Disables EBS encryption by default for your account in the current Region.
After you disable encryption by default, you can still create encrypted volumes by enabling encryption when you create each volume.
Disabling encryption by default does not change the encryption status of your existing volumes.
For more information, see Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.
", "DisableFastLaunch": "Discontinue faster launching for a Windows AMI, and clean up existing pre-provisioned snapshots. When you disable faster launching, the AMI uses the standard launch process for each instance. All pre-provisioned snapshots must be removed before you can enable faster launching again.
To change these settings, you must own the AMI.
Disables fast snapshot restores for the specified snapshots in the specified Availability Zones.
", + "DisableImageBlockPublicAccess": "Disables block public access for AMIs at the account level in the specified Amazon Web Services Region. This removes the block public access restriction from your account. With the restriction removed, you can publicly share your AMIs in the specified Amazon Web Services Region.
The API can take up to 10 minutes to configure this setting. During this time, if you run GetImageBlockPublicAccessState, the response will be block-new-sharing. When the API has completed the configuration, the response will be unblocked.
For more information, see Block public access to your AMIs in the Amazon EC2 User Guide.
", "DisableImageDeprecation": "Cancels the deprecation of the specified AMI.
For more information, see Deprecate an AMI in the Amazon EC2 User Guide.
", "DisableIpamOrganizationAdminAccount": "Disable the IPAM account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.
", "DisableSerialConsoleAccess": "Disables access to the EC2 serial console of all instances for your account. By default, access to the EC2 serial console is disabled for your account. For more information, see Manage account access to the EC2 serial console in the Amazon EC2 User Guide.
", @@ -401,6 +402,7 @@ "EnableEbsEncryptionByDefault": "Enables EBS encryption by default for your account in the current Region.
After you enable encryption by default, the EBS volumes that you create are always encrypted, either using the default KMS key or the KMS key that you specified when you created each volume. For more information, see Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.
You can specify the default KMS key for encryption by default using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId.
Enabling encryption by default has no effect on the encryption status of your existing volumes.
After you enable encryption by default, you can no longer launch instances using instance types that do not support encryption. For more information, see Supported instance types.
", "EnableFastLaunch": "When you enable faster launching for a Windows AMI, images are pre-provisioned, using snapshots to launch instances up to 65% faster. To create the optimized Windows image, Amazon EC2 launches an instance and runs through Sysprep steps, rebooting as required. Then it creates a set of reserved snapshots that are used for subsequent launches. The reserved snapshots are automatically replenished as they are used, depending on your settings for launch frequency.
To change these settings, you must own the AMI.
Enables fast snapshot restores for the specified snapshots in the specified Availability Zones.
You get the full benefit of fast snapshot restores after they enter the enabled state. To get the current state of fast snapshot restores, use DescribeFastSnapshotRestores. To disable fast snapshot restores, use DisableFastSnapshotRestores.
For more information, see Amazon EBS fast snapshot restore in the Amazon Elastic Compute Cloud User Guide.
", + "EnableImageBlockPublicAccess": "Enables block public access for AMIs at the account level in the specified Amazon Web Services Region. This prevents the public sharing of your AMIs. However, if you already have public AMIs, they will remain publicly available.
The API can take up to 10 minutes to configure this setting. During this time, if you run GetImageBlockPublicAccessState, the response will be unblocked. When the API has completed the configuration, the response will be block-new-sharing.
For more information, see Block public access to your AMIs in the Amazon EC2 User Guide.
", "EnableImageDeprecation": "Enables deprecation of the specified AMI at the specified date and time.
For more information, see Deprecate an AMI in the Amazon EC2 User Guide.
", "EnableIpamOrganizationAdminAccount": "Enable an Organizations member account as the IPAM admin account. You cannot select the Organizations management account as the IPAM admin account. For more information, see Enable integration with Organizations in the Amazon VPC IPAM User Guide.
", "EnableReachabilityAnalyzerOrganizationSharing": "Establishes a trust relationship between Reachability Analyzer and Organizations. This operation must be performed by the management account for the organization.
After you establish a trust relationship, a user in the management account or a delegated administrator account can run a cross-account analysis using resources from the member accounts.
", @@ -427,6 +429,7 @@ "GetFlowLogsIntegrationTemplate": "Generates a CloudFormation template that streamlines and automates the integration of VPC flow logs with Amazon Athena. This make it easier for you to query and gain insights from VPC flow logs data. Based on the information that you provide, we configure resources in the template to do the following:
Create a table in Athena that maps fields to a custom log format
Create a Lambda function that updates the table with new partitions on a daily, weekly, or monthly basis
Create a table partitioned between two timestamps in the past
Create a set of named queries in Athena that you can use to get started quickly
GetFlowLogsIntegrationTemplate does not support integration between Amazon Web Services Transit Gateway Flow Logs and Amazon Athena.
Lists the resource groups to which a Capacity Reservation has been added.
", "GetHostReservationPurchasePreview": "Preview a reservation purchase with configurations that match those of your Dedicated Host. You must have active Dedicated Hosts in your account before you purchase a reservation.
This is a preview of the PurchaseHostReservation action and does not result in the offering being purchased.
", + "GetImageBlockPublicAccessState": "Gets the current state of block public access for AMIs at the account level in the specified Amazon Web Services Region.
For more information, see Block public access to your AMIs in the Amazon EC2 User Guide.
", "GetInstanceTypesFromInstanceRequirements": "Returns a list of instance types with the specified instance attributes. You can use the response to preview the instance types without launching instances. Note that the response does not consider capacity.
When you specify multiple parameters, you get instance types that satisfy all of the specified parameters. If you specify multiple values for a parameter, you get instance types that satisfy any of the specified values.
For more information, see Preview instance types with specified attributes, Attribute-based instance type selection for EC2 Fleet, Attribute-based instance type selection for Spot Fleet, and Spot placement score in the Amazon EC2 User Guide, and Creating an Auto Scaling group using attribute-based instance type selection in the Amazon EC2 Auto Scaling User Guide.
", "GetInstanceUefiData": "A binary representation of the UEFI variable store. Only non-volatile variables are stored. This is a base64 encoded and zlib compressed binary value that must be properly encoded.
When you use register-image to create an AMI, you can create an exact copy of your variable store by passing the UEFI data in the UefiData parameter. You can modify the UEFI data by using the python-uefivars tool on GitHub. You can use the tool to convert the UEFI data into a human-readable format (JSON), which you can inspect and modify, and then convert back into the binary format to use with register-image.
For more information, see UEFI Secure Boot in the Amazon EC2 User Guide.
", "GetIpamAddressHistory": "Retrieve historical information about a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide.
", @@ -2323,6 +2326,7 @@ "DisableFastLaunchRequest$Force": "Forces the image settings to turn off faster launching for your Windows AMI. This parameter overrides any errors that are encountered while cleaning up resources in your account.
", "DisableFastLaunchRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The updated status of encryption by default.
", "EnableFastLaunchRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether encryption by default is enabled.
", "GetFlowLogsIntegrationTemplateRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The AMI attribute.
Note: The blockDeviceMapping attribute is deprecated. Using this attribute returns the Client.AuthFailure error. To get information about the block device mappings for an AMI, use the DescribeImages action.
Returns unblocked if the request succeeds; otherwise, it returns an error.
Specify block-new-sharing to enable block public access for AMIs at the account level in the specified Region. This will block any attempt to publicly share your AMIs in the specified Region.
Returns block-new-sharing if the request succeeds; otherwise, it returns an error.
Describes the disk container object for an import image task.
", "refs": { @@ -19178,6 +19227,7 @@ "GetGroupsForCapacityReservationResult$NextToken": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The potential total hourly price of the reservation per hour.
", "GetHostReservationPurchasePreviewResult$TotalUpfrontPrice": "The potential total upfront price. This is billed immediately.
", + "GetImageBlockPublicAccessStateResult$ImageBlockPublicAccessState": "The current state of block public access for AMIs at the account level in the specified Amazon Web Services Region.
Possible values:
block-new-sharing - Any attempt to publicly share your AMIs in the specified Region is blocked.
unblocked - Your AMIs in the specified Region can be publicly shared.
The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
", "GetInstanceTypesFromInstanceRequirementsResult$NextToken": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
Base64 representation of the non-volatile UEFI variable store.
", diff --git a/models/apis/eventbridge/2015-10-07/api-2.json b/models/apis/eventbridge/2015-10-07/api-2.json index 46cec6f17d8..3b3add34a4f 100644 --- a/models/apis/eventbridge/2015-10-07/api-2.json +++ b/models/apis/eventbridge/2015-10-07/api-2.json @@ -941,6 +941,13 @@ "min":1, "pattern":"^[ \\t]*[^\\x00-\\x1F:\\x7F]+([ \\t]+[^\\x00-\\x1F:\\x7F]+)*[ \\t]*$" }, + "AuthHeaderParametersSensitive":{ + "type":"string", + "max":512, + "min":1, + "pattern":"^[ \\t]*[^\\x00-\\x1F:\\x7F]+([ \\t]+[^\\x00-\\x1F:\\x7F]+)*[ \\t]*$", + "sensitive":true + }, "AwsVpcConfiguration":{ "type":"structure", "required":["Subnets"], @@ -1091,7 +1098,7 @@ "type":"structure", "members":{ "Key":{"shape":"String"}, - "Value":{"shape":"String"}, + "Value":{"shape":"SensitiveString"}, "IsValueSecret":{"shape":"Boolean"} } }, @@ -1110,7 +1117,7 @@ "type":"structure", "members":{ "Key":{"shape":"HeaderKey"}, - "Value":{"shape":"HeaderValue"}, + "Value":{"shape":"HeaderValueSensitive"}, "IsValueSecret":{"shape":"Boolean"} } }, @@ -1161,7 +1168,7 @@ "type":"structure", "members":{ "Key":{"shape":"QueryStringKey"}, - "Value":{"shape":"QueryStringValue"}, + "Value":{"shape":"QueryStringValueSensitive"}, "IsValueSecret":{"shape":"Boolean"} } }, @@ -1249,7 +1256,7 @@ ], "members":{ "ApiKeyName":{"shape":"AuthHeaderParameters"}, - "ApiKeyValue":{"shape":"AuthHeaderParameters"} + "ApiKeyValue":{"shape":"AuthHeaderParametersSensitive"} } }, "CreateConnectionAuthRequestParameters":{ @@ -1269,7 +1276,7 @@ ], "members":{ "Username":{"shape":"AuthHeaderParameters"}, - "Password":{"shape":"AuthHeaderParameters"} + "Password":{"shape":"AuthHeaderParametersSensitive"} } }, "CreateConnectionOAuthClientRequestParameters":{ @@ -1280,7 +1287,7 @@ ], "members":{ "ClientID":{"shape":"AuthHeaderParameters"}, - "ClientSecret":{"shape":"AuthHeaderParameters"} + "ClientSecret":{"shape":"AuthHeaderParametersSensitive"} } }, "CreateConnectionOAuthRequestParameters":{ @@ -1914,6 +1921,12 @@ "max":512, "pattern":"^[ \\t]*[\\x20-\\x7E]+([ \\t]+[\\x20-\\x7E]+)*[ \\t]*$" }, + "HeaderValueSensitive":{ + "type":"string", + "max":512, + "pattern":"^[ \\t]*[\\x20-\\x7E]+([ \\t]+[\\x20-\\x7E]+)*[ \\t]*$", + "sensitive":true + }, "HealthCheck":{ "type":"string", "max":1600, @@ -2559,6 +2572,12 @@ "max":512, "pattern":"[^\\x00-\\x09\\x0B\\x0C\\x0E-\\x1F\\x7F]+" }, + "QueryStringValueSensitive":{ + "type":"string", + "max":512, + "pattern":"[^\\x00-\\x09\\x0B\\x0C\\x0E-\\x1F\\x7F]+", + "sensitive":true + }, "RedshiftDataParameters":{ "type":"structure", "required":["Database"], @@ -2879,6 +2898,10 @@ "min":20, "pattern":"^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]|\\d|\\-)*:([0-9]{12})?:secret:[\\/_+=\\.@\\-A-Za-z0-9]+$" }, + "SensitiveString":{ + "type":"string", + "sensitive":true + }, "Sql":{ "type":"string", "max":100000, @@ -3140,7 +3163,7 @@ "type":"structure", "members":{ "ApiKeyName":{"shape":"AuthHeaderParameters"}, - "ApiKeyValue":{"shape":"AuthHeaderParameters"} + "ApiKeyValue":{"shape":"AuthHeaderParametersSensitive"} } }, "UpdateConnectionAuthRequestParameters":{ @@ -3156,14 +3179,14 @@ "type":"structure", "members":{ "Username":{"shape":"AuthHeaderParameters"}, - "Password":{"shape":"AuthHeaderParameters"} + "Password":{"shape":"AuthHeaderParametersSensitive"} } }, "UpdateConnectionOAuthClientRequestParameters":{ "type":"structure", "members":{ "ClientID":{"shape":"AuthHeaderParameters"}, - "ClientSecret":{"shape":"AuthHeaderParameters"} + "ClientSecret":{"shape":"AuthHeaderParametersSensitive"} } }, "UpdateConnectionOAuthRequestParameters":{ diff --git a/models/apis/eventbridge/2015-10-07/docs-2.json b/models/apis/eventbridge/2015-10-07/docs-2.json index 6e8f1e3132c..cd1d08ee739 100644 --- a/models/apis/eventbridge/2015-10-07/docs-2.json +++ b/models/apis/eventbridge/2015-10-07/docs-2.json @@ -238,16 +238,21 @@ "ConnectionBasicAuthResponseParameters$Username": "The user name to use for Basic authorization.
", "ConnectionOAuthClientResponseParameters$ClientID": "The client ID associated with the response to the connection request.
", "CreateConnectionApiKeyAuthRequestParameters$ApiKeyName": "The name of the API key to use for authorization.
", - "CreateConnectionApiKeyAuthRequestParameters$ApiKeyValue": "The value for the API key to use for authorization.
", "CreateConnectionBasicAuthRequestParameters$Username": "The user name to use for Basic authorization.
", - "CreateConnectionBasicAuthRequestParameters$Password": "The password associated with the user name to use for Basic authorization.
", "CreateConnectionOAuthClientRequestParameters$ClientID": "The client ID to use for OAuth authorization for the connection.
", - "CreateConnectionOAuthClientRequestParameters$ClientSecret": "The client secret associated with the client ID to use for OAuth authorization for the connection.
", "UpdateConnectionApiKeyAuthRequestParameters$ApiKeyName": "The name of the API key to use for authorization.
", - "UpdateConnectionApiKeyAuthRequestParameters$ApiKeyValue": "The value associated with teh API key to use for authorization.
", "UpdateConnectionBasicAuthRequestParameters$Username": "The user name to use for Basic authorization.
", + "UpdateConnectionOAuthClientRequestParameters$ClientID": "The client ID to use for OAuth authorization.
" + } + }, + "AuthHeaderParametersSensitive": { + "base": null, + "refs": { + "CreateConnectionApiKeyAuthRequestParameters$ApiKeyValue": "The value for the API key to use for authorization.
", + "CreateConnectionBasicAuthRequestParameters$Password": "The password associated with the user name to use for Basic authorization.
", + "CreateConnectionOAuthClientRequestParameters$ClientSecret": "The client secret associated with the client ID to use for OAuth authorization for the connection.
", + "UpdateConnectionApiKeyAuthRequestParameters$ApiKeyValue": "The value associated with teh API key to use for authorization.
", "UpdateConnectionBasicAuthRequestParameters$Password": "The password associated with the user name to use for Basic authorization.
", - "UpdateConnectionOAuthClientRequestParameters$ClientID": "The client ID to use for OAuth authorization.
", "UpdateConnectionOAuthClientRequestParameters$ClientSecret": "The client secret assciated with the client ID to use for OAuth authorization.
" } }, @@ -1044,10 +1049,15 @@ "HeaderValue": { "base": null, "refs": { - "ConnectionHeaderParameter$Value": "The value associated with the key.
", "HeaderParametersMap$value": null } }, + "HeaderValueSensitive": { + "base": null, + "refs": { + "ConnectionHeaderParameter$Value": "The value associated with the key.
" + } + }, "HealthCheck": { "base": null, "refs": { @@ -1635,10 +1645,15 @@ "QueryStringValue": { "base": null, "refs": { - "ConnectionQueryStringParameter$Value": "The value associated with the key for the query string parameter.
", "QueryStringParametersMap$value": null } }, + "QueryStringValueSensitive": { + "base": null, + "refs": { + "ConnectionQueryStringParameter$Value": "The value associated with the key for the query string parameter.
" + } + }, "RedshiftDataParameters": { "base": "These are custom parameters to be used when the target is a Amazon Redshift cluster or Redshift Serverless workgroup to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.
", "refs": { @@ -1973,6 +1988,12 @@ "DescribeConnectionResponse$SecretArn": "The ARN of the secret created from the authorization parameters specified for the connection.
" } }, + "SensitiveString": { + "base": null, + "refs": { + "ConnectionBodyParameter$Value": "The value associated with the key.
" + } + }, "Sql": { "base": "A single Redshift SQL", "refs": { @@ -2024,7 +2045,6 @@ "Condition$Key": "Specifies the key for the condition. Currently the only supported key is aws:PrincipalOrgID.
Specifies the value for the key. Currently, this must be the ID of the organization.
", "ConnectionBodyParameter$Key": "The key for the parameter.
", - "ConnectionBodyParameter$Value": "The value associated with the key.
", "CreateEventBusResponse$EventBusArn": "The ARN of the new event bus.
", "CreatePartnerEventSourceResponse$EventSourceArn": "The ARN of the partner event source.
", "DescribeEventBusResponse$Name": "The name of the event bus. Currently, this is always default.
Grants users or groups in your IAM Identity Center identity source access to your Amazon Kendra experience. You can create an Amazon Kendra experience such as a search application. For more information on creating a search application experience, see Building a search experience with no code.
", "AssociatePersonasToEntities": "Defines the specific permissions of users or groups in your IAM Identity Center identity source with access to your Amazon Kendra experience. You can create an Amazon Kendra experience such as a search application. For more information on creating a search application experience, see Building a search experience with no code.
", - "BatchDeleteDocument": "Removes one or more documents from an index. The documents must have been added with the BatchPutDocument API.
The documents are deleted asynchronously. You can see the progress of the deletion by using Amazon Web Services CloudWatch. Any error messages related to the processing of the batch are sent to you CloudWatch log.
", + "BatchDeleteDocument": "Removes one or more documents from an index. The documents must have been added with the BatchPutDocument API.
The documents are deleted asynchronously. You can see the progress of the deletion by using Amazon Web Services CloudWatch. Any error messages related to the processing of the batch are sent to your Amazon Web Services CloudWatch log. You can also use the BatchGetDocumentStatus API to monitor the progress of deleting your documents.
Deleting documents from an index using BatchDeleteDocument could take up to an hour or more, depending on the number of documents you want to delete.
Removes one or more sets of featured results. Features results are placed above all other results for certain queries. If there's an exact match of a query, then one or more specific documents are featured in the search results.
", "BatchGetDocumentStatus": "Returns the indexing status for one or more documents submitted with the BatchPutDocument API.
When you use the BatchPutDocument API, documents are indexed asynchronously. You can use the BatchGetDocumentStatus API to get the current status of a list of documents so that you can determine if they have been successfully indexed.
You can also use the BatchGetDocumentStatus API to check the status of the BatchDeleteDocument API. When a document is deleted from the index, Amazon Kendra returns NOT_FOUND as the status.
Adds one or more documents to an index.
The BatchPutDocument API enables you to ingest inline documents or a set of documents stored in an Amazon S3 bucket. Use this API to ingest your text and unstructured text into an index, add custom attributes to the documents, and to attach an access control list to the documents added to the index.
The documents are indexed asynchronously. You can see the progress of the batch using Amazon Web Services CloudWatch. Any error messages related to processing the batch are sent to your Amazon Web Services CloudWatch log.
For an example of ingesting inline documents using Python and Java SDKs, see Adding files directly to an index.
", + "BatchPutDocument": "Adds one or more documents to an index.
The BatchPutDocument API enables you to ingest inline documents or a set of documents stored in an Amazon S3 bucket. Use this API to ingest your text and unstructured text into an index, add custom attributes to the documents, and to attach an access control list to the documents added to the index.
The documents are indexed asynchronously. You can see the progress of the batch using Amazon Web Services CloudWatch. Any error messages related to processing the batch are sent to your Amazon Web Services CloudWatch log. You can also use the BatchGetDocumentStatus API to monitor the progress of indexing your documents.
For an example of ingesting inline documents using Python and Java SDKs, see Adding files directly to an index.
", "ClearQuerySuggestions": "Clears existing query suggestions from an index.
This deletes existing suggestions only, not the queries in the query log. After you clear suggestions, Amazon Kendra learns new suggestions based on new queries added to the query log from the time you cleared suggestions. If you do not see any new suggestions, then please allow Amazon Kendra to collect enough queries to learn new suggestions.
ClearQuerySuggestions is currently not supported in the Amazon Web Services GovCloud (US-West) region.
Creates an access configuration for your documents. This includes user and group access information for your documents. This is useful for user context filtering, where search results are filtered based on the user or their group access to documents.
You can use this to re-configure your existing document level access control without indexing all of your documents again. For example, your index contains top-secret company documents that only certain employees or users should access. One of these users leaves the company or switches to a team that should be blocked from accessing top-secret documents. The user still has access to top-secret documents because the user had access when your documents were previously indexed. You can create a specific access control configuration for the user with deny access. You can later update the access control configuration to allow access if the user returns to the company and re-joins the 'top-secret' team. You can re-configure access control for your documents as circumstances change.
To apply your access control configuration to certain documents, you call the BatchPutDocument API with the AccessControlConfigurationId included in the Document object. If you use an S3 bucket as a data source, you update the .metadata.json with the AccessControlConfigurationId and synchronize your data source. Amazon Kendra currently only supports access control configuration for S3 data sources and documents indexed using the BatchPutDocument API.
Creates a data source connector that you want to use with an Amazon Kendra index.
You specify a name, data source connector type and description for your data source. You also specify configuration information for the data source connector.
CreateDataSource is a synchronous operation. The operation returns 200 if the data source was successfully created. Otherwise, an exception is raised.
For an example of creating an index and data source using the Python SDK, see Getting started with Python SDK. For an example of creating an index and data source using the Java SDK, see Getting started with Java SDK.
", "CreateExperience": "Creates an Amazon Kendra experience such as a search application. For more information on creating a search application experience, including using the Python and Java SDKs, see Building a search experience with no code.
", "CreateFaq": "Creates a set of frequently ask questions (FAQs) using a specified FAQ file stored in an Amazon S3 bucket.
Adding FAQs to an index is an asynchronous operation.
For an example of adding an FAQ to an index using Python and Java SDKs, see Using your FAQ file.
", "CreateFeaturedResultsSet": "Creates a set of featured results to display at the top of the search results page. Featured results are placed above all other results for certain queries. You map specific queries to specific documents for featuring in the results. If a query contains an exact match, then one or more specific documents are featured in the search results.
You can create up to 50 sets of featured results per index. You can request to increase this limit by contacting Support.
", - "CreateIndex": "Creates an Amazon Kendra index. Index creation is an asynchronous API. To determine if index creation has completed, check the Status field returned from a call to DescribeIndex. The Status field is set to ACTIVE when the index is ready to use.
Once the index is active you can index your documents using the BatchPutDocument API or using one of the supported data sources.
For an example of creating an index and data source using the Python SDK, see Getting started with Python SDK. For an example of creating an index and data source using the Java SDK, see Getting started with Java SDK.
", + "CreateIndex": "Creates an Amazon Kendra index. Index creation is an asynchronous API. To determine if index creation has completed, check the Status field returned from a call to DescribeIndex. The Status field is set to ACTIVE when the index is ready to use.
Once the index is active, you can index your documents using the BatchPutDocument API or using one of the supported data sources.
For an example of creating an index and data source using the Python SDK, see Getting started with Python SDK. For an example of creating an index and data source using the Java SDK, see Getting started with Java SDK.
", "CreateQuerySuggestionsBlockList": "Creates a block list to exlcude certain queries from suggestions.
Any query that contains words or phrases specified in the block list is blocked or filtered out from being shown as a suggestion.
You need to provide the file location of your block list text file in your S3 bucket. In your text file, enter each block word or phrase on a separate line.
For information on the current quota limits for block lists, see Quotas for Amazon Kendra.
CreateQuerySuggestionsBlockList is currently not supported in the Amazon Web Services GovCloud (US-West) region.
For an example of creating a block list for query suggestions using the Python SDK, see Query suggestions block list.
", "CreateThesaurus": "Creates a thesaurus for an index. The thesaurus contains a list of synonyms in Solr format.
For an example of adding a thesaurus file to an index, see Adding custom synonyms to an index.
", "DeleteAccessControlConfiguration": "Deletes an access control configuration that you created for your documents in an index. This includes user and group access information for your documents. This is useful for user context filtering, where search results are filtered based on the user or their group access to documents.
", - "DeleteDataSource": "Deletes an Amazon Kendra data source connector. An exception is not thrown if the data source is already being deleted. While the data source is being deleted, the Status field returned by a call to the DescribeDataSource API is set to DELETING. For more information, see Deleting Data Sources.
Deletes an Amazon Kendra data source connector. An exception is not thrown if the data source is already being deleted. While the data source is being deleted, the Status field returned by a call to the DescribeDataSource API is set to DELETING. For more information, see Deleting Data Sources.
Deleting an entire data source or re-syncing your index after deleting specific documents from a data source could take up to an hour or more, depending on the number of documents you want to delete.
", "DeleteExperience": "Deletes your Amazon Kendra experience such as a search application. For more information on creating a search application experience, see Building a search experience with no code.
", "DeleteFaq": "Removes an FAQ from an index.
", "DeleteIndex": "Deletes an existing Amazon Kendra index. An exception is not thrown if the index is already being deleted. While the index is being deleted, the Status field returned by a call to the DescribeIndex API is set to DELETING.
Lists the thesauri for an index.
", "PutPrincipalMapping": "Maps users to their groups so that you only need to provide the user ID when you issue the query.
You can also map sub groups to groups. For example, the group \"Company Intellectual Property Teams\" includes sub groups \"Research\" and \"Engineering\". These sub groups include their own list of users or people who work in these teams. Only users who work in research and engineering, and therefore belong in the intellectual property group, can see top-secret company documents in their search results.
This is useful for user context filtering, where search results are filtered based on the user or their group access to documents. For more information, see Filtering on user context.
If more than five PUT actions for a group are currently processing, a validation exception is thrown.
Searches an index given an input query.
You can configure boosting or relevance tuning at the query level to override boosting at the index level, filter based on document fields/attributes and faceted search, and filter based on the user or their group access to documents. You can also include certain fields in the response that might provide useful additional information.
A query response contains three types of results.
Relevant suggested answers. The answers can be either a text excerpt or table excerpt. The answer can be highlighted in the excerpt.
Matching FAQs or questions-answer from your FAQ file.
Relevant documents. This result type includes an excerpt of the document with the document title. The searched terms can be highlighted in the excerpt.
You can specify that the query return only one type of result using the QueryResultTypeFilter parameter. Each query returns the 100 most relevant results. If you filter result type to only question-answers, a maximum of four results are returned. If you filter result type to only answers, a maximum of three results are returned.
Retrieves relevant passages or text excerpts given an input query.
This API is similar to the Query API. However, by default, the Query API only returns excerpt passages of up to 100 token words. With the Retrieve API, you can retrieve longer passages of up to 200 token words and up to 100 semantically relevant passages. This doesn't include question-answer or FAQ type responses from your index. The passages are text excerpts that can be semantically extracted from multiple documents and multiple parts of the same document. If in extreme cases your documents produce no relevant passages using the Retrieve API, you can alternatively use the Query API.
You can also do the following:
Override boosting at the index level
Filter based on document fields or attributes
Filter based on the user or their group access to documents
You can also include certain fields in the response that might provide useful additional information.
", - "StartDataSourceSyncJob": "Starts a synchronization job for a data source connector. If a synchronization job is already in progress, Amazon Kendra returns a ResourceInUseException exception.
Retrieves relevant passages or text excerpts given an input query.
This API is similar to the Query API. However, by default, the Query API only returns excerpt passages of up to 100 token words. With the Retrieve API, you can retrieve longer passages of up to 200 token words and up to 100 semantically relevant passages. This doesn't include question-answer or FAQ type responses from your index. The passages are text excerpts that can be semantically extracted from multiple documents and multiple parts of the same document. If in extreme cases your documents produce zero passages using the Retrieve API, you can alternatively use the Query API and its types of responses.
You can also do the following:
Override boosting at the index level
Filter based on document fields or attributes
Filter based on the user or their group access to documents
You can also include certain fields in the response that might provide useful additional information.
The Retrieve API shares the number of query capacity units that you set for your index. For more information on what's included in a single capacity unit and the default base capacity for an index, see Adjusting capacity.
Starts a synchronization job for a data source connector. If a synchronization job is already in progress, Amazon Kendra returns a ResourceInUseException exception.
Re-syncing your data source with your index after modifying, adding, or deleting documents from your data source respository could take up to an hour or more, depending on the number of documents to sync.
", "StopDataSourceSyncJob": "Stops a synchronization job that is currently running. You can't stop a scheduled synchronization job.
", "SubmitFeedback": "Enables you to provide feedback to Amazon Kendra to improve the performance of your index.
SubmitFeedback is currently not supported in the Amazon Web Services GovCloud (US-West) region.
Adds the specified tag to the specified index, FAQ, or data source resource. If the tag already exists, the existing value is replaced with the new value.
", @@ -196,9 +196,9 @@ } }, "AttributeFilter": { - "base": "Provides filtering the query results based on document attributes or metadata fields.
When you use the AndAllFilters or OrAllFilters, filters you can use 2 layers under the first attribute filter. For example, you can use:
<AndAllFilters>
<OrAllFilters>
<EqualsTo>
If you use more than 2 layers, you receive a ValidationException exception with the message \"AttributeFilter cannot have a depth of more than 2.\"
If you use more than 10 attribute filters in a given list for AndAllFilters or OrAllFilters, you receive a ValidationException with the message \"AttributeFilter cannot have a length of more than 10\".
Filters the search results based on document attributes or fields.
You can filter results using attributes for your particular documents. The attributes must exist in your index. For example, if your documents include the custom attribute \"Department\", you can filter documents that belong to the \"HR\" department. You would use the EqualsTo operation to filter results or documents with \"Department\" equals to \"HR\".
You can use AndAllFilters and AndOrFilters in combination with each other or with other operations such as EqualsTo. For example:
AndAllFilters
EqualsTo: \"Department\", \"HR\"
AndOrFilters
ContainsAny: \"Project Name\", [\"new hires\", \"new hiring\"]
This example filters results or documents that belong to the HR department and belong to projects that contain \"new hires\" or \"new hiring\" in the project name (must use ContainAny with StringListValue). This example is filtering with a depth of 2.
You cannot filter more than a depth of 2, otherwise you receive a ValidationException exception with the message \"AttributeFilter cannot have a depth of more than 2.\" Also, if you use more than 10 attribute filters in a given list for AndAllFilters or OrAllFilters, you receive a ValidationException with the message \"AttributeFilter cannot have a length of more than 10\".
For examples of using AttributeFilter, see Using document attributes to filter search results.
Performs a logical NOT operation on all supplied filters.
Performs a logical NOT operation on all filters that you specify.
Filters the search results based on document fields/attributes.
", "QueryRequest$AttributeFilter": "Filters search results by document fields/attributes. You can only provide one attribute filter; however, the AndAllFilters, NotFilter, and OrAllFilters parameters contain a list of other filters.
The AttributeFilter parameter means you can create a set of filtering rules that a document must satisfy to be included in the query results.
Performs a logical AND operation on all supplied filters.
Performs a logical OR operation on all supplied filters.
Performs a logical AND operation on all filters that you specify.
Performs a logical OR operation on all filters that you specify.
A list of documents that were not added to the index because the document failed a validation check. Each document contains an error message that indicates why the document couldn't be added to the index.
If there was an error adding a document to an index the error is reported in your Amazon Web Services CloudWatch log. For more information, see Monitoring Amazon Kendra with Amazon CloudWatch Logs
" + "BatchPutDocumentResponse$FailedDocuments": "A list of documents that were not added to the index because the document failed a validation check. Each document contains an error message that indicates why the document couldn't be added to the index.
If there was an error adding a document to an index the error is reported in your Amazon Web Services CloudWatch log. For more information, see Monitoring Amazon Kendra with Amazon CloudWatch logs.
" } }, "Blob": { @@ -766,13 +766,13 @@ "ConfluenceBlogToIndexFieldMapping$DateFieldFormat": "The format for date fields in the data source. If the field specified in DataSourceFieldName is a date field you must specify the date format. If the field is not a date field, an exception is thrown.
The format for date fields in the data source. If the field specified in DataSourceFieldName is a date field you must specify the date format. If the field is not a date field, an exception is thrown.
The format for date fields in the data source. If the field specified in DataSourceFieldName is a date field you must specify the date format. If the field is not a date field, an exception is thrown.
The type of data stored in the column or attribute.
" + "DataSourceToIndexFieldMapping$DateFieldFormat": "The format for date fields in the data source. If the field specified in DataSourceFieldName is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.
The name of the column or attribute in the data source.
", + "DataSourceToIndexFieldMapping$DataSourceFieldName": "The name of the field in the data source. You must first create the index field using the UpdateIndex API.
The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the Body column.
The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the Title column.
The name of the field in the custom knowledge article that contains the document data to index.
", @@ -941,7 +941,7 @@ } }, "DataSourceToIndexFieldMapping": { - "base": "Maps a column or attribute in the data source to an index field. You must first create the fields in the index using the UpdateIndex API.
Maps attributes or field names of the documents synced from the data source to Amazon Kendra index field names. You can set up field mappings for each data source when calling CreateDataSource or UpdateDataSource API. To create custom fields, use the UpdateIndex API to first create an index field and then map to the data source field. For more information, see Mapping data source fields.
Provides the configuration information to connect to a index.
", + "base": "Provides the configuration information to an Amazon Kendra supported database.
", "refs": { "DataSourceConfiguration$DatabaseConfiguration": "Provides the configuration information to connect to a database as your data source.
" } @@ -1254,13 +1254,13 @@ "DocumentAttribute": { "base": "A document attribute or metadata field. To create custom document attributes, see Custom attributes.
", "refs": { - "AttributeFilter$EqualsTo": "Performs an equals operation on two document attributes or metadata fields.
", - "AttributeFilter$ContainsAll": "Returns true when a document contains all of the specified document attributes or metadata fields. This filter is only applicable to StringListValue metadata.
Returns true when a document contains any of the specified document attributes or metadata fields. This filter is only applicable to StringListValue metadata.
Performs a greater than operation on two document attributes or metadata fields. Use with a document attribute of type Date or Long.
Performs a greater or equals than operation on two document attributes or metadata fields. Use with a document attribute of type Date or Long.
Performs a less than operation on two document attributes or metadata fields. Use with a document attribute of type Date or Long.
Performs a less than or equals operation on two document attributes or metadata fields. Use with a document attribute of type Date or Long.
Performs an equals operation on document attributes/fields and their values.
", + "AttributeFilter$ContainsAll": "Returns true when a document contains all of the specified document attributes/fields. This filter is only applicable to StringListValue.
", + "AttributeFilter$ContainsAny": "Returns true when a document contains any of the specified document attributes/fields. This filter is only applicable to StringListValue.
", + "AttributeFilter$GreaterThan": "Performs a greater than operation on document attributes/fields and their values. Use with the document attribute type Date or Long.
Performs a greater or equals than operation on document attributes/fields and their values. Use with the document attribute type Date or Long.
Performs a less than operation on document attributes/fields and their values. Use with the document attribute type Date or Long.
Performs a less than or equals operation on document attributes/fields and their values. Use with the document attribute type Date or Long.
The value of the attribute.
", "DocumentAttributeCondition$ConditionOnValue": "The value used by the operator.
For example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.
", "DocumentAttributeTarget$TargetDocumentAttributeValue": "The target value you want to create for the target attribute.
For example, 'Finance' could be the target value for the target attribute key 'Department'.
", - "DocumentAttributeValueCountPair$DocumentAttributeValue": "The value of the attribute. For example, \"HR\".
" + "DocumentAttributeValueCountPair$DocumentAttributeValue": "The value of the attribute/field. For example, \"HR\".
" } }, "DocumentAttributeValueCountPair": { - "base": "Provides the count of documents that match a particular attribute when doing a faceted search.
", + "base": "Provides the count of documents that match a particular document attribute or field when doing a faceted search.
", "refs": { "DocumentAttributeValueCountPairList$member": null } @@ -1677,7 +1677,7 @@ } }, "Facet": { - "base": "Information about a document attribute. You can use document attributes as facets.
For example, the document attribute or facet \"Department\" includes the values \"HR\", \"Engineering\", and \"Accounting\". You can display these values in the search results so that documents can be searched by department.
You can display up to 10 facet values per facet for a query. If you want to increase this limit, contact Support.
", + "base": "Information about a document attribute or field. You can use document attributes as facets.
For example, the document attribute or facet \"Department\" includes the values \"HR\", \"Engineering\", and \"Accounting\". You can display these values in the search results so that documents can be searched by department.
You can display up to 10 facet values per facet for a query. If you want to increase this limit, contact Support.
", "refs": { "FacetList$member": null } @@ -1698,7 +1698,7 @@ "FacetResultList": { "base": null, "refs": { - "DocumentAttributeValueCountPair$FacetResults": "Contains the results of a document attribute that is a nested facet. A FacetResult contains the counts for each facet nested within a facet.
For example, the document attribute or facet \"Department\" includes a value called \"Engineering\". In addition, the document attribute or facet \"SubDepartment\" includes the values \"Frontend\" and \"Backend\" for documents assigned to \"Engineering\". You can display nested facets in the search results so that documents can be searched not only by department but also by a sub department within a department. The counts for documents that belong to \"Frontend\" and \"Backend\" within \"Engineering\" are returned for a query.
", + "DocumentAttributeValueCountPair$FacetResults": "Contains the results of a document attribute/field that is a nested facet. A FacetResult contains the counts for each facet nested within a facet.
For example, the document attribute or facet \"Department\" includes a value called \"Engineering\". In addition, the document attribute or facet \"SubDepartment\" includes the values \"Frontend\" and \"Backend\" for documents assigned to \"Engineering\". You can display nested facets in the search results so that documents can be searched not only by department but also by a sub department within a department. The counts for documents that belong to \"Frontend\" and \"Backend\" within \"Engineering\" are returned for a query.
", "QueryResult$FacetResults": "Contains the facet results. A FacetResult contains the counts for each field/attribute key that was specified in the Facets input parameter.
The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.
", "ConfluencePageToIndexFieldMapping$IndexFieldName": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.
", "ConfluenceSpaceToIndexFieldMapping$IndexFieldName": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.
", - "DataSourceToIndexFieldMapping$IndexFieldName": "The name of the field in the index.
" + "DataSourceToIndexFieldMapping$IndexFieldName": "The name of the index field to map to the data source field. The index field type must match the data source field type.
" } }, "IndexId": { @@ -2249,7 +2249,7 @@ "DescribeQuerySuggestionsBlockListResponse$ItemCount": "The current number of valid, non-empty words or phrases in the block list text file.
", "DescribeQuerySuggestionsConfigResponse$QueryLogLookBackWindowInDays": "How recent your queries are in your query log time window (in days).
", "DescribeQuerySuggestionsConfigResponse$TotalSuggestionsCount": "The current total count of query suggestions for an index.
This count can change when you update your query suggestions settings, if you filter out certain queries from suggestions using a block list, and as the query log accumulates more queries for Amazon Kendra to learn from.
If the count is much lower than you expected, it could be because Amazon Kendra needs more queries in the query history to learn from or your current query suggestions settings are too strict.
", - "DocumentAttributeValueCountPair$Count": "The number of documents in the response that have the attribute value for the key.
", + "DocumentAttributeValueCountPair$Count": "The number of documents in the response that have the attribute/field value for the key.
", "GetQuerySuggestionsRequest$MaxSuggestionsCount": "The maximum number of query suggestions you want to show to your users.
", "GetSnapshotsRequest$MaxResults": "The maximum number of returned data for the metric.
", "Highlight$BeginOffset": "The zero-based location in the response string where the highlight starts.
", @@ -3276,7 +3276,8 @@ "ScoreAttributes": { "base": "Provides a relative ranking that indicates how confident Amazon Kendra is that the response is relevant to the query.
", "refs": { - "QueryResultItem$ScoreAttributes": "Indicates the confidence level of Amazon Kendra providing a relevant result for the query. Each result is placed into a bin that indicates the confidence, VERY_HIGH, HIGH, MEDIUM and LOW. You can use the score to determine if a response meets the confidence needed for your application.
The field is only set to LOW when the Type field is set to DOCUMENT and Amazon Kendra is not confident that the result is relevant to the query.
Indicates the confidence level of Amazon Kendra providing a relevant result for the query. Each result is placed into a bin that indicates the confidence, VERY_HIGH, HIGH, MEDIUM and LOW. You can use the score to determine if a response meets the confidence needed for your application.
The field is only set to LOW when the Type field is set to DOCUMENT and Amazon Kendra is not confident that the result is relevant to the query.
The confidence score bucket for a retrieved passage result. The confidence bucket provides a relative ranking that indicates how confident Amazon Kendra is that the response is relevant to the query.
" } }, "ScoreConfidence": { diff --git a/models/apis/kendra/2019-02-03/endpoint-rule-set-1.json b/models/apis/kendra/2019-02-03/endpoint-rule-set-1.json index 1a902c84198..6caf5607266 100644 --- a/models/apis/kendra/2019-02-03/endpoint-rule-set-1.json +++ b/models/apis/kendra/2019-02-03/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://kendra-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://kendra-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://kendra-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://kendra-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://kendra.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://kendra.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://kendra.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://kendra.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 6cbfc2afd8c..da902e454b0 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -24447,10 +24447,33 @@ }, "elasticmapreduce" : { "endpoints" : { + "fips-us-iso-east-1" : { + "credentialScope" : { + "region" : "us-iso-east-1" + }, + "deprecated" : true, + "hostname" : "elasticmapreduce.us-iso-east-1.c2s.ic.gov" + }, + "fips-us-iso-west-1" : { + "credentialScope" : { + "region" : "us-iso-west-1" + }, + "deprecated" : true, + "hostname" : "elasticmapreduce.us-iso-west-1.c2s.ic.gov" + }, "us-iso-east-1" : { - "protocols" : [ "https" ] + "protocols" : [ "https" ], + "variants" : [ { + "hostname" : "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + "tags" : [ "fips" ] + } ] }, - "us-iso-west-1" : { } + "us-iso-west-1" : { + "variants" : [ { + "hostname" : "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + "tags" : [ "fips" ] + } ] + } } }, "es" : { @@ -24987,7 +25010,19 @@ }, "elasticmapreduce" : { "endpoints" : { - "us-isob-east-1" : { } + "fips-us-isob-east-1" : { + "credentialScope" : { + "region" : "us-isob-east-1" + }, + "deprecated" : true, + "hostname" : "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov" + }, + "us-isob-east-1" : { + "variants" : [ { + "hostname" : "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + "tags" : [ "fips" ] + } ] + } } }, "es" : { diff --git a/service/ec2/api.go b/service/ec2/api.go index 6b5634e8c6e..4bbf7a315ef 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -35494,6 +35494,90 @@ func (c *EC2) DisableFastSnapshotRestoresWithContext(ctx aws.Context, input *Dis return out, req.Send() } +const opDisableImageBlockPublicAccess = "DisableImageBlockPublicAccess" + +// DisableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the DisableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableImageBlockPublicAccess for more information on using the DisableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableImageBlockPublicAccessRequest method. +// req, resp := client.DisableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccessRequest(input *DisableImageBlockPublicAccessInput) (req *request.Request, output *DisableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opDisableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableImageBlockPublicAccessInput{} + } + + output = &DisableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Disables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This removes the block public access restriction +// from your account. With the restriction removed, you can publicly share your +// AMIs in the specified Amazon Web Services Region. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be block-new-sharing. When the API has completed the configuration, +// the response will be unblocked. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccess(input *DisableImageBlockPublicAccessInput) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// DisableImageBlockPublicAccessWithContext is the same as DisableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See DisableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableImageBlockPublicAccessWithContext(ctx aws.Context, input *DisableImageBlockPublicAccessInput, opts ...request.Option) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableImageDeprecation = "DisableImageDeprecation" // DisableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -37504,6 +37588,89 @@ func (c *EC2) EnableFastSnapshotRestoresWithContext(ctx aws.Context, input *Enab return out, req.Send() } +const opEnableImageBlockPublicAccess = "EnableImageBlockPublicAccess" + +// EnableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the EnableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableImageBlockPublicAccess for more information on using the EnableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableImageBlockPublicAccessRequest method. +// req, resp := client.EnableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccessRequest(input *EnableImageBlockPublicAccessInput) (req *request.Request, output *EnableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opEnableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableImageBlockPublicAccessInput{} + } + + output = &EnableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Enables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This prevents the public sharing of your AMIs. +// However, if you already have public AMIs, they will remain publicly available. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be unblocked. When the API has completed the configuration, +// the response will be block-new-sharing. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccess(input *EnableImageBlockPublicAccessInput) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// EnableImageBlockPublicAccessWithContext is the same as EnableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See EnableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableImageBlockPublicAccessWithContext(ctx aws.Context, input *EnableImageBlockPublicAccessInput, opts ...request.Option) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableImageDeprecation = "EnableImageDeprecation" // EnableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -39681,6 +39848,83 @@ func (c *EC2) GetHostReservationPurchasePreviewWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetImageBlockPublicAccessState = "GetImageBlockPublicAccessState" + +// GetImageBlockPublicAccessStateRequest generates a "aws/request.Request" representing the +// client's request for the GetImageBlockPublicAccessState operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetImageBlockPublicAccessState for more information on using the GetImageBlockPublicAccessState +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetImageBlockPublicAccessStateRequest method. +// req, resp := client.GetImageBlockPublicAccessStateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessStateRequest(input *GetImageBlockPublicAccessStateInput) (req *request.Request, output *GetImageBlockPublicAccessStateOutput) { + op := &request.Operation{ + Name: opGetImageBlockPublicAccessState, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetImageBlockPublicAccessStateInput{} + } + + output = &GetImageBlockPublicAccessStateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetImageBlockPublicAccessState API operation for Amazon Elastic Compute Cloud. +// +// Gets the current state of block public access for AMIs at the account level +// in the specified Amazon Web Services Region. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetImageBlockPublicAccessState for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessState(input *GetImageBlockPublicAccessStateInput) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + return out, req.Send() +} + +// GetImageBlockPublicAccessStateWithContext is the same as GetImageBlockPublicAccessState with the addition of +// the ability to pass a context and additional request options. +// +// See GetImageBlockPublicAccessState for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetImageBlockPublicAccessStateWithContext(ctx aws.Context, input *GetImageBlockPublicAccessStateInput, opts ...request.Option) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetInstanceTypesFromInstanceRequirements = "GetInstanceTypesFromInstanceRequirements" // GetInstanceTypesFromInstanceRequirementsRequest generates a "aws/request.Request" representing the @@ -110469,6 +110713,71 @@ func (s *DisableFastSnapshotRestoresOutput) SetUnsuccessful(v []*DisableFastSnap return s } +type DisableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableImageBlockPublicAccessInput) SetDryRun(v bool) *DisableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +type DisableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns unblocked if the request succeeds; otherwise, it returns an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessDisabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *DisableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *DisableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type DisableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -114949,6 +115258,98 @@ func (s *EnableFastSnapshotRestoresOutput) SetUnsuccessful(v []*EnableFastSnapsh return s } +type EnableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Specify block-new-sharing to enable block public access for AMIs at the account + // level in the specified Region. This will block any attempt to publicly share + // your AMIs in the specified Region. + // + // ImageBlockPublicAccessState is a required field + ImageBlockPublicAccessState *string `type:"string" required:"true" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableImageBlockPublicAccessInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableImageBlockPublicAccessInput"} + if s.ImageBlockPublicAccessState == nil { + invalidParams.Add(request.NewErrParamRequired("ImageBlockPublicAccessState")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableImageBlockPublicAccessInput) SetDryRun(v bool) *EnableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessInput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessInput { + s.ImageBlockPublicAccessState = &v + return s +} + +type EnableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns block-new-sharing if the request succeeds; otherwise, it returns + // an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type EnableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -121252,6 +121653,79 @@ func (s *GetHostReservationPurchasePreviewOutput) SetTotalUpfrontPrice(v string) return s } +type GetImageBlockPublicAccessStateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetImageBlockPublicAccessStateInput) SetDryRun(v bool) *GetImageBlockPublicAccessStateInput { + s.DryRun = &v + return s +} + +type GetImageBlockPublicAccessStateOutput struct { + _ struct{} `type:"structure"` + + // The current state of block public access for AMIs at the account level in + // the specified Amazon Web Services Region. + // + // Possible values: + // + // * block-new-sharing - Any attempt to publicly share your AMIs in the specified + // Region is blocked. + // + // * unblocked - Your AMIs in the specified Region can be publicly shared. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *GetImageBlockPublicAccessStateOutput) SetImageBlockPublicAccessState(v string) *GetImageBlockPublicAccessStateOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type GetInstanceTypesFromInstanceRequirementsInput struct { _ struct{} `type:"structure"` @@ -184799,6 +185273,30 @@ func ImageAttributeName_Values() []string { } } +const ( + // ImageBlockPublicAccessDisabledStateUnblocked is a ImageBlockPublicAccessDisabledState enum value + ImageBlockPublicAccessDisabledStateUnblocked = "unblocked" +) + +// ImageBlockPublicAccessDisabledState_Values returns all elements of the ImageBlockPublicAccessDisabledState enum +func ImageBlockPublicAccessDisabledState_Values() []string { + return []string{ + ImageBlockPublicAccessDisabledStateUnblocked, + } +} + +const ( + // ImageBlockPublicAccessEnabledStateBlockNewSharing is a ImageBlockPublicAccessEnabledState enum value + ImageBlockPublicAccessEnabledStateBlockNewSharing = "block-new-sharing" +) + +// ImageBlockPublicAccessEnabledState_Values returns all elements of the ImageBlockPublicAccessEnabledState enum +func ImageBlockPublicAccessEnabledState_Values() []string { + return []string{ + ImageBlockPublicAccessEnabledStateBlockNewSharing, + } +} + const ( // ImageStatePending is a ImageState enum value ImageStatePending = "pending" diff --git a/service/ec2/ec2iface/interface.go b/service/ec2/ec2iface/interface.go index 0e7d51c4b73..8d7e6b185be 100644 --- a/service/ec2/ec2iface/interface.go +++ b/service/ec2/ec2iface/interface.go @@ -1885,6 +1885,10 @@ type EC2API interface { DisableFastSnapshotRestoresWithContext(aws.Context, *ec2.DisableFastSnapshotRestoresInput, ...request.Option) (*ec2.DisableFastSnapshotRestoresOutput, error) DisableFastSnapshotRestoresRequest(*ec2.DisableFastSnapshotRestoresInput) (*request.Request, *ec2.DisableFastSnapshotRestoresOutput) + DisableImageBlockPublicAccess(*ec2.DisableImageBlockPublicAccessInput) (*ec2.DisableImageBlockPublicAccessOutput, error) + DisableImageBlockPublicAccessWithContext(aws.Context, *ec2.DisableImageBlockPublicAccessInput, ...request.Option) (*ec2.DisableImageBlockPublicAccessOutput, error) + DisableImageBlockPublicAccessRequest(*ec2.DisableImageBlockPublicAccessInput) (*request.Request, *ec2.DisableImageBlockPublicAccessOutput) + DisableImageDeprecation(*ec2.DisableImageDeprecationInput) (*ec2.DisableImageDeprecationOutput, error) DisableImageDeprecationWithContext(aws.Context, *ec2.DisableImageDeprecationInput, ...request.Option) (*ec2.DisableImageDeprecationOutput, error) DisableImageDeprecationRequest(*ec2.DisableImageDeprecationInput) (*request.Request, *ec2.DisableImageDeprecationOutput) @@ -1989,6 +1993,10 @@ type EC2API interface { EnableFastSnapshotRestoresWithContext(aws.Context, *ec2.EnableFastSnapshotRestoresInput, ...request.Option) (*ec2.EnableFastSnapshotRestoresOutput, error) EnableFastSnapshotRestoresRequest(*ec2.EnableFastSnapshotRestoresInput) (*request.Request, *ec2.EnableFastSnapshotRestoresOutput) + EnableImageBlockPublicAccess(*ec2.EnableImageBlockPublicAccessInput) (*ec2.EnableImageBlockPublicAccessOutput, error) + EnableImageBlockPublicAccessWithContext(aws.Context, *ec2.EnableImageBlockPublicAccessInput, ...request.Option) (*ec2.EnableImageBlockPublicAccessOutput, error) + EnableImageBlockPublicAccessRequest(*ec2.EnableImageBlockPublicAccessInput) (*request.Request, *ec2.EnableImageBlockPublicAccessOutput) + EnableImageDeprecation(*ec2.EnableImageDeprecationInput) (*ec2.EnableImageDeprecationOutput, error) EnableImageDeprecationWithContext(aws.Context, *ec2.EnableImageDeprecationInput, ...request.Option) (*ec2.EnableImageDeprecationOutput, error) EnableImageDeprecationRequest(*ec2.EnableImageDeprecationInput) (*request.Request, *ec2.EnableImageDeprecationOutput) @@ -2102,6 +2110,10 @@ type EC2API interface { GetHostReservationPurchasePreviewWithContext(aws.Context, *ec2.GetHostReservationPurchasePreviewInput, ...request.Option) (*ec2.GetHostReservationPurchasePreviewOutput, error) GetHostReservationPurchasePreviewRequest(*ec2.GetHostReservationPurchasePreviewInput) (*request.Request, *ec2.GetHostReservationPurchasePreviewOutput) + GetImageBlockPublicAccessState(*ec2.GetImageBlockPublicAccessStateInput) (*ec2.GetImageBlockPublicAccessStateOutput, error) + GetImageBlockPublicAccessStateWithContext(aws.Context, *ec2.GetImageBlockPublicAccessStateInput, ...request.Option) (*ec2.GetImageBlockPublicAccessStateOutput, error) + GetImageBlockPublicAccessStateRequest(*ec2.GetImageBlockPublicAccessStateInput) (*request.Request, *ec2.GetImageBlockPublicAccessStateOutput) + GetInstanceTypesFromInstanceRequirements(*ec2.GetInstanceTypesFromInstanceRequirementsInput) (*ec2.GetInstanceTypesFromInstanceRequirementsOutput, error) GetInstanceTypesFromInstanceRequirementsWithContext(aws.Context, *ec2.GetInstanceTypesFromInstanceRequirementsInput, ...request.Option) (*ec2.GetInstanceTypesFromInstanceRequirementsOutput, error) GetInstanceTypesFromInstanceRequirementsRequest(*ec2.GetInstanceTypesFromInstanceRequirementsInput) (*request.Request, *ec2.GetInstanceTypesFromInstanceRequirementsOutput) diff --git a/service/eventbridge/api.go b/service/eventbridge/api.go index 7928047d433..6c1866fe559 100644 --- a/service/eventbridge/api.go +++ b/service/eventbridge/api.go @@ -6311,7 +6311,11 @@ type ConnectionBodyParameter struct { Key *string `type:"string"` // The value associated with the key. - Value *string `type:"string"` + // + // Value is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ConnectionBodyParameter's + // String and GoString methods. + Value *string `type:"string" sensitive:"true"` } // String returns the string representation. @@ -6362,7 +6366,11 @@ type ConnectionHeaderParameter struct { Key *string `type:"string"` // The value associated with the key. - Value *string `type:"string"` + // + // Value is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ConnectionHeaderParameter's + // String and GoString methods. + Value *string `type:"string" sensitive:"true"` } // String returns the string representation. @@ -6559,7 +6567,11 @@ type ConnectionQueryStringParameter struct { Key *string `type:"string"` // The value associated with the key for the query string parameter. - Value *string `type:"string"` + // + // Value is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ConnectionQueryStringParameter's + // String and GoString methods. + Value *string `type:"string" sensitive:"true"` } // String returns the string representation. @@ -6939,8 +6951,12 @@ type CreateConnectionApiKeyAuthRequestParameters struct { // The value for the API key to use for authorization. // + // ApiKeyValue is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateConnectionApiKeyAuthRequestParameters's + // String and GoString methods. + // // ApiKeyValue is a required field - ApiKeyValue *string `min:"1" type:"string" required:"true"` + ApiKeyValue *string `min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -7091,8 +7107,12 @@ type CreateConnectionBasicAuthRequestParameters struct { // The password associated with the user name to use for Basic authorization. // + // Password is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateConnectionBasicAuthRequestParameters's + // String and GoString methods. + // // Password is a required field - Password *string `min:"1" type:"string" required:"true"` + Password *string `min:"1" type:"string" required:"true" sensitive:"true"` // The user name to use for Basic authorization. // @@ -7258,8 +7278,12 @@ type CreateConnectionOAuthClientRequestParameters struct { // The client secret associated with the client ID to use for OAuth authorization // for the connection. // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateConnectionOAuthClientRequestParameters's + // String and GoString methods. + // // ClientSecret is a required field - ClientSecret *string `min:"1" type:"string" required:"true"` + ClientSecret *string `min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -16962,7 +16986,11 @@ type UpdateConnectionApiKeyAuthRequestParameters struct { ApiKeyName *string `min:"1" type:"string"` // The value associated with teh API key to use for authorization. - ApiKeyValue *string `min:"1" type:"string"` + // + // ApiKeyValue is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateConnectionApiKeyAuthRequestParameters's + // String and GoString methods. + ApiKeyValue *string `min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -17104,7 +17132,11 @@ type UpdateConnectionBasicAuthRequestParameters struct { _ struct{} `type:"structure"` // The password associated with the user name to use for Basic authorization. - Password *string `min:"1" type:"string"` + // + // Password is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateConnectionBasicAuthRequestParameters's + // String and GoString methods. + Password *string `min:"1" type:"string" sensitive:"true"` // The user name to use for Basic authorization. Username *string `min:"1" type:"string"` @@ -17245,7 +17277,11 @@ type UpdateConnectionOAuthClientRequestParameters struct { ClientID *string `min:"1" type:"string"` // The client secret assciated with the client ID to use for OAuth authorization. - ClientSecret *string `min:"1" type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateConnectionOAuthClientRequestParameters's + // String and GoString methods. + ClientSecret *string `min:"1" type:"string" sensitive:"true"` } // String returns the string representation. diff --git a/service/kendra/api.go b/service/kendra/api.go index eded51e9276..29649f586ba 100644 --- a/service/kendra/api.go +++ b/service/kendra/api.go @@ -270,7 +270,12 @@ func (c *Kendra) BatchDeleteDocumentRequest(input *BatchDeleteDocumentInput) (re // // The documents are deleted asynchronously. You can see the progress of the // deletion by using Amazon Web Services CloudWatch. Any error messages related -// to the processing of the batch are sent to you CloudWatch log. +// to the processing of the batch are sent to your Amazon Web Services CloudWatch +// log. You can also use the BatchGetDocumentStatus API to monitor the progress +// of deleting your documents. +// +// Deleting documents from an index using BatchDeleteDocument could take up +// to an hour or more, depending on the number of documents you want to delete. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -593,6 +598,8 @@ func (c *Kendra) BatchPutDocumentRequest(input *BatchPutDocumentInput) (req *req // The documents are indexed asynchronously. You can see the progress of the // batch using Amazon Web Services CloudWatch. Any error messages related to // processing the batch are sent to your Amazon Web Services CloudWatch log. +// You can also use the BatchGetDocumentStatus API to monitor the progress of +// indexing your documents. // // For an example of ingesting inline documents using Python and Java SDKs, // see Adding files directly to an index (https://docs.aws.amazon.com/kendra/latest/dg/in-adding-binary-doc.html). @@ -1407,8 +1414,8 @@ func (c *Kendra) CreateIndexRequest(input *CreateIndexInput) (req *request.Reque // from a call to DescribeIndex. The Status field is set to ACTIVE when the // index is ready to use. // -// Once the index is active you can index your documents using the BatchPutDocument -// API or using one of the supported data sources. +// Once the index is active, you can index your documents using the BatchPutDocument +// API or using one of the supported data sources (https://docs.aws.amazon.com/kendra/latest/dg/data-sources.html). // // For an example of creating an index and data source using the Python SDK, // see Getting started with Python SDK (https://docs.aws.amazon.com/kendra/latest/dg/gs-python.html). @@ -1865,6 +1872,10 @@ func (c *Kendra) DeleteDataSourceRequest(input *DeleteDataSourceInput) (req *req // deleted, the Status field returned by a call to the DescribeDataSource API // is set to DELETING. For more information, see Deleting Data Sources (https://docs.aws.amazon.com/kendra/latest/dg/delete-data-source.html). // +// Deleting an entire data source or re-syncing your index after deleting specific +// documents from a data source could take up to an hour or more, depending +// on the number of documents you want to delete. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6238,8 +6249,8 @@ func (c *Kendra) RetrieveRequest(input *RetrieveInput) (req *request.Request, ou // doesn't include question-answer or FAQ type responses from your index. The // passages are text excerpts that can be semantically extracted from multiple // documents and multiple parts of the same document. If in extreme cases your -// documents produce no relevant passages using the Retrieve API, you can alternatively -// use the Query API. +// documents produce zero passages using the Retrieve API, you can alternatively +// use the Query API and its types of responses. // // You can also do the following: // @@ -6252,6 +6263,11 @@ func (c *Kendra) RetrieveRequest(input *RetrieveInput) (req *request.Request, ou // You can also include certain fields in the response that might provide useful // additional information. // +// The Retrieve API shares the number of query capacity units (https://docs.aws.amazon.com/kendra/latest/APIReference/API_CapacityUnitsConfiguration.html) +// that you set for your index. For more information on what's included in a +// single capacity unit and the default base capacity for an index, see Adjusting +// capacity (https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6361,6 +6377,10 @@ func (c *Kendra) StartDataSourceSyncJobRequest(input *StartDataSourceSyncJobInpu // job is already in progress, Amazon Kendra returns a ResourceInUseException // exception. // +// Re-syncing your data source with your index after modifying, adding, or deleting +// documents from your data source respository could take up to an hour or more, +// depending on the number of documents to sync. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -8517,61 +8537,77 @@ func (s *AssociatePersonasToEntitiesOutput) SetFailedEntityList(v []*FailedEntit return s } -// Provides filtering the query results based on document attributes or metadata -// fields. +// Filters the search results based on document attributes or fields. // -// When you use the AndAllFilters or OrAllFilters, filters you can use 2 layers -// under the first attribute filter. For example, you can use: +// You can filter results using attributes for your particular documents. The +// attributes must exist in your index. For example, if your documents include +// the custom attribute "Department", you can filter documents that belong to +// the "HR" department. You would use the EqualsTo operation to filter results +// or documents with "Department" equals to "HR". // -//