceTypeElasticIpAllocation is a ProtectedResourceType enum value + ProtectedResourceTypeElasticIpAllocation = "ELASTIC_IP_ALLOCATION" + + // ProtectedResourceTypeClassicLoadBalancer is a ProtectedResourceType enum value + ProtectedResourceTypeClassicLoadBalancer = "CLASSIC_LOAD_BALANCER" + + // ProtectedResourceTypeApplicationLoadBalancer is a ProtectedResourceType enum value + ProtectedResourceTypeApplicationLoadBalancer = "APPLICATION_LOAD_BALANCER" + + // ProtectedResourceTypeGlobalAccelerator is a ProtectedResourceType enum value + ProtectedResourceTypeGlobalAccelerator = "GLOBAL_ACCELERATOR" +) + +// ProtectedResourceType_Values returns all elements of the ProtectedResourceType enum +func ProtectedResourceType_Values() []string { + return []string{ + ProtectedResourceTypeCloudfrontDistribution, + ProtectedResourceTypeRoute53HostedZone, + ProtectedResourceTypeElasticIpAllocation, + ProtectedResourceTypeClassicLoadBalancer, + ProtectedResourceTypeApplicationLoadBalancer, + ProtectedResourceTypeGlobalAccelerator, + } +} + +const ( + // ProtectionGroupAggregationSum is a ProtectionGroupAggregation enum value + ProtectionGroupAggregationSum = "SUM" + + // ProtectionGroupAggregationMean is a ProtectionGroupAggregation enum value + ProtectionGroupAggregationMean = "MEAN" + + // ProtectionGroupAggregationMax is a ProtectionGroupAggregation enum value + ProtectionGroupAggregationMax = "MAX" +) + +// ProtectionGroupAggregation_Values returns all elements of the ProtectionGroupAggregation enum +func ProtectionGroupAggregation_Values() []string { + return []string{ + ProtectionGroupAggregationSum, + ProtectionGroupAggregationMean, + ProtectionGroupAggregationMax, + } +} + +const ( + // ProtectionGroupPatternAll is a ProtectionGroupPattern enum value + ProtectionGroupPatternAll = "ALL" + + // ProtectionGroupPatternArbitrary is a ProtectionGroupPattern enum value + ProtectionGroupPatternArbitrary = "ARBITRARY" + + // ProtectionGroupPatternByResourceType is a ProtectionGroupPattern enum value + ProtectionGroupPatternByResourceType = "BY_RESOURCE_TYPE" +) + +// ProtectionGroupPattern_Values returns all elements of the ProtectionGroupPattern enum +func ProtectionGroupPattern_Values() []string { + return []string{ + ProtectionGroupPatternAll, + ProtectionGroupPatternArbitrary, + ProtectionGroupPatternByResourceType, + } +} + const ( // SubResourceTypeIp is a SubResourceType enum value SubResourceTypeIp = "IP" @@ -5317,3 +7227,19 @@ func Unit_Values() []string { UnitRequests, } } + +const ( + // ValidationExceptionReasonFieldValidationFailed is a ValidationExceptionReason enum value + ValidationExceptionReasonFieldValidationFailed = "FIELD_VALIDATION_FAILED" + + // ValidationExceptionReasonOther is a ValidationExceptionReason enum value + ValidationExceptionReasonOther = "OTHER" +) + +// ValidationExceptionReason_Values returns all elements of the ValidationExceptionReason enum +func ValidationExceptionReason_Values() []string { + return []string{ + ValidationExceptionReasonFieldValidationFailed, + ValidationExceptionReasonOther, + } +} diff --git a/service/shield/errors.go b/service/shield/errors.go index c30b5cc6a7a..a76027a1264 100644 --- a/service/shield/errors.go +++ b/service/shield/errors.go @@ -49,6 +49,7 @@ const ( // "InvalidParameterException". // // Exception that indicates that the parameters passed to the API are invalid. + // If available, this exception includes details in additional properties. ErrCodeInvalidParameterException = "InvalidParameterException" // ErrCodeInvalidResourceException for service response error code @@ -93,13 +94,15 @@ const ( // ErrCodeResourceAlreadyExistsException for service response error code // "ResourceAlreadyExistsException". // - // Exception indicating the specified resource already exists. + // Exception indicating the specified resource already exists. If available, + // this exception includes details in additional properties. ErrCodeResourceAlreadyExistsException = "ResourceAlreadyExistsException" // ErrCodeResourceNotFoundException for service response error code // "ResourceNotFoundException". // - // Exception indicating the specified resource does not exist. + // Exception indicating the specified resource does not exist. If available, + // this exception includes details in additional properties. ErrCodeResourceNotFoundException = "ResourceNotFoundException" ) diff --git a/service/shield/shieldiface/interface.go b/service/shield/shieldiface/interface.go index 371e0431417..3356fc59752 100644 --- a/service/shield/shieldiface/interface.go +++ b/service/shield/shieldiface/interface.go @@ -80,6 +80,10 @@ type ShieldAPI interface { CreateProtectionWithContext(aws.Context, *shield.CreateProtectionInput, ...request.Option) (*shield.CreateProtectionOutput, error) CreateProtectionRequest(*shield.CreateProtectionInput) (*request.Request, *shield.CreateProtectionOutput) + CreateProtectionGroup(*shield.CreateProtectionGroupInput) (*shield.CreateProtectionGroupOutput, error) + CreateProtectionGroupWithContext(aws.Context, *shield.CreateProtectionGroupInput, ...request.Option) (*shield.CreateProtectionGroupOutput, error) + CreateProtectionGroupRequest(*shield.CreateProtectionGroupInput) (*request.Request, *shield.CreateProtectionGroupOutput) + CreateSubscription(*shield.CreateSubscriptionInput) (*shield.CreateSubscriptionOutput, error) CreateSubscriptionWithContext(aws.Context, *shield.CreateSubscriptionInput, ...request.Option) (*shield.CreateSubscriptionOutput, error) CreateSubscriptionRequest(*shield.CreateSubscriptionInput) (*request.Request, *shield.CreateSubscriptionOutput) @@ -88,6 +92,10 @@ type ShieldAPI interface { DeleteProtectionWithContext(aws.Context, *shield.DeleteProtectionInput, ...request.Option) (*shield.DeleteProtectionOutput, error) DeleteProtectionRequest(*shield.DeleteProtectionInput) (*request.Request, *shield.DeleteProtectionOutput) + DeleteProtectionGroup(*shield.DeleteProtectionGroupInput) (*shield.DeleteProtectionGroupOutput, error) + DeleteProtectionGroupWithContext(aws.Context, *shield.DeleteProtectionGroupInput, ...request.Option) (*shield.DeleteProtectionGroupOutput, error) + DeleteProtectionGroupRequest(*shield.DeleteProtectionGroupInput) (*request.Request, *shield.DeleteProtectionGroupOutput) + DeleteSubscription(*shield.DeleteSubscriptionInput) (*shield.DeleteSubscriptionOutput, error) DeleteSubscriptionWithContext(aws.Context, *shield.DeleteSubscriptionInput, ...request.Option) (*shield.DeleteSubscriptionOutput, error) DeleteSubscriptionRequest(*shield.DeleteSubscriptionInput) (*request.Request, *shield.DeleteSubscriptionOutput) @@ -96,6 +104,10 @@ type ShieldAPI interface { DescribeAttackWithContext(aws.Context, *shield.DescribeAttackInput, ...request.Option) (*shield.DescribeAttackOutput, error) DescribeAttackRequest(*shield.DescribeAttackInput) (*request.Request, *shield.DescribeAttackOutput) + DescribeAttackStatistics(*shield.DescribeAttackStatisticsInput) (*shield.DescribeAttackStatisticsOutput, error) + DescribeAttackStatisticsWithContext(aws.Context, *shield.DescribeAttackStatisticsInput, ...request.Option) (*shield.DescribeAttackStatisticsOutput, error) + DescribeAttackStatisticsRequest(*shield.DescribeAttackStatisticsInput) (*request.Request, *shield.DescribeAttackStatisticsOutput) + DescribeDRTAccess(*shield.DescribeDRTAccessInput) (*shield.DescribeDRTAccessOutput, error) DescribeDRTAccessWithContext(aws.Context, *shield.DescribeDRTAccessInput, ...request.Option) (*shield.DescribeDRTAccessOutput, error) DescribeDRTAccessRequest(*shield.DescribeDRTAccessInput) (*request.Request, *shield.DescribeDRTAccessOutput) @@ -108,6 +120,10 @@ type ShieldAPI interface { DescribeProtectionWithContext(aws.Context, *shield.DescribeProtectionInput, ...request.Option) (*shield.DescribeProtectionOutput, error) DescribeProtectionRequest(*shield.DescribeProtectionInput) (*request.Request, *shield.DescribeProtectionOutput) + DescribeProtectionGroup(*shield.DescribeProtectionGroupInput) (*shield.DescribeProtectionGroupOutput, error) + DescribeProtectionGroupWithContext(aws.Context, *shield.DescribeProtectionGroupInput, ...request.Option) (*shield.DescribeProtectionGroupOutput, error) + DescribeProtectionGroupRequest(*shield.DescribeProtectionGroupInput) (*request.Request, *shield.DescribeProtectionGroupOutput) + DescribeSubscription(*shield.DescribeSubscriptionInput) (*shield.DescribeSubscriptionOutput, error) DescribeSubscriptionWithContext(aws.Context, *shield.DescribeSubscriptionInput, ...request.Option) (*shield.DescribeSubscriptionOutput, error) DescribeSubscriptionRequest(*shield.DescribeSubscriptionInput) (*request.Request, *shield.DescribeSubscriptionOutput) @@ -143,6 +159,13 @@ type ShieldAPI interface { ListAttacksPages(*shield.ListAttacksInput, func(*shield.ListAttacksOutput, bool) bool) error ListAttacksPagesWithContext(aws.Context, *shield.ListAttacksInput, func(*shield.ListAttacksOutput, bool) bool, ...request.Option) error + ListProtectionGroups(*shield.ListProtectionGroupsInput) (*shield.ListProtectionGroupsOutput, error) + ListProtectionGroupsWithContext(aws.Context, *shield.ListProtectionGroupsInput, ...request.Option) (*shield.ListProtectionGroupsOutput, error) + ListProtectionGroupsRequest(*shield.ListProtectionGroupsInput) (*request.Request, *shield.ListProtectionGroupsOutput) + + ListProtectionGroupsPages(*shield.ListProtectionGroupsInput, func(*shield.ListProtectionGroupsOutput, bool) bool) error + ListProtectionGroupsPagesWithContext(aws.Context, *shield.ListProtectionGroupsInput, func(*shield.ListProtectionGroupsOutput, bool) bool, ...request.Option) error + ListProtections(*shield.ListProtectionsInput) (*shield.ListProtectionsOutput, error) ListProtectionsWithContext(aws.Context, *shield.ListProtectionsInput, ...request.Option) (*shield.ListProtectionsOutput, error) ListProtectionsRequest(*shield.ListProtectionsInput) (*request.Request, *shield.ListProtectionsOutput) @@ -150,10 +173,21 @@ type ShieldAPI interface { ListProtectionsPages(*shield.ListProtectionsInput, func(*shield.ListProtectionsOutput, bool) bool) error ListProtectionsPagesWithContext(aws.Context, *shield.ListProtectionsInput, func(*shield.ListProtectionsOutput, bool) bool, ...request.Option) error + ListResourcesInProtectionGroup(*shield.ListResourcesInProtectionGroupInput) (*shield.ListResourcesInProtectionGroupOutput, error) + ListResourcesInProtectionGroupWithContext(aws.Context, *shield.ListResourcesInProtectionGroupInput, ...request.Option) (*shield.ListResourcesInProtectionGroupOutput, error) + ListResourcesInProtectionGroupRequest(*shield.ListResourcesInProtectionGroupInput) (*request.Request, *shield.ListResourcesInProtectionGroupOutput) + + ListResourcesInProtectionGroupPages(*shield.ListResourcesInProtectionGroupInput, func(*shield.ListResourcesInProtectionGroupOutput, bool) bool) error + ListResourcesInProtectionGroupPagesWithContext(aws.Context, *shield.ListResourcesInProtectionGroupInput, func(*shield.ListResourcesInProtectionGroupOutput, bool) bool, ...request.Option) error + UpdateEmergencyContactSettings(*shield.UpdateEmergencyContactSettingsInput) (*shield.UpdateEmergencyContactSettingsOutput, error) UpdateEmergencyContactSettingsWithContext(aws.Context, *shield.UpdateEmergencyContactSettingsInput, ...request.Option) (*shield.UpdateEmergencyContactSettingsOutput, error) UpdateEmergencyContactSettingsRequest(*shield.UpdateEmergencyContactSettingsInput) (*request.Request, *shield.UpdateEmergencyContactSettingsOutput) + UpdateProtectionGroup(*shield.UpdateProtectionGroupInput) (*shield.UpdateProtectionGroupOutput, error) + UpdateProtectionGroupWithContext(aws.Context, *shield.UpdateProtectionGroupInput, ...request.Option) (*shield.UpdateProtectionGroupOutput, error) + UpdateProtectionGroupRequest(*shield.UpdateProtectionGroupInput) (*request.Request, *shield.UpdateProtectionGroupOutput) + UpdateSubscription(*shield.UpdateSubscriptionInput) (*shield.UpdateSubscriptionOutput, error) UpdateSubscriptionWithContext(aws.Context, *shield.UpdateSubscriptionInput, ...request.Option) (*shield.UpdateSubscriptionOutput, error) UpdateSubscriptionRequest(*shield.UpdateSubscriptionInput) (*request.Request, *shield.UpdateSubscriptionOutput) diff --git a/service/textract/api.go b/service/textract/api.go index c15922c1a9a..a96f5110e3d 100644 --- a/service/textract/api.go +++ b/service/textract/api.go @@ -113,7 +113,7 @@ func (c *Textract) AnalyzeDocumentRequest(input *AnalyzeDocumentInput) (req *req // // * DocumentTooLargeException // The document can't be processed because it's too large. The maximum document -// size for synchronous operations 5 MB. The maximum document size for asynchronous +// size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. // // * BadDocumentException @@ -246,7 +246,7 @@ func (c *Textract) DetectDocumentTextRequest(input *DetectDocumentTextInput) (re // // * DocumentTooLargeException // The document can't be processed because it's too large. The maximum document -// size for synchronous operations 5 MB. The maximum document size for asynchronous +// size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. // // * BadDocumentException @@ -647,6 +647,10 @@ func (c *Textract) StartDocumentAnalysisRequest(input *StartDocumentAnalysisInpu // request. for more information, Configure Access to Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) // For troubleshooting information, see Troubleshooting Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/troubleshooting.html) // +// * InvalidKMSKeyException +// Indicates you do not have decrypt permissions with the KMS key entered, or +// the KMS key was entered incorrectly. +// // * UnsupportedDocumentException // The format of the input document isn't supported. Documents for synchronous // operations can be in PNG or JPEG format. Documents for asynchronous operations @@ -654,7 +658,7 @@ func (c *Textract) StartDocumentAnalysisRequest(input *StartDocumentAnalysisInpu // // * DocumentTooLargeException // The document can't be processed because it's too large. The maximum document -// size for synchronous operations 5 MB. The maximum document size for asynchronous +// size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. // // * BadDocumentException @@ -790,6 +794,10 @@ func (c *Textract) StartDocumentTextDetectionRequest(input *StartDocumentTextDet // request. for more information, Configure Access to Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) // For troubleshooting information, see Troubleshooting Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/troubleshooting.html) // +// * InvalidKMSKeyException +// Indicates you do not have decrypt permissions with the KMS key entered, or +// the KMS key was entered incorrectly. +// // * UnsupportedDocumentException // The format of the input document isn't supported. Documents for synchronous // operations can be in PNG or JPEG format. Documents for asynchronous operations @@ -797,7 +805,7 @@ func (c *Textract) StartDocumentTextDetectionRequest(input *StartDocumentTextDet // // * DocumentTooLargeException // The document can't be processed because it's too large. The maximum document -// size for synchronous operations 5 MB. The maximum document size for asynchronous +// size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. // // * BadDocumentException @@ -1218,6 +1226,10 @@ type Block struct { // The word or line of text that's recognized by Amazon Textract. Text *string `type:"string"` + + // The kind of text that Amazon Textract has detected. Can check for handwritten + // text and printed text. + TextType *string `type:"string" enum:"TextType"` } // String returns the string representation @@ -1308,6 +1320,12 @@ func (s *Block) SetText(v string) *Block { return s } +// SetTextType sets the TextType field's value. +func (s *Block) SetTextType(v string) *Block { + s.TextType = &v + return s +} + // The bounding box around the detected page, text, key-value pair, table, table // cell, or selection element on a document page. The left (x-coordinate) and // top (y-coordinate) are coordinates that represent the top and left sides @@ -1612,7 +1630,7 @@ func (s *DocumentMetadata) SetPages(v int64) *DocumentMetadata { } // The document can't be processed because it's too large. The maximum document -// size for synchronous operations 5 MB. The maximum document size for asynchronous +// size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. type DocumentTooLargeException struct { _ struct{} `type:"structure"` @@ -2382,6 +2400,63 @@ func (s *InvalidJobIdException) RequestID() string { return s.RespMetadata.RequestID } +// Indicates you do not have decrypt permissions with the KMS key entered, or +// the KMS key was entered incorrectly. +type InvalidKMSKeyException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidKMSKeyException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidKMSKeyException) GoString() string { + return s.String() +} + +func newErrorInvalidKMSKeyException(v protocol.ResponseMetadata) error { + return &InvalidKMSKeyException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidKMSKeyException) Code() string { + return "InvalidKMSKeyException" +} + +// Message returns the exception's message. +func (s *InvalidKMSKeyException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidKMSKeyException) OrigErr() error { + return nil +} + +func (s *InvalidKMSKeyException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidKMSKeyException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidKMSKeyException) RequestID() string { + return s.RespMetadata.RequestID +} + // An input parameter violated a constraint. For example, in synchronous operations, // an InvalidParameterException exception occurs when neither of the S3Object // or Bytes values are supplied in the Document request parameter. Validate @@ -2918,6 +2993,13 @@ type StartDocumentAnalysisInput struct { // as a tax form or a receipt). JobTag *string `min:"1" type:"string"` + // The KMS key used to encrypt the inference results. This can be in either + // Key ID or Key Alias format. When a KMS key is provided, the KMS key will + // be used for server-side encryption of the objects in the customer bucket. + // When this parameter is not enabled, the result will be encrypted server side,using + // SSE-S3. + KMSKeyId *string `min:"1" type:"string"` + // The Amazon SNS topic ARN that you want Amazon Textract to publish the completion // status of the operation to. NotificationChannel *NotificationChannel `type:"structure"` @@ -2953,6 +3035,9 @@ func (s *StartDocumentAnalysisInput) Validate() error { if s.JobTag != nil && len(*s.JobTag) < 1 { invalidParams.Add(request.NewErrParamMinLen("JobTag", 1)) } + if s.KMSKeyId != nil && len(*s.KMSKeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KMSKeyId", 1)) + } if s.DocumentLocation != nil { if err := s.DocumentLocation.Validate(); err != nil { invalidParams.AddNested("DocumentLocation", err.(request.ErrInvalidParams)) @@ -2999,6 +3084,12 @@ func (s *StartDocumentAnalysisInput) SetJobTag(v string) *StartDocumentAnalysisI return s } +// SetKMSKeyId sets the KMSKeyId field's value. +func (s *StartDocumentAnalysisInput) SetKMSKeyId(v string) *StartDocumentAnalysisInput { + s.KMSKeyId = &v + return s +} + // SetNotificationChannel sets the NotificationChannel field's value. func (s *StartDocumentAnalysisInput) SetNotificationChannel(v *NotificationChannel) *StartDocumentAnalysisInput { s.NotificationChannel = v @@ -3057,6 +3148,13 @@ type StartDocumentTextDetectionInput struct { // as a tax form or a receipt). JobTag *string `min:"1" type:"string"` + // The KMS key used to encrypt the inference results. This can be in either + // Key ID or Key Alias format. When a KMS key is provided, the KMS key will + // be used for server-side encryption of the objects in the customer bucket. + // When this parameter is not enabled, the result will be encrypted server side,using + // SSE-S3. + KMSKeyId *string `min:"1" type:"string"` + // The Amazon SNS topic ARN that you want Amazon Textract to publish the completion // status of the operation to. NotificationChannel *NotificationChannel `type:"structure"` @@ -3089,6 +3187,9 @@ func (s *StartDocumentTextDetectionInput) Validate() error { if s.JobTag != nil && len(*s.JobTag) < 1 { invalidParams.Add(request.NewErrParamMinLen("JobTag", 1)) } + if s.KMSKeyId != nil && len(*s.KMSKeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KMSKeyId", 1)) + } if s.DocumentLocation != nil { if err := s.DocumentLocation.Validate(); err != nil { invalidParams.AddNested("DocumentLocation", err.(request.ErrInvalidParams)) @@ -3129,6 +3230,12 @@ func (s *StartDocumentTextDetectionInput) SetJobTag(v string) *StartDocumentText return s } +// SetKMSKeyId sets the KMSKeyId field's value. +func (s *StartDocumentTextDetectionInput) SetKMSKeyId(v string) *StartDocumentTextDetectionInput { + s.KMSKeyId = &v + return s +} + // SetNotificationChannel sets the NotificationChannel field's value. func (s *StartDocumentTextDetectionInput) SetNotificationChannel(v *NotificationChannel) *StartDocumentTextDetectionInput { s.NotificationChannel = v @@ -3458,3 +3565,19 @@ func SelectionStatus_Values() []string { SelectionStatusNotSelected, } } + +const ( + // TextTypeHandwriting is a TextType enum value + TextTypeHandwriting = "HANDWRITING" + + // TextTypePrinted is a TextType enum value + TextTypePrinted = "PRINTED" +) + +// TextType_Values returns all elements of the TextType enum +func TextType_Values() []string { + return []string{ + TextTypeHandwriting, + TextTypePrinted, + } +} diff --git a/service/textract/errors.go b/service/textract/errors.go index ea36b6a8a95..cab57ba0da4 100644 --- a/service/textract/errors.go +++ b/service/textract/errors.go @@ -26,7 +26,7 @@ const ( // "DocumentTooLargeException". // // The document can't be processed because it's too large. The maximum document - // size for synchronous operations 5 MB. The maximum document size for asynchronous + // size for synchronous operations 10 MB. The maximum document size for asynchronous // operations is 500 MB for PDF files. ErrCodeDocumentTooLargeException = "DocumentTooLargeException" @@ -57,6 +57,13 @@ const ( // An invalid job identifier was passed to GetDocumentAnalysis or to GetDocumentAnalysis. ErrCodeInvalidJobIdException = "InvalidJobIdException" + // ErrCodeInvalidKMSKeyException for service response error code + // "InvalidKMSKeyException". + // + // Indicates you do not have decrypt permissions with the KMS key entered, or + // the KMS key was entered incorrectly. + ErrCodeInvalidKMSKeyException = "InvalidKMSKeyException" + // ErrCodeInvalidParameterException for service response error code // "InvalidParameterException". // @@ -115,6 +122,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "IdempotentParameterMismatchException": newErrorIdempotentParameterMismatchException, "InternalServerError": newErrorInternalServerError, "InvalidJobIdException": newErrorInvalidJobIdException, + "InvalidKMSKeyException": newErrorInvalidKMSKeyException, "InvalidParameterException": newErrorInvalidParameterException, "InvalidS3ObjectException": newErrorInvalidS3ObjectException, "LimitExceededException": newErrorLimitExceededException,