Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as POI layer for the VectorEsriNavigation style. Default is unset.
Not all map resources or styles support custom layers. See Custom Layers for more information.
Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as POI layer for the VectorEsriNavigation style. Default is unset.
Not all map resources or styles support custom layers. See Custom Layers for more information.
Specifies the data storage option chosen for requesting Places.
When using Amazon Location Places:
If using HERE Technologies as a data provider, you can't store results for locations in Japan by setting IntendedUse to Storage. parameter.
Under the MobileAssetTracking or MobilAssetManagement pricing plan, you can't store results from your place index resources by setting IntendedUse to Storage. This returns a validation exception error.
For more information, see the AWS Service Terms for Amazon Location Service.
Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs.
An anomaly detector can help surface issues by automatically discovering anomalies in your log event traffic. An anomaly detector uses machine learning algorithms to scan log events and find patterns. A pattern is a shared text structure that recurs among your log fields. Patterns provide a useful tool for analyzing large sets of logs because a large number of log events can often be compressed into a few patterns.
The anomaly detector uses pattern recognition to find anomalies, which are unusual log events. It uses the evaluationFrequency to compare current log events and patterns with trained baselines.
Fields within a pattern are called tokens. Fields that vary within a pattern, such as a request ID or timestamp, are referred to as dynamic tokens and represented by <*>.
The following is an example of a pattern:
[INFO] Request time: <*> ms
This pattern represents log events like [INFO] Request time: 327 ms and other similar log events that differ only by the number, in this csse 327. When the pattern is displayed, the different numbers are replaced by <*>
Any parts of log events that are masked as sensitive data are not scanned for anomalies. For more information about masking sensitive data, see Help protect sensitive log data with masking.
Creates a log group with the specified name. You can create up to 1,000,000 log groups per Region per account.
You must use the following guidelines when naming a log group:
Log group names must be unique within a Region for an Amazon Web Services account.
Log group names can be between 1 and 512 characters long.
Log group names consist of the following characters: a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), '.' (period), and '#' (number sign)
When you create a log group, by default the log events in the log group do not expire. To set a retention policy so that events expire and are deleted after a specified time, use PutRetentionPolicy.
If you associate an KMS key with the log group, ingested data is encrypted using the KMS key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs. This enables CloudWatch Logs to decrypt this data whenever it is requested.
If you attempt to associate a KMS key with the log group but the KMS key does not exist or the KMS key is disabled, you receive an InvalidParameterException error.
CloudWatch Logs supports only symmetric KMS keys. Do not associate an asymmetric KMS key with your log group. For more information, see Using Symmetric and Asymmetric Keys.
Creates a log stream for the specified log group. A log stream is a sequence of log events that originate from a single source, such as an application instance or a resource that is being monitored.
There is no limit on the number of log streams that you can create for a log group. There is a limit of 50 TPS on CreateLogStream operations, after which transactions are throttled.
You must use the following guidelines when naming a log stream:
Log stream names must be unique within the log group.
Log stream names can be between 1 and 512 characters long.
Don't use ':' (colon) or '*' (asterisk) characters.
Deletes a CloudWatch Logs account policy.
To use this operation, you must be signed on with the logs:DeleteDataProtectionPolicy and logs:DeleteAccountPolicy permissions.
Deletes a CloudWatch Logs account policy. This stops the policy from applying to all log groups or a subset of log groups in the account. Log-group level policies will still be in effect.
To use this operation, you must be signed on with the correct permissions depending on the type of policy that you are deleting.
To delete a data protection policy, you must have the logs:DeleteDataProtectionPolicy and logs:DeleteAccountPolicy permissions.
To delete a subscription filter policy, you must have the logs:DeleteSubscriptionFilter and logs:DeleteAccountPolicy permissions.
Deletes the data protection policy from the specified log group.
For more information about data protection policies, see PutDataProtectionPolicy.
", "DeleteDelivery": "Deletes s delivery. A delivery is a connection between a logical delivery source and a logical delivery destination. Deleting a delivery only deletes the connection between the delivery source and delivery destination. It does not delete the delivery destination or the delivery source.
", "DeleteDeliveryDestination": "Deletes a delivery destination. A delivery is a connection between a logical delivery source and a logical delivery destination.
You can't delete a delivery destination if any current deliveries are associated with it. To find whether any deliveries are associated with this delivery destination, use the DescribeDeliveries operation and check the deliveryDestinationArn field in the results.
Retrieves a list of the log anomaly detectors in the account.
", "ListTagsForResource": "Displays the tags associated with a CloudWatch Logs resource. Currently, log groups and destinations support tagging.
", "ListTagsLogGroup": "The ListTagsLogGroup operation is on the path to deprecation. We recommend that you use ListTagsForResource instead.
Lists the tags for the specified log group.
", - "PutAccountPolicy": "Creates an account-level data protection policy that applies to all log groups in the account. A data protection policy can help safeguard sensitive data that's ingested by your log groups by auditing and masking the sensitive log data. Each account can have only one account-level policy.
Sensitive data is detected and masked when it is ingested into a log group. When you set a data protection policy, log events ingested into the log groups before that time are not masked.
If you use PutAccountPolicy to create a data protection policy for your whole account, it applies to both existing log groups and all log groups that are created later in this account. The account policy is applied to existing log groups with eventual consistency. It might take up to 5 minutes before sensitive data in existing log groups begins to be masked.
By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks. A user who has the logs:Unmask permission can use a GetLogEvents or FilterLogEvents operation with the unmask parameter set to true to view the unmasked log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs console by running a CloudWatch Logs Insights query with the unmask query command.
For more information, including a list of types of data that can be audited and masked, see Protect sensitive log data with masking.
To use the PutAccountPolicy operation, you must be signed on with the logs:PutDataProtectionPolicy and logs:PutAccountPolicy permissions.
The PutAccountPolicy operation applies to all log groups in the account. You can also use PutDataProtectionPolicy to create a data protection policy that applies to just one log group. If a log group has its own data protection policy and the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term specified in either policy is masked.
Creates an account-level data protection policy or subscription filter policy that applies to all log groups or a subset of log groups in the account.
Data protection policy
A data protection policy can help safeguard sensitive data that's ingested by your log groups by auditing and masking the sensitive log data. Each account can have only one account-level data protection policy.
Sensitive data is detected and masked when it is ingested into a log group. When you set a data protection policy, log events ingested into the log groups before that time are not masked.
If you use PutAccountPolicy to create a data protection policy for your whole account, it applies to both existing log groups and all log groups that are created later in this account. The account-level policy is applied to existing log groups with eventual consistency. It might take up to 5 minutes before sensitive data in existing log groups begins to be masked.
By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks. A user who has the logs:Unmask permission can use a GetLogEvents or FilterLogEvents operation with the unmask parameter set to true to view the unmasked log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs console by running a CloudWatch Logs Insights query with the unmask query command.
For more information, including a list of types of data that can be audited and masked, see Protect sensitive log data with masking.
To use the PutAccountPolicy operation for a data protection policy, you must be signed on with the logs:PutDataProtectionPolicy and logs:PutAccountPolicy permissions.
The PutAccountPolicy operation applies to all log groups in the account. You can use PutDataProtectionPolicy to create a data protection policy that applies to just one log group. If a log group has its own data protection policy and the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term specified in either policy is masked.
Subscription filter policy
A subscription filter policy sets up a real-time feed of log events from CloudWatch Logs to other Amazon Web Services services. Account-level subscription filter policies apply to both existing log groups and log groups that are created later in this account. Supported destinations are Kinesis Data Streams, Kinesis Data Firehose, and Lambda. When log events are sent to the receiving service, they are Base64 encoded and compressed with the GZIP format.
The following destinations are supported for subscription filters:
An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.
An Kinesis Data Firehose data stream in the same account as the subscription policy, for same-account delivery.
A Lambda function in the same account as the subscription policy, for same-account delivery.
A logical destination in a different account created with PutDestination, for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose are supported as logical destinations.
Each account can have one account-level subscription filter policy. If you are updating an existing filter, you must specify the correct name in PolicyName. To perform a PutAccountPolicy subscription filter operation for any destination except a Lambda function, you must also have the iam:PassRole permission.
Creates a data protection policy for the specified log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data.
Sensitive data is detected and masked when it is ingested into the log group. When you set a data protection policy, log events ingested into the log group before that time are not masked.
By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks. A user who has the logs:Unmask permission can use a GetLogEvents or FilterLogEvents operation with the unmask parameter set to true to view the unmasked log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs console by running a CloudWatch Logs Insights query with the unmask query command.
For more information, including a list of types of data that can be audited and masked, see Protect sensitive log data with masking.
The PutDataProtectionPolicy operation applies to only the specified log group. You can also use PutAccountPolicy to create an account-level data protection policy that applies to all log groups in the account, including both existing log groups and log groups that are created level. If a log group has its own data protection policy and the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term specified in either policy is masked.
Creates or updates a logical delivery destination. A delivery destination is an Amazon Web Services resource that represents an Amazon Web Services service that logs can be sent to. CloudWatch Logs, Amazon S3, and Kinesis Data Firehose are supported as logs delivery destinations.
To configure logs delivery between a supported Amazon Web Services service and a destination, you must do the following:
Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see PutDeliverySource.
Use PutDeliveryDestination to create a delivery destination, which is a logical object that represents the actual delivery destination.
If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
Use CreateDelivery to create a delivery by pairing exactly one delivery source and one delivery destination. For more information, see CreateDelivery.
You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
Only some Amazon Web Services services support being configured as a delivery source. These services are listed as Supported [V2 Permissions] in the table at Enabling logging from Amazon Web Services services.
If you use this operation to update an existing delivery destination, all the current delivery destination parameters are overwritten with the new parameter values that you specify.
", "PutDeliveryDestinationPolicy": "Creates and assigns an IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. To configure the delivery of logs from an Amazon Web Services service in another account to a logs delivery destination in the current account, you must do the following:
Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see PutDeliverySource.
Create a delivery destination, which is a logical object that represents the actual delivery destination. For more information, see PutDeliveryDestination.
Use this operation in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
Create a delivery by pairing exactly one delivery source and one delivery destination. For more information, see CreateDelivery.
Only some Amazon Web Services services support being configured as a delivery source. These services are listed as Supported [V2 Permissions] in the table at Enabling logging from Amazon Web Services services.
The contents of the policy must include two statements. One statement enables general logs delivery, and the other allows delivery to the chosen destination. See the examples for the needed policies.
", @@ -66,7 +66,7 @@ "PutResourcePolicy": "Creates or updates a resource policy allowing other Amazon Web Services services to put log events to this account, such as Amazon Route 53. An account can have up to 10 resource policies per Amazon Web Services Region.
", "PutRetentionPolicy": "Sets the retention of the specified log group. With a retention policy, you can configure the number of days for which to retain log events in the specified log group.
CloudWatch Logs doesn’t immediately delete log events when they reach their retention setting. It typically takes up to 72 hours after that before log events are deleted, but in rare situations might take longer.
To illustrate, imagine that you change a log group to have a longer retention setting when it contains log events that are past the expiration date, but haven’t been deleted. Those log events will take up to 72 hours to be deleted after the new retention date is reached. To make sure that log data is deleted permanently, keep a log group at its lower retention setting until 72 hours after the previous retention period ends. Alternatively, wait to change the retention setting until you confirm that the earlier log events are deleted.
When log events reach their retention setting they are marked for deletion. After they are marked for deletion, they do not add to your archival storage costs anymore, even if they are not actually deleted until later. These log events marked for deletion are also not included when you use an API to retrieve the storedBytes value to see how many bytes a log group is storing.
Creates or updates a subscription filter and associates it with the specified log group. With subscription filters, you can subscribe to a real-time stream of log events ingested through PutLogEvents and have them delivered to a specific destination. When log events are sent to the receiving service, they are Base64 encoded and compressed with the GZIP format.
The following destinations are supported for subscription filters:
An Amazon Kinesis data stream belonging to the same account as the subscription filter, for same-account delivery.
A logical destination created with PutDestination that belongs to a different account, for cross-account delivery. We currently support Kinesis Data Streams and Kinesis Data Firehose as logical destinations.
An Amazon Kinesis Data Firehose delivery stream that belongs to the same account as the subscription filter, for same-account delivery.
An Lambda function that belongs to the same account as the subscription filter, for same-account delivery.
Each log group can have up to two subscription filters associated with it. If you are updating an existing filter, you must specify the correct name in filterName.
To perform a PutSubscriptionFilter operation for any destination except a Lambda function, you must also have the iam:PassRole permission.
Starts a Live Tail streaming session for one or more log groups. A Live Tail session returns a stream of log events that have been recently ingested in the log groups. For more information, see Use Live Tail to view logs in near real time.
The response to this operation is a response stream, over which the server sends live log events and the client receives them.
The following objects are sent over the stream:
A single LiveTailSessionStart object is sent at the start of the session.
Every second, a LiveTailSessionUpdate object is sent. Each of these objects contains an array of the actual log events.
If no new log events were ingested in the past second, the LiveTailSessionUpdate object will contain an empty array.
The array of log events contained in a LiveTailSessionUpdate can include as many as 500 log events. If the number of log events matching the request exceeds 500 per second, the log events are sampled down to 500 log events to be included in each LiveTailSessionUpdate object.
If your client consumes the log events slower than the server produces them, CloudWatch Logs buffers up to 10 LiveTailSessionUpdate events or 5000 log events, after which it starts dropping the oldest events.
A SessionStreamingException object is returned if an unknown error occurs on the server side.
A SessionTimeoutException object is returned when the session times out, after it has been kept open for three hours.
You can end a session before it times out by closing the session stream or by closing the client that is receiving the stream. The session also ends if the established connection between the client and the server breaks.
Starts a Live Tail streaming session for one or more log groups. A Live Tail session returns a stream of log events that have been recently ingested in the log groups. For more information, see Use Live Tail to view logs in near real time.
The response to this operation is a response stream, over which the server sends live log events and the client receives them.
The following objects are sent over the stream:
A single LiveTailSessionStart object is sent at the start of the session.
Every second, a LiveTailSessionUpdate object is sent. Each of these objects contains an array of the actual log events.
If no new log events were ingested in the past second, the LiveTailSessionUpdate object will contain an empty array.
The array of log events contained in a LiveTailSessionUpdate can include as many as 500 log events. If the number of log events matching the request exceeds 500 per second, the log events are sampled down to 500 log events to be included in each LiveTailSessionUpdate object.
If your client consumes the log events slower than the server produces them, CloudWatch Logs buffers up to 10 LiveTailSessionUpdate events or 5000 log events, after which it starts dropping the oldest events.
A SessionStreamingException object is returned if an unknown error occurs on the server side.
A SessionTimeoutException object is returned when the session times out, after it has been kept open for three hours.
You can end a session before it times out by closing the session stream or by closing the client that is receiving the stream. The session also ends if the established connection between the client and the server breaks.
For examples of using an SDK to start a Live Tail session, see Start a Live Tail session using an Amazon Web Services SDK.
", "StartQuery": "Schedules a query of a log group using CloudWatch Logs Insights. You specify the log group and time range to query and the query string to use.
For more information, see CloudWatch Logs Insights Query Syntax.
After you run a query using StartQuery, the query results are stored by CloudWatch Logs. You can use GetQueryResults to retrieve the results of a query, using the queryId that StartQuery returns.
If you have associated a KMS key with the query results in this account, then StartQuery uses that key to encrypt the results when it stores them. If no key is associated with query results, the query results are encrypted with the default CloudWatch Logs encryption method.
Queries time out after 60 minutes of runtime. If your queries are timing out, reduce the time range being searched or partition your query into a number of queries.
If you are using CloudWatch cross-account observability, you can use this operation in a monitoring account to start a query in a linked source account. For more information, see CloudWatch cross-account observability. For a cross-account StartQuery operation, the query definition must be defined in the monitoring account.
You can have up to 30 concurrent CloudWatch Logs insights queries, including queries that have been added to dashboards.
", "StopQuery": "Stops a CloudWatch Logs Insights query that is in progress. If the query has already ended, the operation returns an error indicating that the specified query is not running.
", "TagLogGroup": "The TagLogGroup operation is on the path to deprecation. We recommend that you use TagResource instead.
Adds or updates the specified tags for the specified log group.
To list the tags for a log group, use ListTagsForResource. To remove tags, use UntagResource.
For more information about tags, see Tag Log Groups in Amazon CloudWatch Logs in the Amazon CloudWatch Logs User Guide.
CloudWatch Logs doesn’t support IAM policies that prevent users from assigning specified tags to log groups using the aws:Resource/key-name or aws:TagKeys condition keys. For more information about using tags to control access, see Controlling access to Amazon Web Services resources using tags.
The policy document for this account policy.
The JSON specified in policyDocument can be up to 30,720 characters.
Specify the data protection policy, in JSON.
This policy must include two JSON blocks:
The first block must include both a DataIdentifer array and an Operation property with an Audit action. The DataIdentifer array lists the types of sensitive data that you want to mask. For more information about the available options, see Types of data that you can mask.
The Operation property with an Audit action is required to find the sensitive data terms. This Audit action must contain a FindingsDestination object. You can optionally use that FindingsDestination object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, they must already exist.
The second block must include both a DataIdentifer array and an Operation property with an Deidentify action. The DataIdentifer array must exactly match the DataIdentifer array in the first block of the policy.
The Operation property with the Deidentify action is what actually masks the data, and it must contain the \"MaskConfig\": {} object. The \"MaskConfig\": {} object must be empty.
For an example data protection policy, see the Examples section on this page.
The contents of the two DataIdentifer arrays must match exactly.
In addition to the two JSON blocks, the policyDocument can also include Name, Description, and Version fields. The Name is different than the operation's policyName parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch.
The JSON specified in policyDocument can be up to 30,720 characters.
Specify the policy, in JSON.
Data protection policy
A data protection policy must include two JSON blocks:
The first block must include both a DataIdentifer array and an Operation property with an Audit action. The DataIdentifer array lists the types of sensitive data that you want to mask. For more information about the available options, see Types of data that you can mask.
The Operation property with an Audit action is required to find the sensitive data terms. This Audit action must contain a FindingsDestination object. You can optionally use that FindingsDestination object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, they must already exist.
The second block must include both a DataIdentifer array and an Operation property with an Deidentify action. The DataIdentifer array must exactly match the DataIdentifer array in the first block of the policy.
The Operation property with the Deidentify action is what actually masks the data, and it must contain the \"MaskConfig\": {} object. The \"MaskConfig\": {} object must be empty.
For an example data protection policy, see the Examples section on this page.
The contents of the two DataIdentifer arrays must match exactly.
In addition to the two JSON blocks, the policyDocument can also include Name, Description, and Version fields. The Name is different than the operation's policyName parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch.
The JSON specified in policyDocument can be up to 30,720 characters long.
Subscription filter policy
A subscription filter policy can include the following attributes in a JSON block:
DestinationArn The ARN of the destination to deliver log events to. Supported destinations are:
An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.
An Kinesis Data Firehose data stream in the same account as the subscription policy, for same-account delivery.
A Lambda function in the same account as the subscription policy, for same-account delivery.
A logical destination in a different account created with PutDestination, for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose are supported as logical destinations.
RoleArn The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.
FilterPattern A filter pattern for subscribing to a filtered stream of log events.
DistributionThe method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to Random for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.
Filters the results to only logs from the log streams in this list.
If you specify a value for both logStreamNamePrefix and logStreamNames, the action returns an InvalidParameterException error.
If your StartLiveTail operation request included a logStreamNames parameter that filtered the session to only include certain log streams, these streams are listed here.
If your StartLiveTail operation request included a logStreamNamePrefixes parameter that filtered the session to only include log streams that have names that start with certain prefixes, these prefixes are listed here.
If you specify this parameter, then only log events in the log streams that you specify here are included in the Live Tail session.
You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
If you specify this parameter, then only log events in the log streams that have names that start with the prefixes that you specify here are included in the Live Tail session.
You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
If you specify this parameter, then only log events in the log streams that you specify here are included in the Live Tail session.
If you specify this field, you can't also specify the logStreamNamePrefixes field.
You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
If you specify this parameter, then only log events in the log streams that have names that start with the prefixes that you specify here are included in the Live Tail session.
If you specify this field, you can't also specify the logStreamNames field.
You can specify this parameter only if you specify only one log group in logGroupIdentifiers.
Use this parameter to specify the log group class for this log group. There are two classes:
The Standard log class supports all CloudWatch Logs features.
The Infrequent Access log class supports a subset of CloudWatch Logs features and incurs lower costs.
If you omit this parameter, the default of STANDARD is used.
After a log group is created, its class can't be changed.
For details about the features supported by each class, see Log classes
", + "CreateLogGroupRequest$logGroupClass": "Use this parameter to specify the log group class for this log group. There are two classes:
The Standard log class supports all CloudWatch Logs features.
The Infrequent Access log class supports a subset of CloudWatch Logs features and incurs lower costs.
If you omit this parameter, the default of STANDARD is used.
The value of logGroupClass can't be changed after a log group is created.
For details about the features supported by each class, see Log classes
", "DescribeLogGroupsRequest$logGroupClass": "Specifies the log group class for this log group. There are two classes:
The Standard log class supports all CloudWatch Logs features.
The Infrequent Access log class supports a subset of CloudWatch Logs features and incurs lower costs.
For details about the features supported by each class, see Log classes
", "LogGroup$logGroupClass": "This specifies the log group class for this log group. There are two classes:
The Standard log class supports all CloudWatch Logs features.
The Infrequent Access log class supports a subset of CloudWatch Logs features and incurs lower costs.
For details about the features supported by each class, see Log classes
" } @@ -1618,9 +1618,9 @@ "base": null, "refs": { "AccountPolicy$policyType": "The type of policy for this account policy.
", - "DeleteAccountPolicyRequest$policyType": "The type of policy to delete. Currently, the only valid value is DATA_PROTECTION_POLICY.
Use this parameter to limit the returned policies to only the policies that match the policy type that you specify. Currently, the only valid value is DATA_PROTECTION_POLICY.
Currently the only valid value for this parameter is DATA_PROTECTION_POLICY.
The type of policy to delete.
", + "DescribeAccountPoliciesRequest$policyType": "Use this parameter to limit the returned policies to only the policies that match the policy type that you specify.
", + "PutAccountPolicyRequest$policyType": "The type of policy that you're creating or updating.
" } }, "Priority": { @@ -1931,6 +1931,13 @@ "FilterLogEventsResponse$searchedLogStreams": "Important As of May 15, 2020, this parameter is no longer supported. This parameter returns an empty list.
Indicates which log streams have been searched and whether each has been searched completely.
" } }, + "SelectionCriteria": { + "base": null, + "refs": { + "AccountPolicy$selectionCriteria": "The log group selection criteria for this subscription filter policy.
", + "PutAccountPolicyRequest$selectionCriteria": "Use this parameter to apply the subscription filter policy to a subset of log groups in the account. Currently, the only supported filter is LogGroupName NOT IN []. The selectionCriteria string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.
Using the selectionCriteria parameter is useful to help prevent infinite loops. For more information, see Log recursion prevention.
Specifing selectionCriteria is valid only when you specify SUBSCRIPTION_FILTER_POLICY for policyType.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, use_fips_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, use_fips_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, use_fips_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
An array of parameters to set for advanced control over a database. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
The key of the parameter. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
The key of the parameter. The options are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, query_group, search_path, require_ssl, and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see Query monitoring metrics for Amazon Redshift Serverless.
If the hosted zone was created by an Amazon Web Services account, or was created by an Amazon Web Services service that creates hosted zones using the current account, OwningAccount contains the account ID of that account. For example, when you use Cloud Map to create a hosted zone, Cloud Map creates the hosted zone using the current Amazon Web Services account.
The Amazon Web Services Region the resource you are directing DNS traffic to, is in.
" + } + }, "AccountLimit": { "base": "A complex type that contains the type of limit that you specified in the request and the current value for that limit.
", "refs": { @@ -151,6 +157,12 @@ "refs": { } }, + "Bias": { + "base": null, + "refs": { + "GeoProximityLocation$Bias": "The bias increases or decreases the size of the geographic region from which Route 53 routes traffic to a resource.
To use Bias to change the size of the geographic region, specify the applicable value for the bias:
To expand the size of the geographic region from which Route 53 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route 53 shrinks the size of adjacent regions.
To shrink the size of the geographic region from which Route 53 routes traffic to a resource, specify a negative bias of -1 to -99. Route 53 expands the size of adjacent regions.
The information for each resource record set that you want to change.
", "refs": { @@ -412,6 +424,12 @@ "refs": { } }, + "Coordinates": { + "base": "A complex type that lists the coordinates for a geoproximity resource record.
", + "refs": { + "GeoProximityLocation$Coordinates": "Contains the longitude and latitude for a geographic region.
" + } + }, "CreateCidrCollectionRequest": { "base": null, "refs": { @@ -550,9 +568,9 @@ } }, "DNSSECStatus": { - "base": "A string repesenting the status of DNSSEC signing.
", + "base": "A string representing the status of DNSSEC signing.
", "refs": { - "GetDNSSECResponse$Status": "A string repesenting the status of DNSSEC.
" + "GetDNSSECResponse$Status": "A string representing the status of DNSSEC.
" } }, "DeactivateKeySigningKeyRequest": { @@ -869,13 +887,13 @@ "base": null, "refs": { "HealthCheckConfig$FullyQualifiedDomainName": "Amazon Route 53 behavior depends on whether you specify a value for IPAddress.
If you specify a value for IPAddress:
Amazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of FullyQualifiedDomainName in the Host header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.
When Route 53 checks the health of an endpoint, here is how it constructs the Host header:
If you specify a value of 80 for Port and HTTP or HTTP_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify a value of 443 for Port and HTTPS or HTTPS_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify another value for Port and any value except TCP for Type, Route 53 passes FullyQualifiedDomainName:Port to the endpoint in the Host header.
If you don't specify a value for FullyQualifiedDomainName, Route 53 substitutes the value of IPAddress in the Host header in each of the preceding cases.
If you don't specify a value for IPAddress:
Route 53 sends a DNS request to the domain that you specify for FullyQualifiedDomainName at the interval that you specify for RequestInterval. Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.
If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send health checks to the endpoint. If there's no resource record set with a type of A for the name that you specify for FullyQualifiedDomainName, the health check fails with a \"DNS resolution failed\" error.
If you want to check the health of weighted, latency, or failover resource record sets and you choose to specify the endpoint only by FullyQualifiedDomainName, we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of FullyQualifiedDomainName, specify the domain name of the server (such as us-east-2-www.example.com), not the name of the resource record sets (www.example.com).
In this configuration, if you create a health check for which the value of FullyQualifiedDomainName matches the name of the resource record sets and you then associate the health check with those resource record sets, health check results will be unpredictable.
In addition, if the value that you specify for Type is HTTP, HTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH, Route 53 passes the value of FullyQualifiedDomainName in the Host header, as it does when you specify a value for IPAddress. If the value of Type is TCP, Route 53 doesn't pass a Host header.
Amazon Route 53 behavior depends on whether you specify a value for IPAddress.
If a health check already has a value for IPAddress, you can change the value. However, you can't update an existing health check to add or remove the value of IPAddress.
If you specify a value for IPAddress:
Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of FullyQualifiedDomainName in the Host header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.
When Route 53 checks the health of an endpoint, here is how it constructs the Host header:
If you specify a value of 80 for Port and HTTP or HTTP_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify a value of 443 for Port and HTTPS or HTTPS_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify another value for Port and any value except TCP for Type, Route 53 passes FullyQualifiedDomainName:Port to the endpoint in the Host header.
If you don't specify a value for FullyQualifiedDomainName, Route 53 substitutes the value of IPAddress in the Host header in each of the above cases.
If you don't specify a value for IPAddress:
If you don't specify a value for IPAddress, Route 53 sends a DNS request to the domain that you specify in FullyQualifiedDomainName at the interval you specify in RequestInterval. Using an IPv4 address that is returned by DNS, Route 53 then checks the health of the endpoint.
If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send health checks to the endpoint. If there's no resource record set with a type of A for the name that you specify for FullyQualifiedDomainName, the health check fails with a \"DNS resolution failed\" error.
If you want to check the health of weighted, latency, or failover resource record sets and you choose to specify the endpoint only by FullyQualifiedDomainName, we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of FullyQualifiedDomainName, specify the domain name of the server (such as us-east-2-www.example.com), not the name of the resource record sets (www.example.com).
In this configuration, if the value of FullyQualifiedDomainName matches the name of the resource record sets and you then associate the health check with those resource record sets, health check results will be unpredictable.
In addition, if the value of Type is HTTP, HTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH, Route 53 passes the value of FullyQualifiedDomainName in the Host header, as it does when you specify a value for IPAddress. If the value of Type is TCP, Route 53 doesn't pass a Host header.
Amazon Route 53 behavior depends on whether you specify a value for IPAddress.
If a health check already has a value for IPAddress, you can change the value. However, you can't update an existing health check to add or remove the value of IPAddress.
If you specify a value for IPAddress:
Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of FullyQualifiedDomainName in the Host header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.
When Route 53 checks the health of an endpoint, here is how it constructs the Host header:
If you specify a value of 80 for Port and HTTP or HTTP_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify a value of 443 for Port and HTTPS or HTTPS_STR_MATCH for Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint in the Host header.
If you specify another value for Port and any value except TCP for Type, Route 53 passes FullyQualifiedDomainName:Port to the endpoint in the Host header.
If you don't specify a value for FullyQualifiedDomainName, Route 53 substitutes the value of IPAddress in the Host header in each of the above cases.
If you don't specify a value for IPAddress:
If you don't specify a value for IPAddress, Route 53 sends a DNS request to the domain that you specify in FullyQualifiedDomainName at the interval you specify in RequestInterval. Using an IPv4 address that is returned by DNS, Route 53 then checks the health of the endpoint.
If you don't specify a value for IPAddress, you can’t update the health check to remove the FullyQualifiedDomainName; if you don’t specify a value for IPAddress on creation, a FullyQualifiedDomainName is required.
If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send health checks to the endpoint. If there's no resource record set with a type of A for the name that you specify for FullyQualifiedDomainName, the health check fails with a \"DNS resolution failed\" error.
If you want to check the health of weighted, latency, or failover resource record sets and you choose to specify the endpoint only by FullyQualifiedDomainName, we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of FullyQualifiedDomainName, specify the domain name of the server (such as us-east-2-www.example.com), not the name of the resource record sets (www.example.com).
In this configuration, if the value of FullyQualifiedDomainName matches the name of the resource record sets and you then associate the health check with those resource record sets, health check results will be unpredictable.
In addition, if the value of Type is HTTP, HTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH, Route 53 passes the value of FullyQualifiedDomainName in the Host header, as it does when you specify a value for IPAddress. If the value of Type is TCP, Route 53 doesn't pass a Host header.
A complex type that contains information about a geographic location.
", "refs": { - "ResourceRecordSet$GeoLocation": " Geolocation resource record sets only: A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of 192.0.2.111, create a resource record set with a Type of A and a ContinentCode of AF.
Although creating geolocation and geolocation alias resource record sets in a private hosted zone is allowed, it's not supported.
If you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.
You can't create two geolocation resource record sets that specify the same geographic location.
The value * in the CountryCode element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the Name and Type elements.
Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of CountryCode is *. Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a * resource record set, Route 53 returns a \"no answer\" response for queries from those locations.
You can't create non-geolocation resource record sets that have the same values for the Name and Type elements as geolocation resource record sets.
Geolocation resource record sets only: A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of 192.0.2.111, create a resource record set with a Type of A and a ContinentCode of AF.
If you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.
You can't create two geolocation resource record sets that specify the same geographic location.
The value * in the CountryCode element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the Name and Type elements.
Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of CountryCode is *. Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a * resource record set, Route 53 returns a \"no answer\" response for queries from those locations.
You can't create non-geolocation resource record sets that have the same values for the Name and Type elements as geolocation resource record sets.
For geolocation resource record sets, the two-letter code for a country.
Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1 alpha-2.
Route 53 also supports the contry code UA forr Ukraine.
", + "GeoLocation$CountryCode": "For geolocation resource record sets, the two-letter code for a country.
Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1 alpha-2.
Route 53 also supports the country code UA for Ukraine.
", "GeoLocationDetails$CountryCode": "The two-letter code for the country.
", - "GetGeoLocationRequest$CountryCode": "Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1 alpha-2.
Route 53 also supports the contry code UA forr Ukraine.
", + "GetGeoLocationRequest$CountryCode": "Amazon Route 53 uses the two-letter country codes that are specified in ISO standard 3166-1 alpha-2.
Route 53 also supports the country code UA for Ukraine.
", "ListGeoLocationsRequest$StartCountryCode": "The code for the country with which you want to start listing locations that Amazon Route 53 supports for geolocation. If Route 53 has already returned a page or more of results, if IsTruncated is true, and if NextCountryCode from the previous response has a value, enter that value in startcountrycode to return the next page of results.
If IsTruncated is true, you can make a follow-up request to display more locations. Enter the value of NextCountryCode in the startcountrycode parameter in another ListGeoLocations request.
The full name of the subdivision. Route 53 currently supports only states in the United States.
" } }, + "GeoProximityLocation": { + "base": " (Resource record sets only): A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query and your resources. Only one of , LocalZoneGroup, Coordinates, or Amazon Web ServicesRegion is allowed per request at a time.
For more information about geoproximity routing, see Geoproximity routing in the Amazon Route 53 Developer Guide.
", + "refs": { + "ResourceRecordSet$GeoProximityLocation": "GeoproximityLocation resource record sets only: A complex type that lets you control how Route 53 responds to DNS queries based on the geographic origin of the query and your resources.
" + } + }, "GetAccountLimitRequest": { "base": "A complex type that contains information about the request to create a hosted zone.
", "refs": { @@ -1201,7 +1225,7 @@ "HealthCheckType": { "base": null, "refs": { - "HealthCheckConfig$Type": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
You can't change the value of Type after you create a health check.
You can create the following types of health checks:
HTTP: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.
HTTPS: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.
If you specify HTTPS for the value of Type, the endpoint must support TLS v1.0 or later.
HTTP_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in SearchString.
HTTPS_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and searches the first 5,120 bytes of the response body for the string that you specify in SearchString.
TCP: Route 53 tries to establish a TCP connection.
CLOUDWATCH_METRIC: The health check is associated with a CloudWatch alarm. If the state of the alarm is OK, the health check is considered healthy. If the state is ALARM, the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is OK or ALARM, the health check status depends on the setting for InsufficientDataHealthStatus: Healthy, Unhealthy, or LastKnownStatus.
CALCULATED: For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of HealthThreshold.
RECOVERY_CONTROL: The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is ON, the health check is considered healthy. If the state is OFF, the health check is considered unhealthy.
For more information, see How Route 53 Determines Whether an Endpoint Is Healthy in the Amazon Route 53 Developer Guide.
" + "HealthCheckConfig$Type": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
You can't change the value of Type after you create a health check.
You can create the following types of health checks:
HTTP: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.
HTTPS: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.
If you specify HTTPS for the value of Type, the endpoint must support TLS v1.0 or later.
HTTP_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in SearchString.
HTTPS_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and searches the first 5,120 bytes of the response body for the string that you specify in SearchString.
TCP: Route 53 tries to establish a TCP connection.
CLOUDWATCH_METRIC: The health check is associated with a CloudWatch alarm. If the state of the alarm is OK, the health check is considered healthy. If the state is ALARM, the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is OK or ALARM, the health check status depends on the setting for InsufficientDataHealthStatus: Healthy, Unhealthy, or LastKnownStatus.
CALCULATED: For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of HealthThreshold.
RECOVERY_CONTROL: The health check is associated with a Route53 Application Recovery Controller routing control. If the routing control state is ON, the health check is considered healthy. If the state is OFF, the health check is considered unhealthy.
For more information, see How Route 53 Determines Whether an Endpoint Is Healthy in the Amazon Route 53 Developer Guide.
" } }, "HealthCheckVersion": { @@ -1471,6 +1495,12 @@ "refs": { } }, + "Latitude": { + "base": null, + "refs": { + "Coordinates$Latitude": "Specifies a coordinate of the north–south position of a geographic point on the surface of the Earth (-90 - 90).
" + } + }, "LimitValue": { "base": null, "refs": { @@ -1681,6 +1711,12 @@ "refs": { } }, + "LocalZoneGroup": { + "base": null, + "refs": { + "GeoProximityLocation$LocalZoneGroup": "Specifies an Amazon Web Services Local Zone Group.
A local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is us-east-1-bue-1a the Local Zone Group is us-east-1-bue-1.
You can identify the Local Zones Group for a specific Local Zone by using the describe-availability-zones CLI command:
This command returns: \"GroupName\": \"us-west-2-den-1\", specifying that the Local Zone us-west-2-den-1a belongs to the Local Zone Group us-west-2-den-1.
Specifies a coordinate of the east–west position of a geographic point on the surface of the Earth (-180 - 180).
" + } + }, "MaxResults": { "base": null, "refs": { @@ -2003,7 +2045,7 @@ "base": null, "refs": { "ActivateKeySigningKeyRequest$HostedZoneId": "A unique string used to identify a hosted zone.
", - "AliasTarget$HostedZoneId": "Alias resource records sets only: The value used depends on where you want to route traffic:
Specify the hosted zone ID for your API. You can get the applicable value using the CLI command get-domain-names:
For regional APIs, specify the value of regionalHostedZoneId.
For edge-optimized APIs, specify the value of distributionHostedZoneId.
Specify the hosted zone ID for your interface endpoint. You can get the value of HostedZoneId using the CLI command describe-vpc-endpoints.
Specify Z2FDTNDATAQYW2.
Alias resource record sets for CloudFront can't be created in a private zone.
Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and quotas in the the Amazon Web Services General Reference.
Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:
Elastic Load Balancing endpoints and quotas topic in the Amazon Web Services General Reference: Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.
Amazon Web Services Management Console: Go to the Amazon EC2 page, choose Load Balancers in the navigation pane, select the load balancer, and get the value of the Hosted zone field on the Description tab.
Elastic Load Balancing API: Use DescribeLoadBalancers to get the applicable value. For more information, see the applicable guide:
Classic Load Balancers: Use DescribeLoadBalancers to get the value of CanonicalHostedZoneNameId.
Application and Network Load Balancers: Use DescribeLoadBalancers to get the value of CanonicalHostedZoneId.
CLI: Use describe-load-balancers to get the applicable value. For more information, see the applicable guide:
Classic Load Balancers: Use describe-load-balancers to get the value of CanonicalHostedZoneNameId.
Application and Network Load Balancers: Use describe-load-balancers to get the value of CanonicalHostedZoneId.
Specify Z2BJ6XQ5FK7U4H.
Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table Amazon S3 Website Endpoints in the Amazon Web Services General Reference.
Specify the hosted zone ID of your hosted zone. (An alias resource record set can't reference a resource record set in a different hosted zone.)
Alias resource records sets only: The value used depends on where you want to route traffic:
Specify the hosted zone ID for your API. You can get the applicable value using the CLI command get-domain-names:
For regional APIs, specify the value of regionalHostedZoneId.
For edge-optimized APIs, specify the value of distributionHostedZoneId.
Specify the hosted zone ID for your interface endpoint. You can get the value of HostedZoneId using the CLI command describe-vpc-endpoints.
Specify Z2FDTNDATAQYW2.
Alias resource record sets for CloudFront can't be created in a private zone.
Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and quotas in the Amazon Web Services General Reference.
Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:
Elastic Load Balancing endpoints and quotas topic in the Amazon Web Services General Reference: Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.
Amazon Web Services Management Console: Go to the Amazon EC2 page, choose Load Balancers in the navigation pane, select the load balancer, and get the value of the Hosted zone field on the Description tab.
Elastic Load Balancing API: Use DescribeLoadBalancers to get the applicable value. For more information, see the applicable guide:
Classic Load Balancers: Use DescribeLoadBalancers to get the value of CanonicalHostedZoneNameId.
Application and Network Load Balancers: Use DescribeLoadBalancers to get the value of CanonicalHostedZoneId.
CLI: Use describe-load-balancers to get the applicable value. For more information, see the applicable guide:
Classic Load Balancers: Use describe-load-balancers to get the value of CanonicalHostedZoneNameId.
Application and Network Load Balancers: Use describe-load-balancers to get the value of CanonicalHostedZoneId.
Specify Z2BJ6XQ5FK7U4H.
Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table Amazon S3 Website Endpoints in the Amazon Web Services General Reference.
Specify the hosted zone ID of your hosted zone. (An alias resource record set can't reference a resource record set in a different hosted zone.)
The ID of the private hosted zone that you want to associate an Amazon VPC with.
Note that you can't associate a VPC with a hosted zone that doesn't have an existing VPC association.
", "ChangeInfo$Id": "This element contains an ID that you use when performing a GetChange action to get detailed information about the change.
", "ChangeResourceRecordSetsRequest$HostedZoneId": "The ID of the hosted zone that contains the resource record sets that you want to change.
", diff --git a/models/apis/wisdom/2020-10-19/api-2.json b/models/apis/wisdom/2020-10-19/api-2.json index 76ff1c517cb..0f7145be3c5 100644 --- a/models/apis/wisdom/2020-10-19/api-2.json +++ b/models/apis/wisdom/2020-10-19/api-2.json @@ -332,7 +332,9 @@ {"shape":"ValidationException"}, {"shape":"AccessDeniedException"}, {"shape":"ResourceNotFoundException"} - ] + ], + "deprecated":true, + "deprecatedMessage":"GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications." }, "GetSession":{ "name":"GetSession", @@ -479,7 +481,9 @@ {"shape":"ValidationException"}, {"shape":"AccessDeniedException"}, {"shape":"ResourceNotFoundException"} - ] + ], + "deprecated":true, + "deprecatedMessage":"QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications." }, "RemoveKnowledgeBaseTemplateUri":{ "name":"RemoveKnowledgeBaseTemplateUri", diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index e65f0091a62..ab937372339 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -15934,11 +15934,59 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "fips-us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "deprecated" : true, + "hostname" : "securitylake-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "deprecated" : true, + "hostname" : "securitylake-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "deprecated" : true, + "hostname" : "securitylake-fips.us-west-1.amazonaws.com" + }, + "fips-us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "deprecated" : true, + "hostname" : "securitylake-fips.us-west-2.amazonaws.com" + }, "sa-east-1" : { }, - "us-east-1" : { }, - "us-east-2" : { }, - "us-west-1" : { }, - "us-west-2" : { } + "us-east-1" : { + "variants" : [ { + "hostname" : "securitylake-fips.us-east-1.amazonaws.com", + "tags" : [ "fips" ] + } ] + }, + "us-east-2" : { + "variants" : [ { + "hostname" : "securitylake-fips.us-east-2.amazonaws.com", + "tags" : [ "fips" ] + } ] + }, + "us-west-1" : { + "variants" : [ { + "hostname" : "securitylake-fips.us-west-1.amazonaws.com", + "tags" : [ "fips" ] + } ] + }, + "us-west-2" : { + "variants" : [ { + "hostname" : "securitylake-fips.us-west-2.amazonaws.com", + "tags" : [ "fips" ] + } ] + } } }, "serverlessrepo" : { diff --git a/service/cloudwatchlogs/api.go b/service/cloudwatchlogs/api.go index d336ba7ceda..8d98e8f8157 100644 --- a/service/cloudwatchlogs/api.go +++ b/service/cloudwatchlogs/api.go @@ -879,10 +879,18 @@ func (c *CloudWatchLogs) DeleteAccountPolicyRequest(input *DeleteAccountPolicyIn // DeleteAccountPolicy API operation for Amazon CloudWatch Logs. // -// Deletes a CloudWatch Logs account policy. +// Deletes a CloudWatch Logs account policy. This stops the policy from applying +// to all log groups or a subset of log groups in the account. Log-group level +// policies will still be in effect. // -// To use this operation, you must be signed on with the logs:DeleteDataProtectionPolicy -// and logs:DeleteAccountPolicy permissions. +// To use this operation, you must be signed on with the correct permissions +// depending on the type of policy that you are deleting. +// +// - To delete a data protection policy, you must have the logs:DeleteDataProtectionPolicy +// and logs:DeleteAccountPolicy permissions. +// +// - To delete a subscription filter policy, you must have the logs:DeleteSubscriptionFilter +// and logs:DeleteAccountPolicy permissions. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5619,10 +5627,14 @@ func (c *CloudWatchLogs) PutAccountPolicyRequest(input *PutAccountPolicyInput) ( // PutAccountPolicy API operation for Amazon CloudWatch Logs. // -// Creates an account-level data protection policy that applies to all log groups -// in the account. A data protection policy can help safeguard sensitive data -// that's ingested by your log groups by auditing and masking the sensitive -// log data. Each account can have only one account-level policy. +// Creates an account-level data protection policy or subscription filter policy +// that applies to all log groups or a subset of log groups in the account. +// +// # Data protection policy +// +// A data protection policy can help safeguard sensitive data that's ingested +// by your log groups by auditing and masking the sensitive log data. Each account +// can have only one account-level data protection policy. // // Sensitive data is detected and masked when it is ingested into a log group. // When you set a data protection policy, log events ingested into the log groups @@ -5630,7 +5642,7 @@ func (c *CloudWatchLogs) PutAccountPolicyRequest(input *PutAccountPolicyInput) ( // // If you use PutAccountPolicy to create a data protection policy for your whole // account, it applies to both existing log groups and all log groups that are -// created later in this account. The account policy is applied to existing +// created later in this account. The account-level policy is applied to existing // log groups with eventual consistency. It might take up to 5 minutes before // sensitive data in existing log groups begins to be masked. // @@ -5646,16 +5658,47 @@ func (c *CloudWatchLogs) PutAccountPolicyRequest(input *PutAccountPolicyInput) ( // For more information, including a list of types of data that can be audited // and masked, see Protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html). // -// To use the PutAccountPolicy operation, you must be signed on with the logs:PutDataProtectionPolicy -// and logs:PutAccountPolicy permissions. +// To use the PutAccountPolicy operation for a data protection policy, you must +// be signed on with the logs:PutDataProtectionPolicy and logs:PutAccountPolicy +// permissions. // // The PutAccountPolicy operation applies to all log groups in the account. -// You can also use PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html) +// You can use PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html) // to create a data protection policy that applies to just one log group. If // a log group has its own data protection policy and the account also has an // account-level data protection policy, then the two policies are cumulative. // Any sensitive term specified in either policy is masked. // +// # Subscription filter policy +// +// A subscription filter policy sets up a real-time feed of log events from +// CloudWatch Logs to other Amazon Web Services services. Account-level subscription +// filter policies apply to both existing log groups and log groups that are +// created later in this account. Supported destinations are Kinesis Data Streams, +// Kinesis Data Firehose, and Lambda. When log events are sent to the receiving +// service, they are Base64 encoded and compressed with the GZIP format. +// +// The following destinations are supported for subscription filters: +// +// - An Kinesis Data Streams data stream in the same account as the subscription +// policy, for same-account delivery. +// +// - An Kinesis Data Firehose data stream in the same account as the subscription +// policy, for same-account delivery. +// +// - A Lambda function in the same account as the subscription policy, for +// same-account delivery. +// +// - A logical destination in a different account created with PutDestination +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html), +// for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose +// are supported as logical destinations. +// +// Each account can have one account-level subscription filter policy. If you +// are updating an existing filter, you must specify the correct name in PolicyName. +// To perform a PutAccountPolicy subscription filter operation for any destination +// except a Lambda function, you must also have the iam:PassRole permission. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -7137,6 +7180,9 @@ func (c *CloudWatchLogs) StartLiveTailRequest(input *StartLiveTailInput) (req *r // by closing the client that is receiving the stream. The session also ends // if the established connection between the client and the server breaks. // +// For examples of using an SDK to start a Live Tail session, see Start a Live +// Tail session using an Amazon Web Services SDK (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/example_cloudwatch-logs_StartLiveTail_section.html). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -8341,6 +8387,9 @@ type AccountPolicy struct { // The scope of the account policy. Scope *string `locationName:"scope" type:"string" enum:"Scope"` + + // The log group selection criteria for this subscription filter policy. + SelectionCriteria *string `locationName:"selectionCriteria" type:"string"` } // String returns the string representation. @@ -8397,6 +8446,12 @@ func (s *AccountPolicy) SetScope(v string) *AccountPolicy { return s } +// SetSelectionCriteria sets the SelectionCriteria field's value. +func (s *AccountPolicy) SetSelectionCriteria(v string) *AccountPolicy { + s.SelectionCriteria = &v + return s +} + // This structure represents one anomaly that has been found by a logs anomaly // detector. // @@ -9464,7 +9519,7 @@ type CreateLogGroupInput struct { // // If you omit this parameter, the default of STANDARD is used. // - // After a log group is created, its class can't be changed. + // The value of logGroupClass can't be changed after a log group is created. // // For details about the features supported by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) LogGroupClass *string `locationName:"logGroupClass" type:"string" enum:"LogGroupClass"` @@ -9735,7 +9790,7 @@ type DeleteAccountPolicyInput struct { // PolicyName is a required field PolicyName *string `locationName:"policyName" type:"string" required:"true"` - // The type of policy to delete. Currently, the only valid value is DATA_PROTECTION_POLICY. + // The type of policy to delete. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` @@ -11220,8 +11275,7 @@ type DescribeAccountPoliciesInput struct { PolicyName *string `locationName:"policyName" type:"string"` // Use this parameter to limit the returned policies to only the policies that - // match the policy type that you specify. Currently, the only valid value is - // DATA_PROTECTION_POLICY. + // match the policy type that you specify. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` @@ -16441,9 +16495,11 @@ func (s *Policy) SetDeliveryDestinationPolicy(v string) *Policy { type PutAccountPolicyInput struct { _ struct{} `type:"structure"` - // Specify the data protection policy, in JSON. + // Specify the policy, in JSON. // - // This policy must include two JSON blocks: + // Data protection policy + // + // A data protection policy must include two JSON blocks: // // * The first block must include both a DataIdentifer array and an Operation // property with an Audit action. The DataIdentifer array lists the types @@ -16472,7 +16528,35 @@ type PutAccountPolicyInput struct { // policyName parameter, and is used as a dimension when CloudWatch Logs reports // audit findings metrics to CloudWatch. // - // The JSON specified in policyDocument can be up to 30,720 characters. + // The JSON specified in policyDocument can be up to 30,720 characters long. + // + // Subscription filter policy + // + // A subscription filter policy can include the following attributes in a JSON + // block: + // + // * DestinationArn The ARN of the destination to deliver log events to. + // Supported destinations are: An Kinesis Data Streams data stream in the + // same account as the subscription policy, for same-account delivery. An + // Kinesis Data Firehose data stream in the same account as the subscription + // policy, for same-account delivery. A Lambda function in the same account + // as the subscription policy, for same-account delivery. A logical destination + // in a different account created with PutDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html), + // for cross-account delivery. Kinesis Data Streams and Kinesis Data Firehose + // are supported as logical destinations. + // + // * RoleArn The ARN of an IAM role that grants CloudWatch Logs permissions + // to deliver ingested log events to the destination stream. You don't need + // to provide the ARN when you are working with a logical destination for + // cross-account delivery. + // + // * FilterPattern A filter pattern for subscribing to a filtered stream + // of log events. + // + // * DistributionThe method used to distribute log data to the destination. + // By default, log data is grouped by log stream, but the grouping can be + // set to Random for a more even distribution. This property is only applicable + // when the destination is an Kinesis Data Streams data stream. // // PolicyDocument is a required field PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"` @@ -16482,7 +16566,7 @@ type PutAccountPolicyInput struct { // PolicyName is a required field PolicyName *string `locationName:"policyName" type:"string" required:"true"` - // Currently the only valid value for this parameter is DATA_PROTECTION_POLICY. + // The type of policy that you're creating or updating. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` @@ -16491,6 +16575,18 @@ type PutAccountPolicyInput struct { // that the data protection policy applies to all log groups in the account. // If you omit this parameter, the default of ALL is used. Scope *string `locationName:"scope" type:"string" enum:"Scope"` + + // Use this parameter to apply the subscription filter policy to a subset of + // log groups in the account. Currently, the only supported filter is LogGroupName + // NOT IN []. The selectionCriteria string can be up to 25KB in length. The + // length is determined by using its UTF-8 bytes. + // + // Using the selectionCriteria parameter is useful to help prevent infinite + // loops. For more information, see Log recursion prevention (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html). + // + // Specifing selectionCriteria is valid only when you specify SUBSCRIPTION_FILTER_POLICY + // for policyType. + SelectionCriteria *string `locationName:"selectionCriteria" type:"string"` } // String returns the string representation. @@ -16554,6 +16650,12 @@ func (s *PutAccountPolicyInput) SetScope(v string) *PutAccountPolicyInput { return s } +// SetSelectionCriteria sets the SelectionCriteria field's value. +func (s *PutAccountPolicyInput) SetSelectionCriteria(v string) *PutAccountPolicyInput { + s.SelectionCriteria = &v + return s +} + type PutAccountPolicyOutput struct { _ struct{} `type:"structure"` @@ -19042,6 +19144,8 @@ type StartLiveTailInput struct { // have names that start with the prefixes that you specify here are included // in the Live Tail session. // + // If you specify this field, you can't also specify the logStreamNames field. + // // You can specify this parameter only if you specify only one log group in // logGroupIdentifiers. LogStreamNamePrefixes []*string `locationName:"logStreamNamePrefixes" min:"1" type:"list"` @@ -19049,6 +19153,9 @@ type StartLiveTailInput struct { // If you specify this parameter, then only log events in the log streams that // you specify here are included in the Live Tail session. // + // If you specify this field, you can't also specify the logStreamNamePrefixes + // field. + // // You can specify this parameter only if you specify only one log group in // logGroupIdentifiers. LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"` @@ -20916,12 +21023,16 @@ func OutputFormat_Values() []string { const ( // PolicyTypeDataProtectionPolicy is a PolicyType enum value PolicyTypeDataProtectionPolicy = "DATA_PROTECTION_POLICY" + + // PolicyTypeSubscriptionFilterPolicy is a PolicyType enum value + PolicyTypeSubscriptionFilterPolicy = "SUBSCRIPTION_FILTER_POLICY" ) // PolicyType_Values returns all elements of the PolicyType enum func PolicyType_Values() []string { return []string{ PolicyTypeDataProtectionPolicy, + PolicyTypeSubscriptionFilterPolicy, } } diff --git a/service/connectwisdomservice/api.go b/service/connectwisdomservice/api.go index 2a3119a5bb8..3c8142f2a4b 100644 --- a/service/connectwisdomservice/api.go +++ b/service/connectwisdomservice/api.go @@ -1754,7 +1754,12 @@ const opGetRecommendations = "GetRecommendations" // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/wisdom-2020-10-19/GetRecommendations +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) GetRecommendationsRequest(input *GetRecommendationsInput) (req *request.Request, output *GetRecommendationsOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, GetRecommendations, has been deprecated") + } op := &request.Operation{ Name: opGetRecommendations, HTTPMethod: "GET", @@ -1799,6 +1804,8 @@ func (c *ConnectWisdomService) GetRecommendationsRequest(input *GetRecommendatio // The specified resource does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/wisdom-2020-10-19/GetRecommendations +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) GetRecommendations(input *GetRecommendationsInput) (*GetRecommendationsOutput, error) { req, out := c.GetRecommendationsRequest(input) return out, req.Send() @@ -1813,6 +1820,8 @@ func (c *ConnectWisdomService) GetRecommendations(input *GetRecommendationsInput // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) GetRecommendationsWithContext(ctx aws.Context, input *GetRecommendationsInput, opts ...request.Option) (*GetRecommendationsOutput, error) { req, out := c.GetRecommendationsRequest(input) req.SetContext(ctx) @@ -2940,7 +2949,12 @@ const opQueryAssistant = "QueryAssistant" // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/wisdom-2020-10-19/QueryAssistant +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) QueryAssistantRequest(input *QueryAssistantInput) (req *request.Request, output *QueryAssistantOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, QueryAssistant, has been deprecated") + } op := &request.Operation{ Name: opQueryAssistant, HTTPMethod: "POST", @@ -2992,6 +3006,8 @@ func (c *ConnectWisdomService) QueryAssistantRequest(input *QueryAssistantInput) // The specified resource does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/wisdom-2020-10-19/QueryAssistant +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) QueryAssistant(input *QueryAssistantInput) (*QueryAssistantOutput, error) { req, out := c.QueryAssistantRequest(input) return out, req.Send() @@ -3006,6 +3022,8 @@ func (c *ConnectWisdomService) QueryAssistant(input *QueryAssistantInput) (*Quer // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) QueryAssistantWithContext(ctx aws.Context, input *QueryAssistantInput, opts ...request.Option) (*QueryAssistantOutput, error) { req, out := c.QueryAssistantRequest(input) req.SetContext(ctx) @@ -3029,6 +3047,8 @@ func (c *ConnectWisdomService) QueryAssistantWithContext(ctx aws.Context, input // fmt.Println(page) // return pageNum <= 3 // }) +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) QueryAssistantPages(input *QueryAssistantInput, fn func(*QueryAssistantOutput, bool) bool) error { return c.QueryAssistantPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -3040,6 +3060,8 @@ func (c *ConnectWisdomService) QueryAssistantPages(input *QueryAssistantInput, f // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *ConnectWisdomService) QueryAssistantPagesWithContext(ctx aws.Context, input *QueryAssistantInput, fn func(*QueryAssistantOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { diff --git a/service/locationservice/api.go b/service/locationservice/api.go index 365ef0f3a1b..d1fa32d48b6 100644 --- a/service/locationservice/api.go +++ b/service/locationservice/api.go @@ -15484,6 +15484,14 @@ func (s *ListTrackersResponseEntry) SetUpdateTime(v time.Time) *ListTrackersResp type MapConfiguration struct { _ struct{} `type:"structure"` + // Specifies the custom layers for the style. Leave unset to not enable any + // custom layer, or, for styles that support custom layers, you can enable layer(s), + // such as POI layer for the VectorEsriNavigation style. Default is unset. + // + // Not all map resources or styles support custom layers. See Custom Layers + // for more information. + CustomLayers []*string `type:"list"` + // Specifies the political view for the style. Leave unset to not use a political // view, or, for styles that support specific political views, you can choose // a view, such as IND for the Indian view. @@ -15629,6 +15637,12 @@ func (s *MapConfiguration) Validate() error { return nil } +// SetCustomLayers sets the CustomLayers field's value. +func (s *MapConfiguration) SetCustomLayers(v []*string) *MapConfiguration { + s.CustomLayers = v + return s +} + // SetPoliticalView sets the PoliticalView field's value. func (s *MapConfiguration) SetPoliticalView(v string) *MapConfiguration { s.PoliticalView = &v @@ -15645,6 +15659,14 @@ func (s *MapConfiguration) SetStyle(v string) *MapConfiguration { type MapConfigurationUpdate struct { _ struct{} `type:"structure"` + // Specifies the custom layers for the style. Leave unset to not enable any + // custom layer, or, for styles that support custom layers, you can enable layer(s), + // such as POI layer for the VectorEsriNavigation style. Default is unset. + // + // Not all map resources or styles support custom layers. See Custom Layers + // for more information. + CustomLayers []*string `type:"list"` + // Specifies the political view for the style. Set to an empty string to not // use a political view, or, for styles that support specific political views, // you can choose a view, such as IND for the Indian view. @@ -15673,6 +15695,12 @@ func (s MapConfigurationUpdate) GoString() string { return s.String() } +// SetCustomLayers sets the CustomLayers field's value. +func (s *MapConfigurationUpdate) SetCustomLayers(v []*string) *MapConfigurationUpdate { + s.CustomLayers = v + return s +} + // SetPoliticalView sets the PoliticalView field's value. func (s *MapConfigurationUpdate) SetPoliticalView(v string) *MapConfigurationUpdate { s.PoliticalView = &v diff --git a/service/qconnect/api.go b/service/qconnect/api.go index cbdb4f0a620..896551c1bb5 100644 --- a/service/qconnect/api.go +++ b/service/qconnect/api.go @@ -1754,7 +1754,12 @@ const opGetRecommendations = "GetRecommendations" // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/qconnect-2020-10-19/GetRecommendations +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) GetRecommendationsRequest(input *GetRecommendationsInput) (req *request.Request, output *GetRecommendationsOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, GetRecommendations, has been deprecated") + } op := &request.Operation{ Name: opGetRecommendations, HTTPMethod: "GET", @@ -1799,6 +1804,8 @@ func (c *QConnect) GetRecommendationsRequest(input *GetRecommendationsInput) (re // The specified resource does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/qconnect-2020-10-19/GetRecommendations +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) GetRecommendations(input *GetRecommendationsInput) (*GetRecommendationsOutput, error) { req, out := c.GetRecommendationsRequest(input) return out, req.Send() @@ -1813,6 +1820,8 @@ func (c *QConnect) GetRecommendations(input *GetRecommendationsInput) (*GetRecom // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: GetRecommendations API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) GetRecommendationsWithContext(ctx aws.Context, input *GetRecommendationsInput, opts ...request.Option) (*GetRecommendationsOutput, error) { req, out := c.GetRecommendationsRequest(input) req.SetContext(ctx) @@ -3026,7 +3035,12 @@ const opQueryAssistant = "QueryAssistant" // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/qconnect-2020-10-19/QueryAssistant +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) QueryAssistantRequest(input *QueryAssistantInput) (req *request.Request, output *QueryAssistantOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, QueryAssistant, has been deprecated") + } op := &request.Operation{ Name: opQueryAssistant, HTTPMethod: "POST", @@ -3078,6 +3092,8 @@ func (c *QConnect) QueryAssistantRequest(input *QueryAssistantInput) (req *reque // The specified resource does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/qconnect-2020-10-19/QueryAssistant +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) QueryAssistant(input *QueryAssistantInput) (*QueryAssistantOutput, error) { req, out := c.QueryAssistantRequest(input) return out, req.Send() @@ -3092,6 +3108,8 @@ func (c *QConnect) QueryAssistant(input *QueryAssistantInput) (*QueryAssistantOu // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) QueryAssistantWithContext(ctx aws.Context, input *QueryAssistantInput, opts ...request.Option) (*QueryAssistantOutput, error) { req, out := c.QueryAssistantRequest(input) req.SetContext(ctx) @@ -3115,6 +3133,8 @@ func (c *QConnect) QueryAssistantWithContext(ctx aws.Context, input *QueryAssist // fmt.Println(page) // return pageNum <= 3 // }) +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) QueryAssistantPages(input *QueryAssistantInput, fn func(*QueryAssistantOutput, bool) bool) error { return c.QueryAssistantPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -3126,6 +3146,8 @@ func (c *QConnect) QueryAssistantPages(input *QueryAssistantInput, fn func(*Quer // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. +// +// Deprecated: QueryAssistant API will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. func (c *QConnect) QueryAssistantPagesWithContext(ctx aws.Context, input *QueryAssistantInput, fn func(*QueryAssistantOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { diff --git a/service/redshiftserverless/api.go b/service/redshiftserverless/api.go index d17d5481681..793e687ade5 100644 --- a/service/redshiftserverless/api.go +++ b/service/redshiftserverless/api.go @@ -5676,10 +5676,10 @@ type ConfigParameter struct { _ struct{} `type:"structure"` // The key of the parameter. The options are auto_mv, datestyle, enable_case_sensitive_identifier, - // enable_user_activity_logging, query_group, search_path, and query monitoring - // metrics that let you define performance boundaries. For more information - // about query monitoring rules and available metrics, see Query monitoring - // metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). + // enable_user_activity_logging, query_group, search_path, require_ssl, and + // query monitoring metrics that let you define performance boundaries. For + // more information about query monitoring rules and available metrics, see + // Query monitoring metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). ParameterKey *string `locationName:"parameterKey" type:"string"` // The value of the parameter to set. @@ -7063,10 +7063,10 @@ type CreateWorkgroupInput struct { // An array of parameters to set for advanced control over a database. The options // are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, - // query_group, search_path, require_ssl, use_fips_ssl, and query monitoring - // metrics that let you define performance boundaries. For more information - // about query monitoring rules and available metrics, see Query monitoring - // metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). + // query_group, search_path, require_ssl, and query monitoring metrics that + // let you define performance boundaries. For more information about query monitoring + // rules and available metrics, see Query monitoring metrics for Amazon Redshift + // Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). ConfigParameters []*ConfigParameter `locationName:"configParameters" type:"list"` // The value that specifies whether to turn on enhanced virtual private cloud @@ -13806,10 +13806,10 @@ type UpdateWorkgroupInput struct { // An array of parameters to set for advanced control over a database. The options // are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, - // query_group, search_path, require_ssl, use_fips_ssl, and query monitoring - // metrics that let you define performance boundaries. For more information - // about query monitoring rules and available metrics, see Query monitoring - // metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). + // query_group, search_path, require_ssl, and query monitoring metrics that + // let you define performance boundaries. For more information about query monitoring + // rules and available metrics, see Query monitoring metrics for Amazon Redshift + // Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). ConfigParameters []*ConfigParameter `locationName:"configParameters" type:"list"` // The value that specifies whether to turn on enhanced virtual private cloud @@ -14221,10 +14221,10 @@ type Workgroup struct { // An array of parameters to set for advanced control over a database. The options // are auto_mv, datestyle, enable_case_sensitive_identifier, enable_user_activity_logging, - // query_group, search_path, require_ssl, use_fips_ssl, and query monitoring - // metrics that let you define performance boundaries. For more information - // about query monitoring rules and available metrics, see Query monitoring - // metrics for Amazon Redshift Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). + // query_group, search_path, require_ssl, and query monitoring metrics that + // let you define performance boundaries. For more information about query monitoring + // rules and available metrics, see Query monitoring metrics for Amazon Redshift + // Serverless (https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless). ConfigParameters []*ConfigParameter `locationName:"configParameters" type:"list"` // The creation date of the workgroup. diff --git a/service/route53/api.go b/service/route53/api.go index af72699ef9e..7034b6149a8 100644 --- a/service/route53/api.go +++ b/service/route53/api.go @@ -8086,7 +8086,7 @@ type AliasTarget struct { // in. The environment must have a regionalized subdomain. For a list of regions // and the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and // quotas (https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) - // in the the Amazon Web Services General Reference. + // in the Amazon Web Services General Reference. // // ELB load balancer // @@ -9332,6 +9332,75 @@ func (s *CollectionSummary) SetVersion(v int64) *CollectionSummary { return s } +// A complex type that lists the coordinates for a geoproximity resource record. +type Coordinates struct { + _ struct{} `type:"structure"` + + // Specifies a coordinate of the north–south position of a geographic point + // on the surface of the Earth (-90 - 90). + // + // Latitude is a required field + Latitude *string `min:"1" type:"string" required:"true"` + + // Specifies a coordinate of the east–west position of a geographic point + // on the surface of the Earth (-180 - 180). + // + // Longitude is a required field + Longitude *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Coordinates) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Coordinates) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Coordinates) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Coordinates"} + if s.Latitude == nil { + invalidParams.Add(request.NewErrParamRequired("Latitude")) + } + if s.Latitude != nil && len(*s.Latitude) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Latitude", 1)) + } + if s.Longitude == nil { + invalidParams.Add(request.NewErrParamRequired("Longitude")) + } + if s.Longitude != nil && len(*s.Longitude) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Longitude", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLatitude sets the Latitude field's value. +func (s *Coordinates) SetLatitude(v string) *Coordinates { + s.Latitude = &v + return s +} + +// SetLongitude sets the Longitude field's value. +func (s *Coordinates) SetLongitude(v string) *Coordinates { + s.Longitude = &v + return s +} + type CreateCidrCollectionInput struct { _ struct{} `locationName:"CreateCidrCollectionRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` @@ -10738,7 +10807,7 @@ func (s *CreateVPCAssociationAuthorizationOutput) SetVPC(v *VPC) *CreateVPCAssoc return s } -// A string repesenting the status of DNSSEC signing. +// A string representing the status of DNSSEC signing. type DNSSECStatus struct { _ struct{} `type:"structure"` @@ -12063,7 +12132,7 @@ type GeoLocation struct { // Amazon Route 53 uses the two-letter country codes that are specified in ISO // standard 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). // - // Route 53 also supports the contry code UA forr Ukraine. + // Route 53 also supports the country code UA for Ukraine. CountryCode *string `min:"1" type:"string"` // For geolocation resource record sets, the two-letter code for a state of @@ -12215,6 +12284,120 @@ func (s *GeoLocationDetails) SetSubdivisionName(v string) *GeoLocationDetails { return s } +// (Resource record sets only): A complex type that lets you control how Amazon +// Route 53 responds to DNS queries based on the geographic origin of the query +// and your resources. Only one of , LocalZoneGroup, Coordinates, or Amazon +// Web ServicesRegion is allowed per request at a time. +// +// For more information about geoproximity routing, see Geoproximity routing +// (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geoproximity.html) +// in the Amazon Route 53 Developer Guide. +type GeoProximityLocation struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services Region the resource you are directing DNS traffic + // to, is in. + AWSRegion *string `min:"1" type:"string"` + + // The bias increases or decreases the size of the geographic region from which + // Route 53 routes traffic to a resource. + // + // To use Bias to change the size of the geographic region, specify the applicable + // value for the bias: + // + // * To expand the size of the geographic region from which Route 53 routes + // traffic to a resource, specify a positive integer from 1 to 99 for the + // bias. Route 53 shrinks the size of adjacent regions. + // + // * To shrink the size of the geographic region from which Route 53 routes + // traffic to a resource, specify a negative bias of -1 to -99. Route 53 + // expands the size of adjacent regions. + Bias *int64 `type:"integer"` + + // Contains the longitude and latitude for a geographic region. + Coordinates *Coordinates `type:"structure"` + + // Specifies an Amazon Web Services Local Zone Group. + // + // A local Zone Group is usually the Local Zone code without the ending character. + // For example, if the Local Zone is us-east-1-bue-1a the Local Zone Group is + // us-east-1-bue-1. + // + // You can identify the Local Zones Group for a specific Local Zone by using + // the describe-availability-zones (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) + // CLI command: + // + // This command returns: "GroupName": "us-west-2-den-1", specifying that the + // Local Zone us-west-2-den-1a belongs to the Local Zone Group us-west-2-den-1. + LocalZoneGroup *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GeoProximityLocation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GeoProximityLocation) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GeoProximityLocation) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GeoProximityLocation"} + if s.AWSRegion != nil && len(*s.AWSRegion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AWSRegion", 1)) + } + if s.Bias != nil && *s.Bias < -99 { + invalidParams.Add(request.NewErrParamMinValue("Bias", -99)) + } + if s.LocalZoneGroup != nil && len(*s.LocalZoneGroup) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LocalZoneGroup", 1)) + } + if s.Coordinates != nil { + if err := s.Coordinates.Validate(); err != nil { + invalidParams.AddNested("Coordinates", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAWSRegion sets the AWSRegion field's value. +func (s *GeoProximityLocation) SetAWSRegion(v string) *GeoProximityLocation { + s.AWSRegion = &v + return s +} + +// SetBias sets the Bias field's value. +func (s *GeoProximityLocation) SetBias(v int64) *GeoProximityLocation { + s.Bias = &v + return s +} + +// SetCoordinates sets the Coordinates field's value. +func (s *GeoProximityLocation) SetCoordinates(v *Coordinates) *GeoProximityLocation { + s.Coordinates = v + return s +} + +// SetLocalZoneGroup sets the LocalZoneGroup field's value. +func (s *GeoProximityLocation) SetLocalZoneGroup(v string) *GeoProximityLocation { + s.LocalZoneGroup = &v + return s +} + // A complex type that contains information about the request to create a hosted // zone. type GetAccountLimitInput struct { @@ -12535,7 +12718,7 @@ type GetDNSSECOutput struct { // KeySigningKeys is a required field KeySigningKeys []*KeySigningKey `type:"list" required:"true"` - // A string repesenting the status of DNSSEC. + // A string representing the status of DNSSEC. // // Status is a required field Status *DNSSECStatus `type:"structure" required:"true"` @@ -12597,7 +12780,7 @@ type GetGeoLocationInput struct { // Amazon Route 53 uses the two-letter country codes that are specified in ISO // standard 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). // - // Route 53 also supports the contry code UA forr Ukraine. + // Route 53 also supports the country code UA for Ukraine. CountryCode *string `location:"querystring" locationName:"countrycode" min:"1" type:"string"` // The code for the subdivision, such as a particular state within the United @@ -14242,7 +14425,7 @@ type HealthCheckConfig struct { // checkers consider to be healthy and compares that number with the value // of HealthThreshold. // - // * RECOVERY_CONTROL: The health check is assocated with a Route53 Application + // * RECOVERY_CONTROL: The health check is associated with a Route53 Application // Recovery Controller routing control. If the routing control state is ON, // the health check is considered healthy. If the state is OFF, the health // check is considered unhealthy. @@ -18153,9 +18336,6 @@ type ResourceRecordSet struct { // to a web server with an IP address of 192.0.2.111, create a resource record // set with a Type of A and a ContinentCode of AF. // - // Although creating geolocation and geolocation alias resource record sets - // in a private hosted zone is allowed, it's not supported. - // // If you create separate resource record sets for overlapping geographic regions // (for example, one resource record set for a continent and one for a country // on the same continent), priority goes to the smallest geographic region. @@ -18184,6 +18364,11 @@ type ResourceRecordSet struct { // values for the Name and Type elements as geolocation resource record sets. GeoLocation *GeoLocation `type:"structure"` + // GeoproximityLocation resource record sets only: A complex type that lets + // you control how Route 53 responds to DNS queries based on the geographic + // origin of the query and your resources. + GeoProximityLocation *GeoProximityLocation `type:"structure"` + // If you want Amazon Route 53 to return this resource record set in response // to a DNS query only when the status of a health check is healthy, include // the HealthCheckId element and specify the ID of the applicable health check. @@ -18561,6 +18746,11 @@ func (s *ResourceRecordSet) Validate() error { invalidParams.AddNested("GeoLocation", err.(request.ErrInvalidParams)) } } + if s.GeoProximityLocation != nil { + if err := s.GeoProximityLocation.Validate(); err != nil { + invalidParams.AddNested("GeoProximityLocation", err.(request.ErrInvalidParams)) + } + } if s.ResourceRecords != nil { for i, v := range s.ResourceRecords { if v == nil { @@ -18602,6 +18792,12 @@ func (s *ResourceRecordSet) SetGeoLocation(v *GeoLocation) *ResourceRecordSet { return s } +// SetGeoProximityLocation sets the GeoProximityLocation field's value. +func (s *ResourceRecordSet) SetGeoProximityLocation(v *GeoProximityLocation) *ResourceRecordSet { + s.GeoProximityLocation = v + return s +} + // SetHealthCheckId sets the HealthCheckId field's value. func (s *ResourceRecordSet) SetHealthCheckId(v string) *ResourceRecordSet { s.HealthCheckId = &v @@ -19512,6 +19708,10 @@ type UpdateHealthCheckInput struct { // you specify in RequestInterval. Using an IPv4 address that is returned by // DNS, Route 53 then checks the health of the endpoint. // + // If you don't specify a value for IPAddress, you can’t update the health + // check to remove the FullyQualifiedDomainName; if you don’t specify a value + // for IPAddress on creation, a FullyQualifiedDomainName is required. + // // If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send // health checks to the endpoint. If there's no resource record set with a type // of A for the name that you specify for FullyQualifiedDomainName, the health