Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest in hardware up front, so you can develop and deploy applications faster.
To learn more, see the following resources:
Amazon EC2: AmazonEC2 product page, Amazon EC2 documentation
Amazon EBS: Amazon EBS product page, Amazon EBS documentation
Amazon VPC: Amazon VPC product page, Amazon VPC documentation
AWS VPN: AWS VPN product page, AWS VPN documentation
Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing capacity in the AWS Cloud. Using Amazon EC2 eliminates the need to invest in hardware up front, so you can develop and deploy applications faster. Amazon Virtual Private Cloud (Amazon VPC) enables you to provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you've defined. Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with EC2 instances. EBS volumes are highly available and reliable storage volumes that can be attached to any running instance and used like a hard drive.
To learn more, see the following resources:
Amazon EC2: AmazonEC2 product page, Amazon EC2 documentation
Amazon EBS: Amazon EBS product page, Amazon EBS documentation
Amazon VPC: Amazon VPC product page, Amazon VPC documentation
AWS VPN: AWS VPN product page, AWS VPN documentation
Accepts the Convertible Reserved Instance exchange quote described in the GetReservedInstancesExchangeQuote call.
", "AcceptTransitGatewayMulticastDomainAssociations": "Accepts a request to associate subnets with a transit gateway multicast domain.
", @@ -392,7 +392,7 @@ "PurchaseReservedInstancesOffering": "Purchases a Reserved Instance for use with your account. With Reserved Instances, you pay a lower hourly rate compared to On-Demand instance pricing.
Use DescribeReservedInstancesOfferings to get a list of Reserved Instance offerings that match your specifications. After you've purchased a Reserved Instance, you can check for your new Reserved Instance with DescribeReservedInstances.
To queue a purchase for a future date and time, specify a purchase time. If you do not specify a purchase time, the default is the current time.
For more information, see Reserved Instances and Reserved Instance Marketplace in the Amazon EC2 User Guide.
", "PurchaseScheduledInstances": "Purchases the Scheduled Instances with the specified schedule.
Scheduled Instances enable you to purchase Amazon EC2 compute capacity by the hour for a one-year term. Before you can purchase a Scheduled Instance, you must call DescribeScheduledInstanceAvailability to check for available schedules and obtain a purchase token. After you purchase a Scheduled Instance, you must call RunScheduledInstances during each scheduled time period.
After you purchase a Scheduled Instance, you can't cancel, modify, or resell your purchase.
", "RebootInstances": "Requests a reboot of the specified instances. This operation is asynchronous; it only queues a request to reboot the specified instances. The operation succeeds if the instances are valid and belong to you. Requests to reboot terminated instances are ignored.
If an instance does not cleanly shut down within a few minutes, Amazon EC2 performs a hard reboot.
For more information about troubleshooting, see Getting console output and rebooting instances in the Amazon EC2 User Guide.
", - "RegisterImage": "Registers an AMI. When you're creating an AMI, this is the final step you must complete before you can launch an instance from the AMI. For more information about creating AMIs, see Creating your own AMIs in the Amazon Elastic Compute Cloud User Guide.
For Amazon EBS-backed instances, CreateImage creates and registers the AMI in a single request, so you don't have to register the AMI yourself.
You can also use RegisterImage to create an Amazon EBS-backed Linux AMI from a snapshot of a root device volume. You specify the snapshot using the block device mapping. For more information, see Launching a Linux instance from a backup in the Amazon Elastic Compute Cloud User Guide.
If any snapshots have AWS Marketplace product codes, they are copied to the new AMI.
Windows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code associated with an AMI to verify the subscription status for package updates. To create a new AMI for operating systems that require a billing product code, instead of registering the AMI, do the following to preserve the billing product code association:
Launch an instance from an existing AMI with that billing product code.
Customize the instance.
Create an AMI from the instance using CreateImage.
If you purchase a Reserved Instance to apply to an On-Demand Instance that was launched from an AMI with a billing product code, make sure that the Reserved Instance has the matching billing product code. If you purchase a Reserved Instance without the matching billing product code, the Reserved Instance will not be applied to the On-Demand Instance. For information about how to obtain the platform details and billing information of an AMI, see Obtaining billing information in the Amazon Elastic Compute Cloud User Guide.
If needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. If you make changes to an image, deregister the previous image and register the new image.
", + "RegisterImage": "Registers an AMI. When you're creating an AMI, this is the final step you must complete before you can launch an instance from the AMI. For more information about creating AMIs, see Creating your own AMIs in the Amazon Elastic Compute Cloud User Guide.
For Amazon EBS-backed instances, CreateImage creates and registers the AMI in a single request, so you don't have to register the AMI yourself.
If needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. If you make changes to an image, deregister the previous image and register the new image.
Register a snapshot of a root device volume
You can use RegisterImage to create an Amazon EBS-backed Linux AMI from a snapshot of a root device volume. You specify the snapshot using a block device mapping. You can't set the encryption state of the volume using the block device mapping. If the snapshot is encrypted, or encryption by default is enabled, the root volume of an instance launched from the AMI is encrypted.
For more information, see Create a Linux AMI from a snapshot and Use encryption with EBS-backed AMIs in the Amazon Elastic Compute Cloud User Guide.
AWS Marketplace product codes
If any snapshots have AWS Marketplace product codes, they are copied to the new AMI.
Windows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code associated with an AMI to verify the subscription status for package updates. To create a new AMI for operating systems that require a billing product code, instead of registering the AMI, do the following to preserve the billing product code association:
Launch an instance from an existing AMI with that billing product code.
Customize the instance.
Create an AMI from the instance using CreateImage.
If you purchase a Reserved Instance to apply to an On-Demand Instance that was launched from an AMI with a billing product code, make sure that the Reserved Instance has the matching billing product code. If you purchase a Reserved Instance without the matching billing product code, the Reserved Instance will not be applied to the On-Demand Instance. For information about how to obtain the platform details and billing information of an AMI, see Obtaining billing information in the Amazon Elastic Compute Cloud User Guide.
", "RegisterInstanceEventNotificationAttributes": "Registers a set of tag keys to include in scheduled event notifications for your resources.
To remove tags, use .
", "RegisterTransitGatewayMulticastGroupMembers": "Registers members (network interfaces) with the transit gateway multicast group. A member is a network interface associated with a supported EC2 instance that receives multicast traffic. For information about supported instances, see Multicast Consideration in Amazon VPC Transit Gateways.
After you add the members, use SearchTransitGatewayMulticastGroups to verify that the members were added to the transit gateway multicast group.
", "RegisterTransitGatewayMulticastGroupSources": "Registers sources (network interfaces) with the specified transit gateway multicast group.
A multicast source is a network interface attached to a supported instance that sends multicast traffic. For information about supported instances, see Multicast Considerations in Amazon VPC Transit Gateways.
After you add the source, use SearchTransitGatewayMulticastGroups to verify that the source was added to the multicast group.
", @@ -1319,7 +1319,7 @@ "base": null, "refs": { "CreateImageRequest$BlockDeviceMappings": "The block device mappings. This parameter cannot be used to modify the encryption status of existing volumes or snapshots. To create an AMI with encrypted snapshots, use the CopyImage action.
", - "RegisterImageRequest$BlockDeviceMappings": "The block device mapping entries.
If you create an AMI on an Outpost, then all backing snapshots must be on the same Outpost or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can be used to launch instances on the same Outpost only. For more information, Amazon EBS local snapshots on Outposts in the Amazon Elastic Compute Cloud User Guide.
", + "RegisterImageRequest$BlockDeviceMappings": "The block device mapping entries.
If you specify an EBS volume using the ID of an EBS snapshot, you can't specify the encryption state of the volume.
If you create an AMI on an Outpost, then all backing snapshots must be on the same Outpost or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can be used to launch instances on the same Outpost only. For more information, Amazon EBS local snapshots on Outposts in the Amazon Elastic Compute Cloud User Guide.
", "RunInstancesRequest$BlockDeviceMappings": "The block device mapping entries.
" } }, @@ -1445,7 +1445,7 @@ "CreateVolumeRequest$MultiAttachEnabled": "Indicates whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the volume to up to 16 Instances built on the Nitro System in the same Availability Zone. This parameter is supported with io1 and io2 volumes only. For more information, see Amazon EBS Multi-Attach in the Amazon Elastic Compute Cloud User Guide.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
(Interface endpoint) Indicates whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, kinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.
To use a private hosted zone, you must set the following VPC attributes to true: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to set the VPC attributes.
Private DNS is not supported for Amazon S3 interface endpoints.
Default: true for supported endpoints
(Interface endpoint) Indicates whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, kinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.
To use a private hosted zone, you must set the following VPC attributes to true: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to set the VPC attributes.
Default: true
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether requests from service consumers to create an endpoint to your service must be accepted. To accept a request, use AcceptVpcEndpointConnections.
", "CreateVpcPeeringConnectionRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
(Gateway endpoint) Specify true to reset the policy document to the default policy. The default policy allows full access to the service.
(Interface endpoint) Indicates whether a private hosted zone is associated with the VPC.
Private DNS is not supported for Amazon S3 interface endpoints.
(Interface endpoint) Indicates whether a private hosted zone is associated with the VPC.
", "ModifyVpcEndpointResult$Return": "Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
(Interface endpoint configuration) Removes the private DNS name of the endpoint service.
", @@ -6548,9 +6548,9 @@ } }, "ExportTask": { - "base": "Describes an instance export task.
", + "base": "Describes an export instance task.
", "refs": { - "CreateInstanceExportTaskResult$ExportTask": "Information about the instance export task.
", + "CreateInstanceExportTaskResult$ExportTask": "Information about the export instance task.
", "ExportTaskList$member": null } }, @@ -6592,15 +6592,15 @@ } }, "ExportToS3Task": { - "base": "Describes the format and location for an instance export task.
", + "base": "Describes the format and location for the export task.
", "refs": { "ExportTask$ExportToS3Task": "Information about the export task.
" } }, "ExportToS3TaskSpecification": { - "base": "Describes an instance export task.
", + "base": "Describes an export instance task.
", "refs": { - "CreateInstanceExportTaskRequest$ExportToS3Task": "The format and location for an instance export task.
" + "CreateInstanceExportTaskRequest$ExportToS3Task": "The format and location for an export instance task.
" } }, "ExportTransitGatewayRoutesRequest": { @@ -6652,7 +6652,7 @@ } }, "Filter": { - "base": "A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
", "refs": { "FilterList$member": null } @@ -6713,7 +6713,7 @@ "DescribeNetworkInsightsAnalysesRequest$Filters": "The filters. The following are possible values:
PathFound - A Boolean value that indicates whether a feasible path is found.
Status - The status of the analysis (running | succeeded | failed).
The filters. The following are possible values:
Destination - The ID of the resource.
DestinationPort - The destination port.
Name - The path name.
Protocol - The protocol.
Source - The ID of the resource.
One or more filters.
network-interface-permission.network-interface-permission-id - The ID of the permission.
network-interface-permission.network-interface-id - The ID of the network interface.
network-interface-permission.aws-account-id - The AWS account ID.
network-interface-permission.aws-service - The AWS service.
network-interface-permission.permission - The type of permission (INSTANCE-ATTACH | EIP-ASSOCIATE).
One or more filters.
addresses.private-ip-address - The private IPv4 addresses associated with the network interface.
addresses.primary - Whether the private IPv4 address is the primary IP address associated with the network interface.
addresses.association.public-ip - The association ID returned when the network interface was associated with the Elastic IP address (IPv4).
addresses.association.owner-id - The owner ID of the addresses associated with the network interface.
association.association-id - The association ID returned when the network interface was associated with an IPv4 address.
association.allocation-id - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
association.ip-owner-id - The owner of the Elastic IP address (IPv4) associated with the network interface.
association.public-ip - The address of the Elastic IP address (IPv4) bound to the network interface.
association.public-dns-name - The public DNS name for the network interface (IPv4).
attachment.attachment-id - The ID of the interface attachment.
attachment.attach-time - The time that the network interface was attached to an instance.
attachment.delete-on-termination - Indicates whether the attachment is deleted when an instance is terminated.
attachment.device-index - The device index to which the network interface is attached.
attachment.instance-id - The ID of the instance to which the network interface is attached.
attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.
attachment.status - The status of the attachment (attaching | attached | detaching | detached).
availability-zone - The Availability Zone of the network interface.
description - The description of the network interface.
group-id - The ID of a security group associated with the network interface.
group-name - The name of a security group associated with the network interface.
ipv6-addresses.ipv6-address - An IPv6 address associated with the network interface.
mac-address - The MAC address of the network interface.
network-interface-id - The ID of the network interface.
owner-id - The AWS account ID of the network interface owner.
private-ip-address - The private IPv4 address or addresses of the network interface.
private-dns-name - The private DNS name of the network interface (IPv4).
requester-id - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).
requester-managed - Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).
source-dest-check - Indicates whether the network interface performs source/destination checking. A value of true means checking is enabled, and false means checking is disabled. The value must be false for the network interface to perform network address translation (NAT) in your VPC.
status - The status of the network interface. If the network interface is not attached to an instance, the status is available; if a network interface is attached to an instance the status is in-use.
subnet-id - The ID of the subnet for the network interface.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the network interface.
One or more filters.
addresses.private-ip-address - The private IPv4 addresses associated with the network interface.
addresses.primary - Whether the private IPv4 address is the primary IP address associated with the network interface.
addresses.association.public-ip - The association ID returned when the network interface was associated with the Elastic IP address (IPv4).
addresses.association.owner-id - The owner ID of the addresses associated with the network interface.
association.association-id - The association ID returned when the network interface was associated with an IPv4 address.
association.allocation-id - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
association.ip-owner-id - The owner of the Elastic IP address (IPv4) associated with the network interface.
association.public-ip - The address of the Elastic IP address (IPv4) bound to the network interface.
association.public-dns-name - The public DNS name for the network interface (IPv4).
attachment.attachment-id - The ID of the interface attachment.
attachment.attach-time - The time that the network interface was attached to an instance.
attachment.delete-on-termination - Indicates whether the attachment is deleted when an instance is terminated.
attachment.device-index - The device index to which the network interface is attached.
attachment.instance-id - The ID of the instance to which the network interface is attached.
attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.
attachment.status - The status of the attachment (attaching | attached | detaching | detached).
availability-zone - The Availability Zone of the network interface.
description - The description of the network interface.
group-id - The ID of a security group associated with the network interface.
group-name - The name of a security group associated with the network interface.
ipv6-addresses.ipv6-address - An IPv6 address associated with the network interface.
mac-address - The MAC address of the network interface.
network-interface-id - The ID of the network interface.
owner-id - The AWS account ID of the network interface owner.
private-ip-address - The private IPv4 address or addresses of the network interface.
private-dns-name - The private DNS name of the network interface (IPv4).
requester-id - The alias or AWS account ID of the principal or service that created the network interface.
requester-managed - Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).
source-dest-check - Indicates whether the network interface performs source/destination checking. A value of true means checking is enabled, and false means checking is disabled. The value must be false for the network interface to perform network address translation (NAT) in your VPC.
status - The status of the network interface. If the network interface is not attached to an instance, the status is available; if a network interface is attached to an instance the status is in-use.
subnet-id - The ID of the subnet for the network interface.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the network interface.
The filters.
group-name - The name of the placement group.
state - The state of the placement group (pending | available | deleting | deleted).
strategy - The strategy of the placement group (cluster | spread | partition).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.
One or more filters.
prefix-list-id: The ID of a prefix list.
prefix-list-name: The name of a prefix list.
One or more filters.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
association.route-table-association-id - The ID of an association ID for the route table.
association.route-table-id - The ID of the route table involved in the association.
association.subnet-id - The ID of the subnet involved in the association.
association.main - Indicates whether the route table is the main route table for the VPC (true | false). Route tables that do not have an association ID are not returned in the response.
owner-id - The ID of the AWS account that owns the route table.
route-table-id - The ID of the route table.
route.destination-cidr-block - The IPv4 CIDR range specified in a route in the table.
route.destination-ipv6-cidr-block - The IPv6 CIDR range specified in a route in the route table.
route.destination-prefix-list-id - The ID (prefix) of the AWS service specified in a route in the table.
route.egress-only-internet-gateway-id - The ID of an egress-only Internet gateway specified in a route in the route table.
route.gateway-id - The ID of a gateway specified in a route in the table.
route.instance-id - The ID of an instance specified in a route in the table.
route.nat-gateway-id - The ID of a NAT gateway.
route.transit-gateway-id - The ID of a transit gateway.
route.origin - Describes how the route was created. CreateRouteTable indicates that the route was automatically created when the route table was created; CreateRoute indicates that the route was manually added to the route table; EnableVgwRoutePropagation indicates that the route was propagated by route propagation.
route.state - The state of a route in the route table (active | blackhole). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).
route.vpc-peering-connection-id - The ID of a VPC peering connection specified in a route in the table.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the route table.
The filters.
availability-zone - The Availability Zone (for example, us-west-2a).
instance-type - The instance type (for example, c4.large).
network-platform - The network platform (EC2-Classic or EC2-VPC).
platform - The platform (Linux/UNIX or Windows).
The filters.
availability-zone - The Availability Zone (for example, us-west-2a).
instance-type - The instance type (for example, c4.large).
network-platform - The network platform (EC2-Classic or EC2-VPC).
platform - The platform (Linux/UNIX or Windows).
The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.
description - The description of the security group.
egress.ip-permission.cidr - An IPv4 CIDR block for an outbound security group rule.
egress.ip-permission.from-port - For an outbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
egress.ip-permission.group-id - The ID of a security group that has been referenced in an outbound security group rule.
egress.ip-permission.group-name - The name of a security group that has been referenced in an outbound security group rule.
egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound security group rule.
egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.
egress.ip-permission.protocol - The IP protocol for an outbound security group rule (tcp | udp | icmp or a protocol number).
egress.ip-permission.to-port - For an outbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
egress.ip-permission.user-id - The ID of an AWS account that has been referenced in an outbound security group rule.
group-id - The ID of the security group.
group-name - The name of the security group.
ip-permission.cidr - An IPv4 CIDR block for an inbound security group rule.
ip-permission.from-port - For an inbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
ip-permission.group-id - The ID of a security group that has been referenced in an inbound security group rule.
ip-permission.group-name - The name of a security group that has been referenced in an inbound security group rule.
ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security group rule.
ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.
ip-permission.protocol - The IP protocol for an inbound security group rule (tcp | udp | icmp or a protocol number).
ip-permission.to-port - For an inbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
ip-permission.user-id - The ID of an AWS account that has been referenced in an inbound security group rule.
owner-id - The AWS account ID of the owner of the security group.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC specified when the security group was created.
The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.
description - The description of the security group.
egress.ip-permission.cidr - An IPv4 CIDR block for an outbound security group rule.
egress.ip-permission.from-port - For an outbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
egress.ip-permission.group-id - The ID of a security group that has been referenced in an outbound security group rule.
egress.ip-permission.group-name - The name of a security group that is referenced in an outbound security group rule.
egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound security group rule.
egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.
egress.ip-permission.protocol - The IP protocol for an outbound security group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols).
egress.ip-permission.to-port - For an outbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
egress.ip-permission.user-id - The ID of an AWS account that has been referenced in an outbound security group rule.
group-id - The ID of the security group.
group-name - The name of the security group.
ip-permission.cidr - An IPv4 CIDR block for an inbound security group rule.
ip-permission.from-port - For an inbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
ip-permission.group-id - The ID of a security group that has been referenced in an inbound security group rule.
ip-permission.group-name - The name of a security group that is referenced in an inbound security group rule.
ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security group rule.
ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.
ip-permission.protocol - The IP protocol for an inbound security group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols).
ip-permission.to-port - For an inbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
ip-permission.user-id - The ID of an AWS account that has been referenced in an inbound security group rule.
owner-id - The AWS account ID of the owner of the security group.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC specified when the security group was created.
The filters.
description - A description of the snapshot.
encrypted - Indicates whether the snapshot is encrypted (true | false)
owner-alias - The owner alias, from an Amazon-maintained list (amazon). This is not the user-configured AWS account alias set using the IAM console. We recommend that you use the related parameter instead of this filter.
owner-id - The AWS account ID of the owner. We recommend that you use the related parameter instead of this filter.
progress - The progress of the snapshot, as a percentage (for example, 80%).
snapshot-id - The snapshot ID.
start-time - The time stamp when the snapshot was initiated.
status - The status of the snapshot (pending | completed | error).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
volume-id - The ID of the volume the snapshot is for.
volume-size - The size of the volume, in GiB.
One or more filters.
availability-zone-group - The Availability Zone group.
create-time - The time stamp when the Spot Instance request was created.
fault-code - The fault code related to the request.
fault-message - The fault message related to the request.
instance-id - The ID of the instance that fulfilled the request.
launch-group - The Spot Instance launch group.
launch.block-device-mapping.delete-on-termination - Indicates whether the EBS volume is deleted on instance termination.
launch.block-device-mapping.device-name - The device name for the volume in the block device mapping (for example, /dev/sdh or xvdh).
launch.block-device-mapping.snapshot-id - The ID of the snapshot for the EBS volume.
launch.block-device-mapping.volume-size - The size of the EBS volume, in GiB.
launch.block-device-mapping.volume-type - The type of EBS volume: gp2 for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1for Cold HDD, or standard for Magnetic.
launch.group-id - The ID of the security group for the instance.
launch.group-name - The name of the security group for the instance.
launch.image-id - The ID of the AMI.
launch.instance-type - The type of instance (for example, m3.medium).
launch.kernel-id - The kernel ID.
launch.key-name - The name of the key pair the instance launched with.
launch.monitoring-enabled - Whether detailed monitoring is enabled for the Spot Instance.
launch.ramdisk-id - The RAM disk ID.
launched-availability-zone - The Availability Zone in which the request is launched.
network-interface.addresses.primary - Indicates whether the IP address is the primary private IP address.
network-interface.delete-on-termination - Indicates whether the network interface is deleted when the instance is terminated.
network-interface.description - A description of the network interface.
network-interface.device-index - The index of the device for the network interface attachment on the instance.
network-interface.group-id - The ID of the security group associated with the network interface.
network-interface.network-interface-id - The ID of the network interface.
network-interface.private-ip-address - The primary private IP address of the network interface.
network-interface.subnet-id - The ID of the subnet for the instance.
product-description - The product description associated with the instance (Linux/UNIX | Windows).
spot-instance-request-id - The Spot Instance request ID.
spot-price - The maximum hourly price for any Spot Instance launched to fulfill the request.
state - The state of the Spot Instance request (open | active | closed | cancelled | failed). Spot request status information can help you track your Amazon EC2 Spot Instance requests. For more information, see Spot request status in the Amazon EC2 User Guide for Linux Instances.
status-code - The short code describing the most recent evaluation of your Spot Instance request.
status-message - The message explaining the status of the Spot Instance request.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type - The type of Spot Instance request (one-time | persistent).
valid-from - The start date of the request.
valid-until - The end date of the request.
One or more filters.
availability-zone - The Availability Zone for which prices should be returned.
instance-type - The type of instance (for example, m3.medium).
product-description - The product description for the Spot price (Linux/UNIX | Red Hat Enterprise Linux | SUSE Linux | Windows | Linux/UNIX (Amazon VPC) | Red Hat Enterprise Linux (Amazon VPC) | SUSE Linux (Amazon VPC) | Windows (Amazon VPC)).
spot-price - The Spot price. The value must match exactly (or use wildcards; greater than or less than comparison is not supported).
timestamp - The time stamp of the Spot price history, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). You can use wildcards (* and ?). Greater than or less than comparison is not supported.
One or more filters.
service-id - The ID of the service.
vpc-endpoint-owner - The AWS account number of the owner of the endpoint.
vpc-endpoint-state - The state of the endpoint (pendingAcceptance | pending | available | deleting | deleted | rejected | failed).
vpc-endpoint-id - The ID of the endpoint.
One or more filters.
service-name - The name of the service.
service-id - The ID of the service.
service-state - The state of the service (Pending | Available | Deleting | Deleted | Failed).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
principal - The ARN of the principal.
principal-type - The principal type (All | Service | OrganizationUnit | Account | User | Role).
One or more filters.
service-name - The name of the service.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
service-name - The name of the service.
service-type - The type of service (Interface | Gateway).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
service-name - The name of the service.
vpc-id - The ID of the VPC in which the endpoint resides.
vpc-endpoint-id - The ID of the endpoint.
vpc-endpoint-state - The state of the endpoint (pendingAcceptance | pending | available | deleting | deleted | rejected | failed).
vpc-endpoint-type - The type of VPC endpoint (Interface | Gateway | GatewayLoadBalancer).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
accepter-vpc-info.cidr-block - The IPv4 CIDR block of the accepter VPC.
accepter-vpc-info.owner-id - The AWS account ID of the owner of the accepter VPC.
accepter-vpc-info.vpc-id - The ID of the accepter VPC.
expiration-time - The expiration date and time for the VPC peering connection.
requester-vpc-info.cidr-block - The IPv4 CIDR block of the requester's VPC.
requester-vpc-info.owner-id - The AWS account ID of the owner of the requester VPC.
requester-vpc-info.vpc-id - The ID of the requester VPC.
status-code - The status of the VPC peering connection (pending-acceptance | failed | expired | provisioning | active | deleting | deleted | rejected).
status-message - A message that provides more information about the status of the VPC peering connection, if applicable.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-peering-connection-id - The ID of the VPC peering connection.
One or more filters.
cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28).
cidr-block-association.cidr-block - An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id - The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state - The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id - The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.ipv6-pool - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
ipv6-cidr-block-association.association-id - The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the VPC.
isDefault - Indicates whether the VPC is the default VPC.
owner-id - The ID of the AWS account that owns the VPC.
state - The state of the VPC (pending | available).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC.
The IAM instance profile.
", "ReplaceIamInstanceProfileAssociationRequest$IamInstanceProfile": "The IAM instance profile.
", "RequestSpotLaunchSpecification$IamInstanceProfile": "The IAM instance profile.
", - "RunInstancesRequest$IamInstanceProfile": "The IAM instance profile.
", + "RunInstancesRequest$IamInstanceProfile": "The name or Amazon Resource Name (ARN) of an IAM instance profile.
", "SpotFleetLaunchSpecification$IamInstanceProfile": "The IAM instance profile.
" } }, @@ -8069,7 +8069,7 @@ "InstanceId": { "base": null, "refs": { - "AssociateAddressRequest$InstanceId": "The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.
", + "AssociateAddressRequest$InstanceId": "The ID of the instance. The instance must have exactly one attached network interface. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. For EC2-Classic, you must specify an instance ID and the instance must be in the running state.
", "AssociateIamInstanceProfileRequest$InstanceId": "The ID of the instance.
", "AttachClassicLinkVpcRequest$InstanceId": "The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC.
", "AttachNetworkInterfaceRequest$InstanceId": "The ID of the instance.
", @@ -8483,7 +8483,7 @@ "refs": { "AllocateHostsRequest$Quantity": "The number of Dedicated Hosts to allocate to your account with these parameters.
", "AnalysisAclRule$RuleNumber": "The rule number.
", - "AssignIpv6AddressesRequest$Ipv6AddressCount": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
", + "AssignIpv6AddressesRequest$Ipv6AddressCount": "The number of additional IPv6 addresses to assign to the network interface. The specified number of IPv6 addresses are assigned in addition to the existing IPv6 addresses that are already assigned to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
", "AssignPrivateIpAddressesRequest$SecondaryPrivateIpAddressCount": "The number of secondary IP addresses to assign to the network interface. You can't specify this parameter when also specifying private IP addresses.
", "AttachNetworkInterfaceRequest$DeviceIndex": "The index of the device for the network interface attachment.
", "AttachNetworkInterfaceRequest$NetworkCardIndex": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
", @@ -8590,8 +8590,8 @@ "LaunchTemplateEbsBlockDevice$Iops": "The number of I/O operations per second (IOPS) that the volume supports.
", "LaunchTemplateEbsBlockDevice$VolumeSize": "The size of the volume, in GiB.
", "LaunchTemplateEbsBlockDevice$Throughput": "The throughput that the volume supports, in MiB/s.
", - "LaunchTemplateEbsBlockDeviceRequest$Iops": "The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3: 3,000-16,000 IOPS
io1: 100-64,000 IOPS
io2: 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is required for io1 and io2 volumes. The default for gp3 volumes is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard volumes.
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.
The following are the supported volumes sizes for each volume type:
gp2 and gp3: 1-16,384
io1 and io2: 4-16,384
st1 and sc1: 125-16,384
standard: 1-1,024
The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3: 3,000-16,000 IOPS
io1: 100-64,000 IOPS
io2: 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is supported for io1, io2, and gp3 volumes only. This parameter is not supported for gp2, st1, sc1, or standard volumes.
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:
gp2 and gp3: 1-16,384
io1 and io2: 4-16,384
st1 and sc1: 125-16,384
standard: 1-1,024
The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
Valid Range: Minimum value of 125. Maximum value of 1000.
", "LaunchTemplateElasticInferenceAcceleratorResponse$Count": "The number of elastic inference accelerators to attach to the instance.
Default: 1
", "LaunchTemplateInstanceMetadataOptions$HttpPutResponseHopLimit": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
", @@ -8864,7 +8864,7 @@ "base": null, "refs": { "AssignIpv6AddressesRequest$Ipv6Addresses": "One or more specific IPv6 addresses to be assigned to the network interface. You can't use this option if you're specifying a number of IPv6 addresses.
", - "AssignIpv6AddressesResult$AssignedIpv6Addresses": "The IPv6 addresses assigned to the network interface.
", + "AssignIpv6AddressesResult$AssignedIpv6Addresses": "The new IPv6 addresses assigned to the network interface. Existing IPv6 addresses that were assigned to the network interface before the request are not included.
", "UnassignIpv6AddressesRequest$Ipv6Addresses": "The IPv6 addresses to unassign from the network interface.
", "UnassignIpv6AddressesResult$UnassignedIpv6Addresses": "The IPv6 addresses that have been unassigned from the network interface.
" } @@ -9229,7 +9229,7 @@ "LaunchTemplateIamInstanceProfileSpecificationRequest": { "base": "An IAM instance profile.
", "refs": { - "RequestLaunchTemplateData$IamInstanceProfile": "The IAM instance profile.
" + "RequestLaunchTemplateData$IamInstanceProfile": "The name or Amazon Resource Name (ARN) of an IAM instance profile.
" } }, "LaunchTemplateId": { @@ -13283,13 +13283,13 @@ "AssignIpv6AddressesResult$NetworkInterfaceId": "The ID of the network interface.
", "AssignPrivateIpAddressesResult$NetworkInterfaceId": "The ID of the network interface.
", "AssignedPrivateIpAddress$PrivateIpAddress": "The private IP address assigned to the network interface.
", - "AssociateAddressRequest$PublicIp": "The Elastic IP address to associate with the instance. This is required for EC2-Classic.
", + "AssociateAddressRequest$PublicIp": "[EC2-Classic] The Elastic IP address to associate with the instance. This is required for EC2-Classic.
", "AssociateAddressRequest$PrivateIpAddress": "[EC2-VPC] The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.
", "AssociateAddressResult$AssociationId": "[EC2-VPC] The ID that represents the association of the Elastic IP address with an instance.
", "AssociateClientVpnTargetNetworkRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", "AssociateClientVpnTargetNetworkResult$AssociationId": "The unique ID of the target network association.
", "AssociateEnclaveCertificateIamRoleResult$CertificateS3BucketName": "The name of the Amazon S3 bucket to which the certificate was uploaded.
", - "AssociateEnclaveCertificateIamRoleResult$CertificateS3ObjectKey": "The Amazon S3 object key where the certificate, certificate chain, and encrypted private key bundle are stored. The object key is formatted as follows: certificate_arn/role_arn.
The Amazon S3 object key where the certificate, certificate chain, and encrypted private key bundle are stored. The object key is formatted as follows: role_arn/certificate_arn.
The ID of the AWS KMS CMK used to encrypt the private key of the certificate.
", "AssociateRouteTableResult$AssociationId": "The route table association ID. This ID is required for disassociating the route table.
", "AssociateSubnetCidrBlockRequest$Ipv6CidrBlock": "The IPv6 CIDR block for your subnet. The subnet must have a /64 prefix length.
", @@ -13299,7 +13299,7 @@ "AssociateVpcCidrBlockRequest$Ipv6CidrBlock": "An IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool in the request.
To let Amazon choose the IPv6 CIDR block for you, omit this parameter.
", "AssociateVpcCidrBlockResult$VpcId": "The ID of the VPC.
", "AssociatedRole$CertificateS3BucketName": "The name of the Amazon S3 bucket in which the Amazon S3 object is stored.
", - "AssociatedRole$CertificateS3ObjectKey": "The key of the Amazon S3 object ey where the certificate, certificate chain, and encrypted private key bundle is stored. The object key is formated as follows: certificate_arn/role_arn.
The key of the Amazon S3 object ey where the certificate, certificate chain, and encrypted private key bundle is stored. The object key is formated as follows: role_arn/certificate_arn.
The ID of the KMS customer master key (CMK) used to encrypt the private key.
", "AssociatedTargetNetwork$NetworkId": "The ID of the subnet.
", "AssociationStatus$Message": "A message about the status of the target network association, if applicable.
", @@ -13432,7 +13432,7 @@ "CopyFpgaImageRequest$SourceRegion": "The Region that contains the source AFI.
", "CopyFpgaImageRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
", "CopyFpgaImageResult$FpgaImageId": "The ID of the new AFI.
", - "CopyImageRequest$ClientToken": "Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see How to Ensure Idempotency in the Amazon Elastic Compute Cloud User Guide.
", + "CopyImageRequest$ClientToken": "Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see Ensuring idempotency in the Amazon EC2 API Reference.
", "CopyImageRequest$Description": "A description for the new AMI in the destination Region.
", "CopyImageRequest$Name": "The name of the new AMI in the destination Region.
", "CopyImageRequest$SourceImageId": "The ID of the AMI to copy.
", @@ -13967,7 +13967,7 @@ "ImageAttribute$ImageId": "The ID of the AMI.
", "ImageDiskContainer$Description": "The description of the disk image.
", "ImageDiskContainer$DeviceName": "The block device mapping for the disk.
", - "ImageDiskContainer$Format": "The format of the disk image being imported.
Valid values: OVA | VHD | VHDX |VMDK
The format of the disk image being imported.
Valid values: OVA | VHD | VHDX | VMDK | RAW
The URL to the Amazon S3-based disk image being imported. The URL can either be a https URL (https://..) or an Amazon S3 URL (s3://..)
", "ImportClientVpnClientCertificateRevocationListRequest$CertificateRevocationList": "The client certificate revocation list file. For more information, see Generate a Client Certificate Revocation List in the AWS Client VPN Administrator Guide.
", "ImportImageLicenseConfigurationRequest$LicenseConfigurationArn": "The ARN of a license configuration.
", @@ -14119,10 +14119,10 @@ "LaunchTemplate$CreatedBy": "The principal that created the launch template.
", "LaunchTemplateBlockDeviceMapping$DeviceName": "The device name.
", "LaunchTemplateBlockDeviceMapping$VirtualName": "The virtual device name (ephemeralN).
", - "LaunchTemplateBlockDeviceMapping$NoDevice": "Suppresses the specified device included in the block device mapping of the AMI.
", + "LaunchTemplateBlockDeviceMapping$NoDevice": "To omit the device from the block device mapping, specify an empty string.
", "LaunchTemplateBlockDeviceMappingRequest$DeviceName": "The device name (for example, /dev/sdh or xvdh).
", "LaunchTemplateBlockDeviceMappingRequest$VirtualName": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
", - "LaunchTemplateBlockDeviceMappingRequest$NoDevice": "Suppresses the specified device included in the block device mapping of the AMI.
", + "LaunchTemplateBlockDeviceMappingRequest$NoDevice": "To omit the device from the block device mapping, specify an empty string.
", "LaunchTemplateElasticInferenceAccelerator$Type": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
", "LaunchTemplateElasticInferenceAcceleratorResponse$Type": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
", "LaunchTemplateIamInstanceProfileSpecification$Arn": "The Amazon Resource Name (ARN) of the instance profile.
", @@ -14263,7 +14263,7 @@ "NetworkInterface$OwnerId": "The AWS account ID of the owner of the network interface.
", "NetworkInterface$PrivateDnsName": "The private DNS name.
", "NetworkInterface$PrivateIpAddress": "The IPv4 address of the network interface within the subnet.
", - "NetworkInterface$RequesterId": "The ID of the entity that launched the instance on your behalf (for example, AWS Management Console or Auto Scaling).
", + "NetworkInterface$RequesterId": "The alias or AWS account ID of the principal or service that created the network interface.
", "NetworkInterface$SubnetId": "The ID of the subnet.
", "NetworkInterface$VpcId": "The ID of the VPC.
", "NetworkInterfaceAssociation$AllocationId": "The allocation ID.
", @@ -14538,7 +14538,7 @@ "SnapshotDetail$StatusMessage": "A detailed status message for the snapshot creation.
", "SnapshotDetail$Url": "The URL used to access the disk image.
", "SnapshotDiskContainer$Description": "The description of the disk image being imported.
", - "SnapshotDiskContainer$Format": "The format of the disk image being imported.
Valid values: VHD | VMDK
The format of the disk image being imported.
Valid values: VHD | VMDK | RAW
The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon S3 URL (s3://..).
", "SnapshotInfo$Description": "Description specified by the CreateSnapshotRequest that has been applied to all snapshots.
", "SnapshotInfo$VolumeId": "Source volume from which this snapshot was created.
", @@ -14610,7 +14610,6 @@ "Subnet$OutpostArn": "The Amazon Resource Name (ARN) of the Outpost.
", "SubnetAssociation$SubnetId": "The ID of the subnet.
", "SubnetCidrBlockState$StatusMessage": "A message about the status of the CIDR block, if applicable.
", - "SubnetIpv6CidrBlockAssociation$AssociationId": "The association ID for the CIDR block.
", "SubnetIpv6CidrBlockAssociation$Ipv6CidrBlock": "The IPv6 CIDR block.
", "SuccessfulInstanceCreditSpecificationItem$InstanceId": "The ID of the instance.
", "SuccessfulQueuedPurchaseDeletion$ReservedInstancesId": "The ID of the Reserved Instance.
", @@ -14850,7 +14849,8 @@ "SubnetCidrAssociationId": { "base": null, "refs": { - "DisassociateSubnetCidrBlockRequest$AssociationId": "The association ID for the CIDR block.
" + "DisassociateSubnetCidrBlockRequest$AssociationId": "The association ID for the CIDR block.
", + "SubnetIpv6CidrBlockAssociation$AssociationId": "The association ID for the CIDR block.
" } }, "SubnetCidrBlockState": { @@ -14988,8 +14988,8 @@ "DhcpOptions$Tags": "Any tags assigned to the DHCP options set.
", "EgressOnlyInternetGateway$Tags": "The tags assigned to the egress-only internet gateway.
", "ElasticGpus$Tags": "The tags assigned to the Elastic Graphics accelerator.
", - "ExportImageResult$Tags": "Any tags assigned to the image being exported.
", - "ExportImageTask$Tags": "Any tags assigned to the image being exported.
", + "ExportImageResult$Tags": "Any tags assigned to the export image task.
", + "ExportImageTask$Tags": "Any tags assigned to the export image task.
", "ExportTask$Tags": "The tags for the export task.
", "FleetData$Tags": "The tags for an EC2 Fleet resource.
", "FlowLog$Tags": "The tags for the flow log.
", @@ -14997,10 +14997,10 @@ "Host$Tags": "Any tags assigned to the Dedicated Host.
", "HostReservation$Tags": "Any tags assigned to the Dedicated Host Reservation.
", "Image$Tags": "Any tags assigned to the image.
", - "ImportImageResult$Tags": "Any tags assigned to the image being imported.
", + "ImportImageResult$Tags": "Any tags assigned to the import image task.
", "ImportImageTask$Tags": "The tags for the import image task.
", "ImportKeyPairResult$Tags": "The tags applied to the imported key pair.
", - "ImportSnapshotResult$Tags": "Any tags assigned to the snapshot being imported.
", + "ImportSnapshotResult$Tags": "Any tags assigned to the import snapshot task.
", "ImportSnapshotTask$Tags": "The tags for the import snapshot task.
", "Instance$Tags": "Any tags assigned to the instance.
", "InternetGateway$Tags": "Any tags assigned to the internet gateway.
", @@ -15079,7 +15079,7 @@ "CreateFlowLogsRequest$TagSpecifications": "The tags to apply to the flow logs.
", "CreateFpgaImageRequest$TagSpecifications": "The tags to apply to the FPGA image during creation.
", "CreateImageRequest$TagSpecifications": "The tags to apply to the AMI and snapshots on creation. You can tag the AMI, the snapshots, or both.
To tag the AMI, the value for ResourceType must be image.
To tag the snapshots that are created of the root volume and of other EBS volumes that are attached to the instance, the value for ResourceType must be snapshot. The same tag is applied to all of the snapshots that are created.
If you specify other values for ResourceType, the request fails.
To tag an AMI or snapshot after it has been created, see CreateTags.
", - "CreateInstanceExportTaskRequest$TagSpecifications": "The tags to apply to the instance export task during creation.
", + "CreateInstanceExportTaskRequest$TagSpecifications": "The tags to apply to the export instance task during creation.
", "CreateInternetGatewayRequest$TagSpecifications": "The tags to assign to the internet gateway.
", "CreateKeyPairRequest$TagSpecifications": "The tags to apply to the new key pair.
", "CreateLaunchTemplateRequest$TagSpecifications": "The tags to apply to the launch template during creation.
", @@ -15112,10 +15112,10 @@ "CreateVpcRequest$TagSpecifications": "The tags to assign to the VPC.
", "CreateVpnConnectionRequest$TagSpecifications": "The tags to apply to the VPN connection.
", "CreateVpnGatewayRequest$TagSpecifications": "The tags to apply to the virtual private gateway.
", - "ExportImageRequest$TagSpecifications": "The tags to apply to the image being exported.
", - "ImportImageRequest$TagSpecifications": "The tags to apply to the image being imported.
", + "ExportImageRequest$TagSpecifications": "The tags to apply to the export image task during creation.
", + "ImportImageRequest$TagSpecifications": "The tags to apply to the import image task during creation.
", "ImportKeyPairRequest$TagSpecifications": "The tags to apply to the imported key pair.
", - "ImportSnapshotRequest$TagSpecifications": "The tags to apply to the snapshot being imported.
", + "ImportSnapshotRequest$TagSpecifications": "The tags to apply to the import snapshot task during creation.
", "ProvisionByoipCidrRequest$PoolTagSpecifications": "The tags to apply to the address pool.
", "PurchaseHostReservationRequest$TagSpecifications": "The tags to apply to the Dedicated Host Reservation during purchase.
", "RequestSpotInstancesRequest$TagSpecifications": "The key-value pair for tagging the Spot Instance request on creation. The value for ResourceType must be spot-instances-request, otherwise the Spot Instance request fails. To tag the Spot Instance request after it has been created, see CreateTags.
The volume type. This parameter can be one of the following values:
General Purpose SSD: gp2 | gp3
Provisioned IOPS SSD: io1 | io2
Throughput Optimized HDD: st1
Cold HDD: sc1
Magnetic: standard
For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.
Default: gp2
The volume type. For more information, see Amazon EBS volume types in the Amazon EC2 User Guide. If the volume type is io1 or io2, you must specify the IOPS that the volume supports.
The volume type.
", - "LaunchTemplateEbsBlockDeviceRequest$VolumeType": "The volume type. The default is gp2. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.
The volume type. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.
", "ModifyVolumeRequest$VolumeType": "The target EBS volume type of the volume. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.
Default: If no type is specified, the existing type is retained.
", "Volume$VolumeType": "The volume type.
", "VolumeModification$TargetVolumeType": "The target EBS volume type of the volume.
", diff --git a/models/apis/lookoutvision/2020-11-20/api-2.json b/models/apis/lookoutvision/2020-11-20/api-2.json index 8de89f80ef1..d622bfc8f83 100644 --- a/models/apis/lookoutvision/2020-11-20/api-2.json +++ b/models/apis/lookoutvision/2020-11-20/api-2.json @@ -727,7 +727,7 @@ "ContentType":{ "shape":"ContentType", "location":"header", - "locationName":"content-type" + "locationName":"Content-Type" } }, "payload":"Body" @@ -952,10 +952,11 @@ "ModelHostingStatus":{ "type":"string", "enum":[ - "RUNNING", - "STARTING", - "STOPPED", - "FAILED" + "STARTING_HOSTING", + "HOSTED", + "HOSTING_FAILED", + "STOPPING_HOSTING", + "SYSTEM_UPDATING" ] }, "ModelMetadata":{ diff --git a/models/apis/lookoutvision/2020-11-20/docs-2.json b/models/apis/lookoutvision/2020-11-20/docs-2.json index 799fb60118c..c24075c32f7 100644 --- a/models/apis/lookoutvision/2020-11-20/docs-2.json +++ b/models/apis/lookoutvision/2020-11-20/docs-2.json @@ -5,8 +5,8 @@ "CreateDataset": "Creates a new dataset in an Amazon Lookout for Vision project. CreateDataset can create a training or a test dataset from a valid dataset source (DatasetSource).
If you want a single dataset project, specify train for the value of DatasetType.
To have a project with separate training and test datasets, call CreateDataset twice. On the first call, specify train for the value of DatasetType. On the second call, specify test for the value of DatasetType.
This operation requires permissions to perform the lookoutvision:CreateDataset operation.
Creates a new version of a model within an an Amazon Lookout for Vision project. CreateModel is an asynchronous operation in which Amazon Lookout for Vision trains, tests, and evaluates a new version of a model.
To get the current status, check the Status field returned in the response from DescribeModel.
If the project has a single dataset, Amazon Lookout for Vision internally splits the dataset to create a training and a test dataset. If the project has a training and a test dataset, Lookout for Vision uses the respective datasets to train and test the model.
After training completes, the evaluation metrics are stored at the location specified in OutputConfig.
This operation requires permissions to perform the lookoutvision:CreateModel operation. If you want to tag your model, you also require permission to the lookoutvision:TagResource operation.
Creates an empty Amazon Lookout for Vision project. After you create the project, add a dataset by calling CreateDataset.
This operation requires permissions to perform the lookoutvision:CreateProject operation.
Deletes an existing Amazon Lookout for Vision dataset.
If your the project has a single dataset, you must create a new dataset before you can create a model.
If you project has a training dataset and a test dataset consider the following.
If you delete the test dataset, your project reverts to a single dataset project. If you then train the model, Amazon Lookout for Vision internally splits the remaining dataset into a training and test dataset.
If you delete the training dataset, you must create a training dataset before you can create a model.
It might take a while to delete the dataset. To check the current status, check the Status field in the response from a call to DescribeDataset.
This operation requires permissions to perform the lookoutvision:DeleteDataset operation.
Deletes an Amazon Lookout for Vision model. You can't delete a running model. To stop a running model, use the StopModel operation.
This operation requires permissions to perform the lookoutvision:DeleteModel operation.
Deletes an existing Amazon Lookout for Vision dataset.
If your the project has a single dataset, you must create a new dataset before you can create a model.
If you project has a training dataset and a test dataset consider the following.
If you delete the test dataset, your project reverts to a single dataset project. If you then train the model, Amazon Lookout for Vision internally splits the remaining dataset into a training and test dataset.
If you delete the training dataset, you must create a training dataset before you can create a model.
This operation requires permissions to perform the lookoutvision:DeleteDataset operation.
Deletes an Amazon Lookout for Vision model. You can't delete a running model. To stop a running model, use the StopModel operation.
It might take a few seconds to delete a model. To determine if a model has been deleted, call ListProjects and check if the version of the model (ModelVersion) is in the Models array.
This operation requires permissions to perform the lookoutvision:DeleteModel operation.
Deletes an Amazon Lookout for Vision project.
To delete a project, you must first delete each version of the model associated with the project. To delete a model use the DeleteModel operation.
You also have to delete the dataset(s) associated with the model. For more information, see DeleteDataset. The images referenced by the training and test datasets aren't deleted.
This operation requires permissions to perform the lookoutvision:DeleteProject operation.
Describe an Amazon Lookout for Vision dataset.
This operation requires permissions to perform the lookoutvision:DescribeDataset operation.
Describes a version of an Amazon Lookout for Vision model.
This operation requires permissions to perform the lookoutvision:DescribeModel operation.
Lists the versions of a model in an Amazon Lookout for Vision project.
This operation requires permissions to perform the lookoutvision:ListModels operation.
Lists the Amazon Lookout for Vision projects in your AWS account.
This operation requires permissions to perform the lookoutvision:ListProjects operation.
Returns a list of tags attached to the specified Amazon Lookout for Vision model.
This operation requires permissions to perform the lookoutvision:ListTagsForResource operation.
Starts the running of the version of an Amazon Lookout for Vision model. Starting a model takes a while to complete. To check the current state of the model, use DescribeModel.
Once the model is running, you can detect custom labels in new images by calling DetectAnomalies.
You are charged for the amount of time that the model is running. To stop a running model, call StopModel.
This operation requires permissions to perform the lookoutvision:StartModel operation.
Stops a running model. The operation might take a while to complete. To check the current status, call DescribeModel.
This operation requires permissions to perform the lookoutvision:StopModel operation.
Starts the running of the version of an Amazon Lookout for Vision model. Starting a model takes a while to complete. To check the current state of the model, use DescribeModel.
A model is ready to use when its status is HOSTED.
Once the model is running, you can detect custom labels in new images by calling DetectAnomalies.
You are charged for the amount of time that the model is running. To stop a running model, call StopModel.
This operation requires permissions to perform the lookoutvision:StartModel operation.
Stops the hosting of a running model. The operation might take a while to complete. To check the current status, call DescribeModel.
After the model hosting stops, the Status of the model is TRAINED.
This operation requires permissions to perform the lookoutvision:StopModel operation.
Adds one or more key-value tags to an Amazon Lookout for Vision model. For more information, see Tagging a model in the Amazon Lookout for Vision Developer Guide.
This operation requires permissions to perform the lookoutvision:TagResource operation.
Removes one or more tags from an Amazon Lookout for Vision model. For more information, see Tagging a model in the Amazon Lookout for Vision Developer Guide.
This operation requires permissions to perform the lookoutvision:UntagResource operation.
Adds one or more JSON Line entries to a dataset. A JSON Line includes information about an image used for training or testing an Amazon Lookout for Vision model. The following is an example JSON Line.
Updating a dataset might take a while to complete. To check the current status, call DescribeDataset and check the Status field in the response.
This operation requires permissions to perform the lookoutvision:UpdateDatasetEntries operation.
The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for encypting the model. If this parameter is not specified, the model is encrypted by a key that AWS owns and manages.
", + "CreateModelRequest$KmsKeyId": "The identifier for your AWS Key Management Service (AWS KMS) customer master key (CMK). The key is used to encrypt training and test images copied into the service for model training. Your source images are unaffected. If this parameter is not specified, the copied images are encrypted by a key that AWS owns and manages.
", "ModelDescription$KmsKeyId": "The identifer for the AWS Key Management Service (AWS KMS) key that was used to encrypt the model during training.
" } }, @@ -576,17 +576,17 @@ "refs": { "InputS3Object$Bucket": "The Amazon S3 bucket that contains the manifest.
", "OutputS3Object$Bucket": "The bucket that contains the training output.
", - "S3Location$Bucket": "The S3 bucket that contain the manifest file.
" + "S3Location$Bucket": "The S3 bucket that contains the training output.
" } }, "S3KeyPrefix": { "base": null, "refs": { - "S3Location$Prefix": "The path and name of the manifest file with the S3 bucket.
" + "S3Location$Prefix": "The path of the folder, within the S3 bucket, that contains the training output.
" } }, "S3Location": { - "base": "Information about the location of a manifest file.
", + "base": "Information about the location training output.
", "refs": { "OutputConfig$S3Location": "The S3 location for the output.
" } diff --git a/service/configservice/api.go b/service/configservice/api.go index ed48bcdf941..7e2fc4f1d53 100644 --- a/service/configservice/api.go +++ b/service/configservice/api.go @@ -25089,6 +25089,9 @@ const ( // ConformancePackComplianceTypeNonCompliant is a ConformancePackComplianceType enum value ConformancePackComplianceTypeNonCompliant = "NON_COMPLIANT" + + // ConformancePackComplianceTypeInsufficientData is a ConformancePackComplianceType enum value + ConformancePackComplianceTypeInsufficientData = "INSUFFICIENT_DATA" ) // ConformancePackComplianceType_Values returns all elements of the ConformancePackComplianceType enum @@ -25096,6 +25099,7 @@ func ConformancePackComplianceType_Values() []string { return []string{ ConformancePackComplianceTypeCompliant, ConformancePackComplianceTypeNonCompliant, + ConformancePackComplianceTypeInsufficientData, } } diff --git a/service/ec2/api.go b/service/ec2/api.go index 47d41ee5a39..e380fb0e9cd 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -36732,12 +36732,25 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // For Amazon EBS-backed instances, CreateImage creates and registers the AMI // in a single request, so you don't have to register the AMI yourself. // -// You can also use RegisterImage to create an Amazon EBS-backed Linux AMI from -// a snapshot of a root device volume. You specify the snapshot using the block -// device mapping. For more information, see Launching a Linux instance from -// a backup (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) +// If needed, you can deregister an AMI at any time. Any modifications you make +// to an AMI backed by an instance store volume invalidates its registration. +// If you make changes to an image, deregister the previous image and register +// the new image. +// +// Register a snapshot of a root device volume +// +// You can use RegisterImage to create an Amazon EBS-backed Linux AMI from a +// snapshot of a root device volume. You specify the snapshot using a block +// device mapping. You can't set the encryption state of the volume using the +// block device mapping. If the snapshot is encrypted, or encryption by default +// is enabled, the root volume of an instance launched from the AMI is encrypted. +// +// For more information, see Create a Linux AMI from a snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html#creating-launching-ami-from-snapshot) +// and Use encryption with EBS-backed AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // +// AWS Marketplace product codes +// // If any snapshots have AWS Marketplace product codes, they are copied to the // new AMI. // @@ -36763,11 +36776,6 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // Obtaining billing information (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-billing-info.html) // in the Amazon Elastic Compute Cloud User Guide. // -// If needed, you can deregister an AMI at any time. Any modifications you make -// to an AMI backed by an instance store volume invalidates its registration. -// If you make changes to an image, deregister the previous image and register -// the new image. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -42770,8 +42778,10 @@ func (s *ApplySecurityGroupsToClientVpnTargetNetworkOutput) SetSecurityGroupIds( type AssignIpv6AddressesInput struct { _ struct{} `type:"structure"` - // The number of IPv6 addresses to assign to the network interface. Amazon EC2 - // automatically selects the IPv6 addresses from the subnet range. You can't + // The number of additional IPv6 addresses to assign to the network interface. + // The specified number of IPv6 addresses are assigned in addition to the existing + // IPv6 addresses that are already assigned to the network interface. Amazon + // EC2 automatically selects the IPv6 addresses from the subnet range. You can't // use this option if specifying specific IPv6 addresses. Ipv6AddressCount *int64 `locationName:"ipv6AddressCount" type:"integer"` @@ -42829,7 +42839,8 @@ func (s *AssignIpv6AddressesInput) SetNetworkInterfaceId(v string) *AssignIpv6Ad type AssignIpv6AddressesOutput struct { _ struct{} `type:"structure"` - // The IPv6 addresses assigned to the network interface. + // The new IPv6 addresses assigned to the network interface. Existing IPv6 addresses + // that were assigned to the network interface before the request are not included. AssignedIpv6Addresses []*string `locationName:"assignedIpv6Addresses" locationNameList:"item" type:"list"` // The ID of the network interface. @@ -43007,10 +43018,10 @@ type AssociateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you - // can specify either the instance ID or the network interface ID, but not both. - // The operation fails if you specify an instance ID unless exactly one network - // interface is attached. + // The ID of the instance. The instance must have exactly one attached network + // interface. For EC2-VPC, you can specify either the instance ID or the network + // interface ID, but not both. For EC2-Classic, you must specify an instance + // ID and the instance must be in the running state. InstanceId *string `type:"string"` // [EC2-VPC] The ID of the network interface. If the instance has more than @@ -43025,8 +43036,8 @@ type AssociateAddressInput struct { // address is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // The Elastic IP address to associate with the instance. This is required for - // EC2-Classic. + // [EC2-Classic] The Elastic IP address to associate with the instance. This + // is required for EC2-Classic. PublicIp *string `type:"string"` } @@ -43359,7 +43370,7 @@ type AssociateEnclaveCertificateIamRoleOutput struct { CertificateS3BucketName *string `locationName:"certificateS3BucketName" type:"string"` // The Amazon S3 object key where the certificate, certificate chain, and encrypted - // private key bundle are stored. The object key is formatted as follows: certificate_arn/role_arn. + // private key bundle are stored. The object key is formatted as follows: role_arn/certificate_arn. CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` // The ID of the AWS KMS CMK used to encrypt the private key of the certificate. @@ -43964,7 +43975,7 @@ type AssociatedRole struct { // The key of the Amazon S3 object ey where the certificate, certificate chain, // and encrypted private key bundle is stored. The object key is formated as - // follows: certificate_arn/role_arn. + // follows: role_arn/certificate_arn. CertificateS3ObjectKey *string `locationName:"certificateS3ObjectKey" type:"string"` // The ID of the KMS customer master key (CMK) used to encrypt the private key. @@ -48688,8 +48699,8 @@ type CopyImageInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html) + // in the Amazon EC2 API Reference. ClientToken *string `type:"string"` // A description for the new AMI in the destination Region. @@ -51191,7 +51202,7 @@ type CreateInstanceExportTaskInput struct { // maximum length is 255 characters. Description *string `locationName:"description" type:"string"` - // The format and location for an instance export task. + // The format and location for an export instance task. // // ExportToS3Task is a required field ExportToS3Task *ExportToS3TaskSpecification `locationName:"exportToS3" type:"structure" required:"true"` @@ -51201,7 +51212,7 @@ type CreateInstanceExportTaskInput struct { // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` - // The tags to apply to the instance export task during creation. + // The tags to apply to the export instance task during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The target virtualization environment. @@ -51272,7 +51283,7 @@ func (s *CreateInstanceExportTaskInput) SetTargetEnvironment(v string) *CreateIn type CreateInstanceExportTaskOutput struct { _ struct{} `type:"structure"` - // Information about the instance export task. + // Information about the export instance task. ExportTask *ExportTask `locationName:"exportTask" type:"structure"` } @@ -56142,9 +56153,7 @@ type CreateVpcEndpointInput struct { // true: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to // set the VPC attributes. // - // Private DNS is not supported for Amazon S3 interface endpoints. - // - // Default: true for supported endpoints + // Default: true PrivateDnsEnabled *bool `type:"boolean"` // (Gateway endpoint) One or more route table IDs. @@ -70078,8 +70087,8 @@ type DescribeNetworkInterfacesInput struct { // // * private-dns-name - The private DNS name of the network interface (IPv4). // - // * requester-id - The ID of the entity that launched the instance on your - // behalf (for example, AWS Management Console, Auto Scaling, and so on). + // * requester-id - The alias or AWS account ID of the principal or service + // that created the network interface. // // * requester-managed - Indicates whether the network interface is being // managed by an AWS service (for example, AWS Management Console, Auto Scaling, @@ -71824,7 +71833,7 @@ type DescribeSecurityGroupsInput struct { // been referenced in an outbound security group rule. // // * egress.ip-permission.group-name - The name of a security group that - // has been referenced in an outbound security group rule. + // is referenced in an outbound security group rule. // // * egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound // security group rule. @@ -71833,7 +71842,7 @@ type DescribeSecurityGroupsInput struct { // a security group rule allows outbound access. // // * egress.ip-permission.protocol - The IP protocol for an outbound security - // group rule (tcp | udp | icmp or a protocol number). + // group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols). // // * egress.ip-permission.to-port - For an outbound rule, the end of port // range for the TCP and UDP protocols, or an ICMP code. @@ -71854,8 +71863,8 @@ type DescribeSecurityGroupsInput struct { // * ip-permission.group-id - The ID of a security group that has been referenced // in an inbound security group rule. // - // * ip-permission.group-name - The name of a security group that has been - // referenced in an inbound security group rule. + // * ip-permission.group-name - The name of a security group that is referenced + // in an inbound security group rule. // // * ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security // group rule. @@ -71864,7 +71873,7 @@ type DescribeSecurityGroupsInput struct { // security group rule allows inbound access. // // * ip-permission.protocol - The IP protocol for an inbound security group - // rule (tcp | udp | icmp or a protocol number). + // rule (tcp | udp | icmp, a protocol number, or -1 for all protocols). // // * ip-permission.to-port - For an inbound rule, the end of port range for // the TCP and UDP protocols, or an ICMP code. @@ -76045,6 +76054,8 @@ type DescribeVpcEndpointServicesInput struct { // // * service-name - The name of the service. // + // * service-type - The type of service (Interface | Gateway). + // // * tag: