diff --git a/clients/client-controltower/README.md b/clients/client-controltower/README.md index 7a5e8a227705..884e9f8d19d2 100644 --- a/clients/client-controltower/README.md +++ b/clients/client-controltower/README.md @@ -11,23 +11,161 @@ AWS SDK for JavaScript ControlTower Client for Node.js, Browser and React Native

  • -controls +Controls

    +

  • -landing zones +Landing zones

    +

  • -baselines +Baselines

    + +
    • +
  • +

    +Tagging +

    +

    • For more information about these types of resources, see the @@ -57,13 +195,12 @@ control:

    The controlIdentifier is an ARN that is specified for each control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

    The controlIdentifier is unique in each Amazon Web Services Region for each control. You can -find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower User Guide. -

    +find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower Controls Reference Guide.

    A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and -Elective controls is given in Resource identifiers for -APIs and controls in the Controls reference guide section -of the Amazon Web Services Control Tower User Guide. Remember that Mandatory controls -cannot be added or removed.

    +Elective controls is given in Resource identifiers for +APIs and controls in the +Amazon Web Services Control Tower Controls Reference Guide +. Remember that Mandatory controls cannot be added or removed.

    ARN format: @@ -106,7 +243,7 @@ cannot be added or removed.

    *

    For more information about these types of resources, see the @@ -614,13 +776,12 @@ export interface ControlTower { *

    The controlIdentifier is an ARN that is specified for each * control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

    *

    The controlIdentifier is unique in each Amazon Web Services Region for each control. You can - * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower User Guide. - *

    + * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower Controls Reference Guide.

    *

    A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and - * Elective controls is given in Resource identifiers for - * APIs and controls in the Controls reference guide section - * of the Amazon Web Services Control Tower User Guide. Remember that Mandatory controls - * cannot be added or removed.

    + * Elective controls is given in Resource identifiers for + * APIs and controls in the + * Amazon Web Services Control Tower Controls Reference Guide + * . Remember that Mandatory controls cannot be added or removed.

    * *

    * ARN format: @@ -663,7 +824,7 @@ export interface ControlTower { *

    *

    For more information about these types of resources, see the @@ -405,13 +549,12 @@ export interface ControlTowerClientResolvedConfig extends ControlTowerClientReso *

    The controlIdentifier is an ARN that is specified for each * control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

    *

    The controlIdentifier is unique in each Amazon Web Services Region for each control. You can - * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower User Guide. - *

    + * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower Controls Reference Guide.

    *

    A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and - * Elective controls is given in Resource identifiers for - * APIs and controls in the Controls reference guide section - * of the Amazon Web Services Control Tower User Guide. Remember that Mandatory controls - * cannot be added or removed.

    + * Elective controls is given in Resource identifiers for + * APIs and controls in the + * Amazon Web Services Control Tower Controls Reference Guide + * . Remember that Mandatory controls cannot be added or removed.

    * *

    * ARN format: @@ -454,7 +597,7 @@ export interface ControlTowerClientResolvedConfig extends ControlTowerClientReso *

      *
    • *

      - * Control API input and output examples with CLI + * Control API input and output examples with CLI *

      *
      • *
    • @@ -464,7 +607,7 @@ export interface ControlTowerClientResolvedConfig extends ControlTowerClientReso *
      • *
    • *

      - * Enable controls with CloudFormation + * Enable controls with CloudFormation *

      *
      • *
    • @@ -474,27 +617,27 @@ export interface ControlTowerClientResolvedConfig extends ControlTowerClientReso *
      • *
    • *

      - * Control metadata tables (large page) + * Control metadata tables (large page) *

      *
      • *
    • *

      - * Control availability by Region tables (large page) + * Control availability by Region tables (large page) *

      *
      • *
    • *

      - * List of identifiers for legacy controls + * List of identifiers for legacy controls *

      *
      • *
    • *

      - * Controls reference guide + * Controls reference guide *

      *
      • *
    • *

      - * Controls library groupings + * Controls library groupings *

      *
      • *
    • diff --git a/clients/client-controltower/src/commands/DisableControlCommand.ts b/clients/client-controltower/src/commands/DisableControlCommand.ts index 14320f71f94a..8231bda96710 100644 --- a/clients/client-controltower/src/commands/DisableControlCommand.ts +++ b/clients/client-controltower/src/commands/DisableControlCommand.ts @@ -28,10 +28,10 @@ export interface DisableControlCommandInput extends DisableControlInput {} export interface DisableControlCommandOutput extends DisableControlOutput, __MetadataBearer {} /** - *

      This API call turns off a control. It starts an asynchronous operation that deletes AWS + *

      This API call turns off a control. It starts an asynchronous operation that deletes Amazon Web Services * resources on the specified organizational unit and the accounts it contains. The resources - * will vary according to the control that you specify. For usage examples, see - * the Amazon Web Services Control Tower User Guide + * will vary according to the control that you specify. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/EnableControlCommand.ts b/clients/client-controltower/src/commands/EnableControlCommand.ts index 2292d9718889..0ec28dc2ff9c 100644 --- a/clients/client-controltower/src/commands/EnableControlCommand.ts +++ b/clients/client-controltower/src/commands/EnableControlCommand.ts @@ -30,8 +30,8 @@ export interface EnableControlCommandOutput extends EnableControlOutput, __Metad /** *

      This API call activates a control. It starts an asynchronous operation that creates Amazon Web Services * resources on the specified organizational unit and the accounts it contains. The resources - * created will vary according to the control that you specify. For usage examples, see - * the Amazon Web Services Control Tower User Guide + * created will vary according to the control that you specify. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/GetControlOperationCommand.ts b/clients/client-controltower/src/commands/GetControlOperationCommand.ts index 982537e6154e..e985acb5bc62 100644 --- a/clients/client-controltower/src/commands/GetControlOperationCommand.ts +++ b/clients/client-controltower/src/commands/GetControlOperationCommand.ts @@ -30,8 +30,8 @@ export interface GetControlOperationCommandOutput extends GetControlOperationOut /** *

      Returns the status of a particular EnableControl or * DisableControl operation. Displays a message in case of error. Details for an - * operation are available for 90 days. For usage examples, see - * the Amazon Web Services Control Tower User Guide + * operation are available for 90 days. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/GetEnabledControlCommand.ts b/clients/client-controltower/src/commands/GetEnabledControlCommand.ts index e071055d7140..912fb864b842 100644 --- a/clients/client-controltower/src/commands/GetEnabledControlCommand.ts +++ b/clients/client-controltower/src/commands/GetEnabledControlCommand.ts @@ -28,8 +28,8 @@ export interface GetEnabledControlCommandInput extends GetEnabledControlInput {} export interface GetEnabledControlCommandOutput extends GetEnabledControlOutput, __MetadataBearer {} /** - *

      Retrieves details about an enabled control. For usage examples, see - * the Amazon Web Services Control Tower User Guide + *

      Retrieves details about an enabled control. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/GetLandingZoneOperationCommand.ts b/clients/client-controltower/src/commands/GetLandingZoneOperationCommand.ts index a45aa481080a..d55b1fce1e10 100644 --- a/clients/client-controltower/src/commands/GetLandingZoneOperationCommand.ts +++ b/clients/client-controltower/src/commands/GetLandingZoneOperationCommand.ts @@ -44,9 +44,10 @@ export interface GetLandingZoneOperationCommandOutput extends GetLandingZoneOper * // { // GetLandingZoneOperationOutput * // operationDetails: { // LandingZoneOperationDetail * // operationType: "DELETE" || "CREATE" || "UPDATE" || "RESET", + * // operationIdentifier: "STRING_VALUE", + * // status: "SUCCEEDED" || "FAILED" || "IN_PROGRESS", * // startTime: new Date("TIMESTAMP"), * // endTime: new Date("TIMESTAMP"), - * // status: "SUCCEEDED" || "FAILED" || "IN_PROGRESS", * // statusMessage: "STRING_VALUE", * // }, * // }; diff --git a/clients/client-controltower/src/commands/ListControlOperationsCommand.ts b/clients/client-controltower/src/commands/ListControlOperationsCommand.ts index 3c4a29d790d2..39853f9ccda5 100644 --- a/clients/client-controltower/src/commands/ListControlOperationsCommand.ts +++ b/clients/client-controltower/src/commands/ListControlOperationsCommand.ts @@ -28,7 +28,7 @@ export interface ListControlOperationsCommandInput extends ListControlOperations export interface ListControlOperationsCommandOutput extends ListControlOperationsOutput, __MetadataBearer {} /** - *

      Provides a list of operations in progress or queued.

      + *

      Provides a list of operations in progress or queued. For usage examples, see ListControlOperation examples.

      * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-controltower/src/commands/ListEnabledControlsCommand.ts b/clients/client-controltower/src/commands/ListEnabledControlsCommand.ts index 4d7bfe9517b7..e8bcc1315a59 100644 --- a/clients/client-controltower/src/commands/ListEnabledControlsCommand.ts +++ b/clients/client-controltower/src/commands/ListEnabledControlsCommand.ts @@ -29,8 +29,8 @@ export interface ListEnabledControlsCommandOutput extends ListEnabledControlsOut /** *

      Lists the controls enabled by Amazon Web Services Control Tower on the specified organizational unit and - * the accounts it contains. For usage examples, see - * the Amazon Web Services Control Tower User Guide + * the accounts it contains. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/ListLandingZoneOperationsCommand.ts b/clients/client-controltower/src/commands/ListLandingZoneOperationsCommand.ts new file mode 100644 index 000000000000..0c81513a46c2 --- /dev/null +++ b/clients/client-controltower/src/commands/ListLandingZoneOperationsCommand.ts @@ -0,0 +1,110 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { ControlTowerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ControlTowerClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { ListLandingZoneOperationsInput, ListLandingZoneOperationsOutput } from "../models/models_0"; +import { de_ListLandingZoneOperationsCommand, se_ListLandingZoneOperationsCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListLandingZoneOperationsCommand}. + */ +export interface ListLandingZoneOperationsCommandInput extends ListLandingZoneOperationsInput {} +/** + * @public + * + * The output of {@link ListLandingZoneOperationsCommand}. + */ +export interface ListLandingZoneOperationsCommandOutput extends ListLandingZoneOperationsOutput, __MetadataBearer {} + +/** + *

      Lists all landing zone operations from the past 90 days. Results are sorted by time, with the most recent operation first.

      + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ControlTowerClient, ListLandingZoneOperationsCommand } from "@aws-sdk/client-controltower"; // ES Modules import + * // const { ControlTowerClient, ListLandingZoneOperationsCommand } = require("@aws-sdk/client-controltower"); // CommonJS import + * const client = new ControlTowerClient(config); + * const input = { // ListLandingZoneOperationsInput + * filter: { // LandingZoneOperationFilter + * types: [ // LandingZoneOperationTypes + * "DELETE" || "CREATE" || "UPDATE" || "RESET", + * ], + * statuses: [ // LandingZoneOperationStatuses + * "SUCCEEDED" || "FAILED" || "IN_PROGRESS", + * ], + * }, + * nextToken: "STRING_VALUE", + * maxResults: Number("int"), + * }; + * const command = new ListLandingZoneOperationsCommand(input); + * const response = await client.send(command); + * // { // ListLandingZoneOperationsOutput + * // landingZoneOperations: [ // LandingZoneOperations // required + * // { // LandingZoneOperationSummary + * // operationType: "DELETE" || "CREATE" || "UPDATE" || "RESET", + * // operationIdentifier: "STRING_VALUE", + * // status: "SUCCEEDED" || "FAILED" || "IN_PROGRESS", + * // }, + * // ], + * // nextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListLandingZoneOperationsCommandInput - {@link ListLandingZoneOperationsCommandInput} + * @returns {@link ListLandingZoneOperationsCommandOutput} + * @see {@link ListLandingZoneOperationsCommandInput} for command's `input` shape. + * @see {@link ListLandingZoneOperationsCommandOutput} for command's `response` shape. + * @see {@link ControlTowerClientResolvedConfig | config} for ControlTowerClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *

      You do not have sufficient access to perform this action.

      + * + * @throws {@link InternalServerException} (server fault) + *

      An unexpected error occurred during processing of a request.

      + * + * @throws {@link ThrottlingException} (client fault) + *

      The request was denied due to request throttling.

      + * + * @throws {@link ValidationException} (client fault) + *

      The input does not satisfy the constraints specified by an Amazon Web Services service.

      + * + * @throws {@link ControlTowerServiceException} + *

      Base exception class for all service exceptions from ControlTower service.

      + * + * @public + */ +export class ListLandingZoneOperationsCommand extends $Command + .classBuilder< + ListLandingZoneOperationsCommandInput, + ListLandingZoneOperationsCommandOutput, + ControlTowerClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: ControlTowerClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("AWSControlTowerApis", "ListLandingZoneOperations", {}) + .n("ControlTowerClient", "ListLandingZoneOperationsCommand") + .f(void 0, void 0) + .ser(se_ListLandingZoneOperationsCommand) + .de(de_ListLandingZoneOperationsCommand) + .build() {} diff --git a/clients/client-controltower/src/commands/ListTagsForResourceCommand.ts b/clients/client-controltower/src/commands/ListTagsForResourceCommand.ts index 86058d0ef346..59b4a83d6b49 100644 --- a/clients/client-controltower/src/commands/ListTagsForResourceCommand.ts +++ b/clients/client-controltower/src/commands/ListTagsForResourceCommand.ts @@ -28,8 +28,8 @@ export interface ListTagsForResourceCommandInput extends ListTagsForResourceInpu export interface ListTagsForResourceCommandOutput extends ListTagsForResourceOutput, __MetadataBearer {} /** - *

      Returns a list of tags associated with the resource. For usage examples, see - * the Amazon Web Services Control Tower User Guide + *

      Returns a list of tags associated with the resource. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/ResetLandingZoneCommand.ts b/clients/client-controltower/src/commands/ResetLandingZoneCommand.ts index 7976dfd5e424..5e786f56dec0 100644 --- a/clients/client-controltower/src/commands/ResetLandingZoneCommand.ts +++ b/clients/client-controltower/src/commands/ResetLandingZoneCommand.ts @@ -29,7 +29,10 @@ export interface ResetLandingZoneCommandOutput extends ResetLandingZoneOutput, _ /** *

      This API call resets a landing zone. It starts an asynchronous operation that resets the - * landing zone to the parameters specified in its original configuration.

      + * landing zone to the parameters specified in the original configuration, which you specified + * in the manifest file. Nothing in the manifest file's original landing zone configuration is changed + * during the reset process, by default. This API is not the same as a rollback of a landing + * zone version, which is not a supported operation.

      * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-controltower/src/commands/TagResourceCommand.ts b/clients/client-controltower/src/commands/TagResourceCommand.ts index 603db7a3e300..71401ad61dc1 100644 --- a/clients/client-controltower/src/commands/TagResourceCommand.ts +++ b/clients/client-controltower/src/commands/TagResourceCommand.ts @@ -28,8 +28,8 @@ export interface TagResourceCommandInput extends TagResourceInput {} export interface TagResourceCommandOutput extends TagResourceOutput, __MetadataBearer {} /** - *

      Applies tags to a resource. For usage examples, see - * the Amazon Web Services Control Tower User Guide + *

      Applies tags to a resource. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/UntagResourceCommand.ts b/clients/client-controltower/src/commands/UntagResourceCommand.ts index 5673b0c8db50..a24199aa0485 100644 --- a/clients/client-controltower/src/commands/UntagResourceCommand.ts +++ b/clients/client-controltower/src/commands/UntagResourceCommand.ts @@ -28,8 +28,8 @@ export interface UntagResourceCommandInput extends UntagResourceInput {} export interface UntagResourceCommandOutput extends UntagResourceOutput, __MetadataBearer {} /** - *

      Removes tags from a resource. For usage examples, see - * the Amazon Web Services Control Tower User Guide + *

      Removes tags from a resource. For usage examples, see the + * Controls Reference Guide * .

      * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-controltower/src/commands/UpdateEnabledControlCommand.ts b/clients/client-controltower/src/commands/UpdateEnabledControlCommand.ts index 80bfb02bdc4f..e580e53a1140 100644 --- a/clients/client-controltower/src/commands/UpdateEnabledControlCommand.ts +++ b/clients/client-controltower/src/commands/UpdateEnabledControlCommand.ts @@ -31,11 +31,11 @@ export interface UpdateEnabledControlCommandOutput extends UpdateEnabledControlO *

      * Updates the configuration of an already enabled control.

      *

      If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request.

      - *

      If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower will update the control to match any valid parameters that you supply.

      - *

      If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see - * the Amazon Web Services Control Tower User Guide - * - *

      + *

      If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower updates the control to match any valid parameters that you supply.

      + *

      If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see the + * Controls Reference Guide + * . + *

      * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-controltower/src/commands/index.ts b/clients/client-controltower/src/commands/index.ts index 4c44b576d527..068af0cd7f74 100644 --- a/clients/client-controltower/src/commands/index.ts +++ b/clients/client-controltower/src/commands/index.ts @@ -16,6 +16,7 @@ export * from "./ListBaselinesCommand"; export * from "./ListControlOperationsCommand"; export * from "./ListEnabledBaselinesCommand"; export * from "./ListEnabledControlsCommand"; +export * from "./ListLandingZoneOperationsCommand"; export * from "./ListLandingZonesCommand"; export * from "./ListTagsForResourceCommand"; export * from "./ResetEnabledBaselineCommand"; diff --git a/clients/client-controltower/src/index.ts b/clients/client-controltower/src/index.ts index 4a8ac398fe34..0f6cf3872926 100644 --- a/clients/client-controltower/src/index.ts +++ b/clients/client-controltower/src/index.ts @@ -6,23 +6,161 @@ *
    • *

      * - * controls + * Controls * *

      + * *
      • *
    • *

      * - * landing zones + * Landing zones * *

      + * *
      • *
    • *

      * - * baselines + * Baselines * *

      + * + *
      • + *
    • + *

      + * Tagging + *

      + * *
      • *
    *

    For more information about these types of resources, see the @@ -52,13 +190,12 @@ *

    The controlIdentifier is an ARN that is specified for each * control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

    *

    The controlIdentifier is unique in each Amazon Web Services Region for each control. You can - * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower User Guide. - *

    + * find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower Controls Reference Guide.

    *

    A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and - * Elective controls is given in Resource identifiers for - * APIs and controls in the Controls reference guide section - * of the Amazon Web Services Control Tower User Guide. Remember that Mandatory controls - * cannot be added or removed.

    + * Elective controls is given in Resource identifiers for + * APIs and controls in the + * Amazon Web Services Control Tower Controls Reference Guide + * . Remember that Mandatory controls cannot be added or removed.

    * *

    * ARN format: @@ -101,7 +238,7 @@ *

      *
    • *

      - * Control API input and output examples with CLI + * Control API input and output examples with CLI *

      *
      • *
    • @@ -111,7 +248,7 @@ *
      • *
    • *

      - * Enable controls with CloudFormation + * Enable controls with CloudFormation *

      *
      • *
    • @@ -121,27 +258,27 @@ *
      • *
    • *

      - * Control metadata tables (large page) + * Control metadata tables (large page) *

      *
      • *
    • *

      - * Control availability by Region tables (large page) + * Control availability by Region tables (large page) *

      *
      • *
    • *

      - * List of identifiers for legacy controls + * List of identifiers for legacy controls *

      *
      • *
    • *

      - * Controls reference guide + * Controls reference guide *

      *
      • *
    • *

      - * Controls library groupings + * Controls library groupings *

      *
      • *
    • diff --git a/clients/client-controltower/src/models/models_0.ts b/clients/client-controltower/src/models/models_0.ts index 011599a313df..e6dc69d099ef 100644 --- a/clients/client-controltower/src/models/models_0.ts +++ b/clients/client-controltower/src/models/models_0.ts @@ -28,35 +28,96 @@ export class AccessDeniedException extends __BaseException { /** * @public */ -export interface GetBaselineInput { +export interface GetBaselineOperationInput { /** - *

      The ARN of the Baseline resource to be retrieved.

      + *

      The operation ID returned from mutating asynchronous APIs (Enable, Disable, Update, Reset).

      * @public */ - baselineIdentifier: string | undefined; + operationIdentifier: string | undefined; } /** * @public + * @enum */ -export interface GetBaselineOutput { +export const BaselineOperationType = { + DISABLE_BASELINE: "DISABLE_BASELINE", + ENABLE_BASELINE: "ENABLE_BASELINE", + RESET_ENABLED_BASELINE: "RESET_ENABLED_BASELINE", + UPDATE_ENABLED_BASELINE: "UPDATE_ENABLED_BASELINE", +} as const; + +/** + * @public + */ +export type BaselineOperationType = (typeof BaselineOperationType)[keyof typeof BaselineOperationType]; + +/** + * @public + * @enum + */ +export const BaselineOperationStatus = { + FAILED: "FAILED", + IN_PROGRESS: "IN_PROGRESS", + SUCCEEDED: "SUCCEEDED", +} as const; + +/** + * @public + */ +export type BaselineOperationStatus = (typeof BaselineOperationStatus)[keyof typeof BaselineOperationStatus]; + +/** + *

      An object of shape BaselineOperation, returning details about the specified Baseline operation ID.

      + * @public + */ +export interface BaselineOperation { /** - *

      The baseline ARN.

      + *

      The identifier of the specified operation.

      * @public */ - arn: string | undefined; + operationIdentifier?: string; /** - *

      A user-friendly name for the baseline.

      + *

      An enumerated type (enum) with possible values of ENABLE_BASELINE, DISABLE_BASELINE, UPDATE_ENABLED_BASELINE, or RESET_ENABLED_BASELINE.

      * @public */ - name: string | undefined; + operationType?: BaselineOperationType; /** - *

      A description of the baseline.

      + *

      An enumerated type (enum) with possible values of SUCCEEDED, FAILED, or IN_PROGRESS.

      * @public */ - description?: string; + status?: BaselineOperationStatus; + + /** + *

      The start time of the operation, in ISO 8601 format.

      + * @public + */ + startTime?: Date; + + /** + *

      The end time of the operation (if applicable), in ISO 8601 format.

      + * @public + */ + endTime?: Date; + + /** + *

      A status message that gives more information about the operation's status, if applicable.

      + * @public + */ + statusMessage?: string; +} + +/** + * @public + */ +export interface GetBaselineOperationOutput { + /** + *

      A baselineOperation object that shows information about the specified operation ID.

      + * @public + */ + baselineOperation: BaselineOperation | undefined; } /** @@ -164,6 +225,40 @@ export class ValidationException extends __BaseException { } } +/** + * @public + */ +export interface GetBaselineInput { + /** + *

      The ARN of the Baseline resource to be retrieved.

      + * @public + */ + baselineIdentifier: string | undefined; +} + +/** + * @public + */ +export interface GetBaselineOutput { + /** + *

      The baseline ARN.

      + * @public + */ + arn: string | undefined; + + /** + *

      A user-friendly name for the baseline.

      + * @public + */ + name: string | undefined; + + /** + *

      A description of the baseline.

      + * @public + */ + description?: string; +} + /** * @public */ @@ -337,7 +432,7 @@ export interface GetControlOperationOutput { } /** - *

      A filter object that lets you call ListCOntrolOperations with a specific filter.

      + *

      A filter object that lets you call ListControlOperations with a specific filter.

      * @public */ export interface ControlOperationFilter { @@ -460,7 +555,7 @@ export interface ControlOperationSummary { */ export interface ListControlOperationsOutput { /** - *

      Returns a list of output from control operations. PLACEHOLDER

      + *

      Returns a list of output from control operations.

      * @public */ controlOperations: ControlOperationSummary[] | undefined; @@ -635,101 +730,6 @@ export interface EnableBaselineOutput { arn: string | undefined; } -/** - * @public - */ -export interface GetBaselineOperationInput { - /** - *

      The operation ID returned from mutating asynchronous APIs (Enable, Disable, Update, Reset).

      - * @public - */ - operationIdentifier: string | undefined; -} - -/** - * @public - * @enum - */ -export const BaselineOperationType = { - DISABLE_BASELINE: "DISABLE_BASELINE", - ENABLE_BASELINE: "ENABLE_BASELINE", - RESET_ENABLED_BASELINE: "RESET_ENABLED_BASELINE", - UPDATE_ENABLED_BASELINE: "UPDATE_ENABLED_BASELINE", -} as const; - -/** - * @public - */ -export type BaselineOperationType = (typeof BaselineOperationType)[keyof typeof BaselineOperationType]; - -/** - * @public - * @enum - */ -export const BaselineOperationStatus = { - FAILED: "FAILED", - IN_PROGRESS: "IN_PROGRESS", - SUCCEEDED: "SUCCEEDED", -} as const; - -/** - * @public - */ -export type BaselineOperationStatus = (typeof BaselineOperationStatus)[keyof typeof BaselineOperationStatus]; - -/** - *

      An object of shape BaselineOperation, returning details about the specified Baseline operation ID.

      - * @public - */ -export interface BaselineOperation { - /** - *

      The identifier of the specified operation.

      - * @public - */ - operationIdentifier?: string; - - /** - *

      An enumerated type (enum) with possible values of ENABLE_BASELINE, DISABLE_BASELINE, UPDATE_ENABLED_BASELINE, or RESET_ENABLED_BASELINE.

      - * @public - */ - operationType?: BaselineOperationType; - - /** - *

      An enumerated type (enum) with possible values of SUCCEEDED, FAILED, or IN_PROGRESS.

      - * @public - */ - status?: BaselineOperationStatus; - - /** - *

      The start time of the operation, in ISO 8601 format.

      - * @public - */ - startTime?: Date; - - /** - *

      The end time of the operation (if applicable), in ISO 8601 format.

      - * @public - */ - endTime?: Date; - - /** - *

      A status message that gives more information about the operation's status, if applicable.

      - * @public - */ - statusMessage?: string; -} - -/** - * @public - */ -export interface GetBaselineOperationOutput { - /** - *

      A baselineOperation object that shows information about the specified operation ID.

      - * @public - */ - baselineOperation: BaselineOperation | undefined; -} - /** * @public */ @@ -775,25 +775,25 @@ export const EnablementStatus = { export type EnablementStatus = (typeof EnablementStatus)[keyof typeof EnablementStatus]; /** - *

      The deployment summary of the enabled control.

      + *

      The deployment summary of an EnabledControl or EnabledBaseline resource.

      * @public */ export interface EnablementStatusSummary { /** - *

      The deployment status of the enabled control.

      + *

      The deployment status of the enabled resource.

      *

      Valid values:

      *
        *
      • *

        - * SUCCEEDED: The enabledControl configuration was deployed successfully.

        + * SUCCEEDED: The EnabledControl or EnabledBaseline configuration was deployed successfully.

        *
        • *
      • *

        - * UNDER_CHANGE: The enabledControl configuration is changing.

        + * UNDER_CHANGE: The EnabledControl or EnabledBaseline configuration is changing.

        *
        • *
      • *

        - * FAILED: The enabledControl configuration failed to deploy.

        + * FAILED: The EnabledControl or EnabledBaseline configuration failed to deploy.

        *
        • *
      * @public @@ -801,7 +801,7 @@ export interface EnablementStatusSummary { status?: EnablementStatus; /** - *

      The last operation identifier for the enabled control.

      + *

      The last operation identifier for the enabled resource.

      * @public */ lastOperationIdentifier?: string; @@ -837,7 +837,7 @@ export interface EnabledBaselineDetails { targetIdentifier: string | undefined; /** - *

      The deployment summary of the enabled control.

      + *

      The deployment summary of an EnabledControl or EnabledBaseline resource.

      * @public */ statusSummary: EnablementStatusSummary | undefined; @@ -931,7 +931,7 @@ export interface EnabledBaselineSummary { targetIdentifier: string | undefined; /** - *

      The deployment summary of the enabled control.

      + *

      The deployment summary of an EnabledControl or EnabledBaseline resource.

      * @public */ statusSummary: EnablementStatusSummary | undefined; @@ -1281,7 +1281,7 @@ export interface ListEnabledControlsInput { maxResults?: number; /** - *

      An input filter for the ListCEnabledControls API that lets you select the types of control operations to view.

      + *

      An input filter for the ListEnabledControls API that lets you select the types of control operations to view.

      * @public */ filter?: EnabledControlFilter; @@ -1377,44 +1377,254 @@ export interface UpdateEnabledControlOutput { /** * @public */ -export interface CreateLandingZoneInput { - /** - *

      The landing zone version, for example, 3.0.

      - * @public - */ - version: string | undefined; - - /** - *

      The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review - * Launch your landing zone.

      - * @public - */ - manifest: __DocumentType | undefined; - +export interface GetLandingZoneOperationInput { /** - *

      Tags to be applied to the landing zone.

      + *

      A unique identifier assigned to a landing zone operation.

      * @public */ - tags?: Record; + operationIdentifier: string | undefined; } /** * @public + * @enum */ -export interface CreateLandingZoneOutput { - /** - *

      The ARN of the landing zone resource.

      - * @public - */ - arn: string | undefined; +export const LandingZoneOperationType = { + CREATE: "CREATE", + DELETE: "DELETE", + RESET: "RESET", + UPDATE: "UPDATE", +} as const; - /** - *

      A unique identifier assigned to a CreateLandingZone operation. You can use this - * identifier as an input of GetLandingZoneOperation to check the operation's status.

      - * @public - */ - operationIdentifier: string | undefined; -} +/** + * @public + */ +export type LandingZoneOperationType = (typeof LandingZoneOperationType)[keyof typeof LandingZoneOperationType]; + +/** + * @public + * @enum + */ +export const LandingZoneOperationStatus = { + FAILED: "FAILED", + IN_PROGRESS: "IN_PROGRESS", + SUCCEEDED: "SUCCEEDED", +} as const; + +/** + * @public + */ +export type LandingZoneOperationStatus = (typeof LandingZoneOperationStatus)[keyof typeof LandingZoneOperationStatus]; + +/** + *

      Information about a landing zone operation.

      + * @public + */ +export interface LandingZoneOperationDetail { + /** + *

      The landing zone operation type.

      + *

      Valid values:

      + *
        + *
      • + *

        + * DELETE: The DeleteLandingZone operation.

        + *
        • + *
      • + *

        + * CREATE: The CreateLandingZone operation.

        + *
        • + *
      • + *

        + * UPDATE: The UpdateLandingZone operation.

        + *
        • + *
      • + *

        + * RESET: The ResetLandingZone operation.

        + *
        • + *
      + * @public + */ + operationType?: LandingZoneOperationType; + + /** + *

      The operationIdentifier of the landing zone operation.

      + * @public + */ + operationIdentifier?: string; + + /** + *

      Valid values:

      + *
        + *
      • + *

        + * SUCCEEDED: The landing zone operation succeeded.

        + *
        • + *
      • + *

        + * IN_PROGRESS: The landing zone operation is in progress.

        + *
        • + *
      • + *

        + * FAILED: The landing zone operation failed.

        + *
        • + *
      + * @public + */ + status?: LandingZoneOperationStatus; + + /** + *

      The landing zone operation start time.

      + * @public + */ + startTime?: Date; + + /** + *

      The landing zone operation end time.

      + * @public + */ + endTime?: Date; + + /** + *

      If the operation result is FAILED, this string contains a message explaining why the operation failed.

      + * @public + */ + statusMessage?: string; +} + +/** + * @public + */ +export interface GetLandingZoneOperationOutput { + /** + *

      Details about a landing zone operation.

      + * @public + */ + operationDetails: LandingZoneOperationDetail | undefined; +} + +/** + *

      A filter object that lets you call ListLandingZoneOperations with a specific filter.

      + * @public + */ +export interface LandingZoneOperationFilter { + /** + *

      The set of landing zone operation types selected by the filter.

      + * @public + */ + types?: LandingZoneOperationType[]; + + /** + *

      The statuses of the set of landing zone operations selected by the filter.

      + * @public + */ + statuses?: LandingZoneOperationStatus[]; +} + +/** + * @public + */ +export interface ListLandingZoneOperationsInput { + /** + *

      An input filter for the ListLandingZoneOperations API that lets you select the types of landing zone operations to view.

      + * @public + */ + filter?: LandingZoneOperationFilter; + + /** + *

      The token to continue the list from a previous API call with the same parameters.

      + * @public + */ + nextToken?: string; + + /** + *

      How many results to return per API call.

      + * @public + */ + maxResults?: number; +} + +/** + *

      Returns a summary of information about a landing zone operation.

      + * @public + */ +export interface LandingZoneOperationSummary { + /** + *

      The type of the landing zone operation.

      + * @public + */ + operationType?: LandingZoneOperationType; + + /** + *

      The operationIdentifier of the landing zone operation.

      + * @public + */ + operationIdentifier?: string; + + /** + *

      The status of the landing zone operation.

      + * @public + */ + status?: LandingZoneOperationStatus; +} + +/** + * @public + */ +export interface ListLandingZoneOperationsOutput { + /** + *

      Lists landing zone operations.

      + * @public + */ + landingZoneOperations: LandingZoneOperationSummary[] | undefined; + + /** + *

      Retrieves the next page of results. If the string is empty, the response is the end of the results.

      + * @public + */ + nextToken?: string; +} + +/** + * @public + */ +export interface CreateLandingZoneInput { + /** + *

      The landing zone version, for example, 3.0.

      + * @public + */ + version: string | undefined; + + /** + *

      The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review + * Launch your landing zone.

      + * @public + */ + manifest: __DocumentType | undefined; + + /** + *

      Tags to be applied to the landing zone.

      + * @public + */ + tags?: Record; +} + +/** + * @public + */ +export interface CreateLandingZoneOutput { + /** + *

      The ARN of the landing zone resource.

      + * @public + */ + arn: string | undefined; + + /** + *

      A unique identifier assigned to a CreateLandingZone operation. You can use this + * identifier as an input of GetLandingZoneOperation to check the operation's status.

      + * @public + */ + operationIdentifier: string | undefined; +} /** * @public @@ -1559,128 +1769,6 @@ export interface GetLandingZoneOutput { landingZone: LandingZoneDetail | undefined; } -/** - * @public - */ -export interface GetLandingZoneOperationInput { - /** - *

      A unique identifier assigned to a landing zone operation.

      - * @public - */ - operationIdentifier: string | undefined; -} - -/** - * @public - * @enum - */ -export const LandingZoneOperationType = { - CREATE: "CREATE", - DELETE: "DELETE", - RESET: "RESET", - UPDATE: "UPDATE", -} as const; - -/** - * @public - */ -export type LandingZoneOperationType = (typeof LandingZoneOperationType)[keyof typeof LandingZoneOperationType]; - -/** - * @public - * @enum - */ -export const LandingZoneOperationStatus = { - FAILED: "FAILED", - IN_PROGRESS: "IN_PROGRESS", - SUCCEEDED: "SUCCEEDED", -} as const; - -/** - * @public - */ -export type LandingZoneOperationStatus = (typeof LandingZoneOperationStatus)[keyof typeof LandingZoneOperationStatus]; - -/** - *

      Information about a landing zone operation.

      - * @public - */ -export interface LandingZoneOperationDetail { - /** - *

      The landing zone operation type.

      - *

      Valid values:

      - *
        - *
      • - *

        - * DELETE: The DeleteLandingZone operation.

        - *
        • - *
      • - *

        - * CREATE: The CreateLandingZone operation.

        - *
        • - *
      • - *

        - * UPDATE: The UpdateLandingZone operation.

        - *
        • - *
      • - *

        - * RESET: The ResetLandingZone operation.

        - *
        • - *
      - * @public - */ - operationType?: LandingZoneOperationType; - - /** - *

      The landing zone operation start time.

      - * @public - */ - startTime?: Date; - - /** - *

      The landing zone operation end time.

      - * @public - */ - endTime?: Date; - - /** - *

      Valid values:

      - *
        - *
      • - *

        - * SUCCEEDED: The landing zone operation succeeded.

        - *
        • - *
      • - *

        - * IN_PROGRESS: The landing zone operation is in progress.

        - *
        • - *
      • - *

        - * FAILED: The landing zone operation failed.

        - *
        • - *
      - * @public - */ - status?: LandingZoneOperationStatus; - - /** - *

      If the operation result is FAILED, this string contains a message explaining why the operation failed.

      - * @public - */ - statusMessage?: string; -} - -/** - * @public - */ -export interface GetLandingZoneOperationOutput { - /** - *

      Details about a landing zone operation.

      - * @public - */ - operationDetails: LandingZoneOperationDetail | undefined; -} - /** * @public */ @@ -1761,8 +1849,8 @@ export interface UpdateLandingZoneInput { version: string | undefined; /** - *

      The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review - * Launch your landing zone.

      + *

      The manifest file (JSON) is a text file that describes your Amazon Web Services resources. For an example, review + * Launch your landing zone. The example manifest file contains each of the available parameters. The schema for the landing zone's JSON manifest file is not published, by design.

      * @public */ manifest: __DocumentType | undefined; diff --git a/clients/client-controltower/src/pagination/ListLandingZoneOperationsPaginator.ts b/clients/client-controltower/src/pagination/ListLandingZoneOperationsPaginator.ts new file mode 100644 index 000000000000..3afa44dde388 --- /dev/null +++ b/clients/client-controltower/src/pagination/ListLandingZoneOperationsPaginator.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { + ListLandingZoneOperationsCommand, + ListLandingZoneOperationsCommandInput, + ListLandingZoneOperationsCommandOutput, +} from "../commands/ListLandingZoneOperationsCommand"; +import { ControlTowerClient } from "../ControlTowerClient"; +import { ControlTowerPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateListLandingZoneOperations: ( + config: ControlTowerPaginationConfiguration, + input: ListLandingZoneOperationsCommandInput, + ...rest: any[] +) => Paginator = createPaginator< + ControlTowerPaginationConfiguration, + ListLandingZoneOperationsCommandInput, + ListLandingZoneOperationsCommandOutput +>(ControlTowerClient, ListLandingZoneOperationsCommand, "nextToken", "nextToken", "maxResults"); diff --git a/clients/client-controltower/src/pagination/index.ts b/clients/client-controltower/src/pagination/index.ts index 1b9c792a272c..90aa23427632 100644 --- a/clients/client-controltower/src/pagination/index.ts +++ b/clients/client-controltower/src/pagination/index.ts @@ -4,4 +4,5 @@ export * from "./ListBaselinesPaginator"; export * from "./ListControlOperationsPaginator"; export * from "./ListEnabledBaselinesPaginator"; export * from "./ListEnabledControlsPaginator"; +export * from "./ListLandingZoneOperationsPaginator"; export * from "./ListLandingZonesPaginator"; diff --git a/clients/client-controltower/src/protocols/Aws_restJson1.ts b/clients/client-controltower/src/protocols/Aws_restJson1.ts index 55c3e488e8fd..da7aecaaae35 100644 --- a/clients/client-controltower/src/protocols/Aws_restJson1.ts +++ b/clients/client-controltower/src/protocols/Aws_restJson1.ts @@ -59,6 +59,10 @@ import { ListEnabledControlsCommandInput, ListEnabledControlsCommandOutput, } from "../commands/ListEnabledControlsCommand"; +import { + ListLandingZoneOperationsCommandInput, + ListLandingZoneOperationsCommandOutput, +} from "../commands/ListLandingZoneOperationsCommand"; import { ListLandingZonesCommandInput, ListLandingZonesCommandOutput } from "../commands/ListLandingZonesCommand"; import { ListTagsForResourceCommandInput, @@ -103,6 +107,9 @@ import { InternalServerException, LandingZoneDetail, LandingZoneOperationDetail, + LandingZoneOperationFilter, + LandingZoneOperationStatus, + LandingZoneOperationType, ResourceNotFoundException, ServiceQuotaExceededException, ThrottlingException, @@ -501,6 +508,30 @@ export const se_ListEnabledControlsCommand = async ( return b.build(); }; +/** + * serializeAws_restJson1ListLandingZoneOperationsCommand + */ +export const se_ListLandingZoneOperationsCommand = async ( + input: ListLandingZoneOperationsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const b = rb(input, context); + const headers: any = { + "content-type": "application/json", + }; + b.bp("/list-landingzone-operations"); + let body: any; + body = JSON.stringify( + take(input, { + filter: (_) => _json(_), + maxResults: [], + nextToken: [], + }) + ); + b.m("POST").h(headers).b(body); + return b.build(); +}; + /** * serializeAws_restJson1ListLandingZonesCommand */ @@ -1066,6 +1097,28 @@ export const de_ListEnabledControlsCommand = async ( return contents; }; +/** + * deserializeAws_restJson1ListLandingZoneOperationsCommand + */ +export const de_ListLandingZoneOperationsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents: any = map({ + $metadata: deserializeMetadata(output), + }); + const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + const doc = take(data, { + landingZoneOperations: _json, + nextToken: __expectString, + }); + Object.assign(contents, doc); + return contents; +}; + /** * deserializeAws_restJson1ListLandingZonesCommand */ @@ -1496,6 +1549,12 @@ const se_EnabledControlParameters = (input: EnabledControlParameter[], context: // se_EnablementStatuses omitted. +// se_LandingZoneOperationFilter omitted. + +// se_LandingZoneOperationStatuses omitted. + +// se_LandingZoneOperationTypes omitted. + /** * serializeAws_restJson1Manifest */ @@ -1698,6 +1757,7 @@ const de_LandingZoneDetail = (output: any, context: __SerdeContext): LandingZone const de_LandingZoneOperationDetail = (output: any, context: __SerdeContext): LandingZoneOperationDetail => { return take(output, { endTime: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), + operationIdentifier: __expectString, operationType: __expectString, startTime: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), status: __expectString, @@ -1705,6 +1765,10 @@ const de_LandingZoneOperationDetail = (output: any, context: __SerdeContext): La }) as any; }; +// de_LandingZoneOperations omitted. + +// de_LandingZoneOperationSummary omitted. + // de_LandingZoneSummaries omitted. // de_LandingZoneSummary omitted. diff --git a/codegen/sdk-codegen/aws-models/controltower.json b/codegen/sdk-codegen/aws-models/controltower.json index 47ae93a7b426..ac8ded90bf4e 100644 --- a/codegen/sdk-codegen/aws-models/controltower.json +++ b/codegen/sdk-codegen/aws-models/controltower.json @@ -10,6 +10,9 @@ } ], "resources": [ + { + "target": "com.amazonaws.controltower#BaselineOperationResource" + }, { "target": "com.amazonaws.controltower#BaselineResource" }, @@ -22,6 +25,9 @@ { "target": "com.amazonaws.controltower#EnabledControlResource" }, + { + "target": "com.amazonaws.controltower#LandingZoneOperationResource" + }, { "target": "com.amazonaws.controltower#LandingZoneResource" }, @@ -57,7 +63,7 @@ ], "additionalExposedHeaders": ["x-amzn-errortype", "x-amzn-requestid", "x-amzn-trace-id"] }, - "smithy.api#documentation": "

      Amazon Web Services Control Tower offers application programming interface (API) operations that support programmatic interaction with these types of resources:

      \n \n

      For more information about these types of resources, see the \n Amazon Web Services Control Tower User Guide\n .

      \n

      \n About control APIs\n

      \n

      These interfaces allow you to apply the Amazon Web Services library of pre-defined\n controls to your organizational units, programmatically. In Amazon Web Services Control Tower, the terms \"control\" and \"guardrail\" are synonyms.

      \n

      To call these APIs, you'll need to know:

      \n
        \n
      • \n

        the controlIdentifier for the control--or guardrail--you are targeting.

        \n
        • \n
      • \n

        the ARN associated with the target organizational unit (OU), which we call the targetIdentifier.

        \n
        • \n
      • \n

        the ARN associated with a resource that you wish to tag or untag.

        \n
        • \n
      \n

      \n To get the controlIdentifier for your Amazon Web Services Control Tower\n control:\n

      \n

      The controlIdentifier is an ARN that is specified for each\n control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

      \n

      The controlIdentifier is unique in each Amazon Web Services Region for each control. You can\n find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower User Guide.\n

      \n

      A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and\n Elective controls is given in Resource identifiers for\n APIs and controls in the Controls reference guide section\n of the Amazon Web Services Control Tower User Guide. Remember that Mandatory controls\n cannot be added or removed.

      \n \n

      \n ARN format:\n arn:aws:controltower:{REGION}::control/{CONTROL_NAME}\n

      \n

      \n Example:\n

      \n

      \n arn:aws:controltower:us-west-2::control/AWS-GR_AUTOSCALING_LAUNCH_CONFIG_PUBLIC_IP_DISABLED\n

      \n       \n

      \n To get the targetIdentifier:\n

      \n

      The targetIdentifier is the ARN for an OU.

      \n

      In the Amazon Web Services Organizations console, you can find the ARN for the OU on the Organizational unit details page associated with that OU.

      \n \n

      \n OU ARN format:\n

      \n

      \n arn:${Partition}:organizations::${MasterAccountId}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}\n

      \n       \n

      \n About landing zone APIs\n

      \n

      You can configure and launch an Amazon Web Services Control Tower landing zone with APIs. For an introduction and steps, see Getting started with Amazon Web Services Control Tower using APIs.

      \n

      For an overview of landing zone API operations, see Amazon Web Services Control Tower supports landing zone APIs. The individual API operations for landing zones are detailed in this document, the API reference manual, in the \"Actions\" section.

      \n

      \n About baseline APIs\n

      \n

      You can apply the AWSControlTowerBaseline baseline to an organizational unit (OU) as a way to register the OU with Amazon Web Services Control Tower, programmatically. For a general overview of this capability, see Amazon Web Services Control Tower supports APIs for OU registration and configuration with baselines.

      \n

      You can call the baseline API operations to view the baselines that Amazon Web Services Control Tower enables for your landing zone, on your behalf, when setting up the landing zone. These baselines are read-only baselines.

      \n

      The individual API operations for baselines are detailed in this document, the API reference manual, in the \"Actions\" section. For usage examples, see Baseline API input and output examples with CLI.

      \n

      \n Details and examples\n

      \n \n

      To view the open source resource repository on GitHub, see aws-cloudformation/aws-cloudformation-resource-providers-controltower\n

      \n

      \n Recording API Requests\n

      \n

      Amazon Web Services Control Tower supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your\n Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information collected by\n CloudTrail, you can determine which requests the Amazon Web Services Control Tower service received, who made\n the request and when, and so on. For more about Amazon Web Services Control Tower and its support for\n CloudTrail, see Logging Amazon Web Services Control Tower\n Actions with Amazon Web Services CloudTrail in the Amazon Web Services Control Tower User Guide. To learn more about\n CloudTrail, including how to turn it on and find your log files, see the Amazon Web Services CloudTrail User\n Guide.

      ", + "smithy.api#documentation": "

      Amazon Web Services Control Tower offers application programming interface (API) operations that support programmatic interaction with these types of resources:

      \n \n

      For more information about these types of resources, see the \n Amazon Web Services Control Tower User Guide\n .

      \n

      \n About control APIs\n

      \n

      These interfaces allow you to apply the Amazon Web Services library of pre-defined\n controls to your organizational units, programmatically. In Amazon Web Services Control Tower, the terms \"control\" and \"guardrail\" are synonyms.

      \n

      To call these APIs, you'll need to know:

      \n
        \n
      • \n

        the controlIdentifier for the control--or guardrail--you are targeting.

        \n
        • \n
      • \n

        the ARN associated with the target organizational unit (OU), which we call the targetIdentifier.

        \n
        • \n
      • \n

        the ARN associated with a resource that you wish to tag or untag.

        \n
        • \n
      \n

      \n To get the controlIdentifier for your Amazon Web Services Control Tower\n control:\n

      \n

      The controlIdentifier is an ARN that is specified for each\n control. You can view the controlIdentifier in the console on the Control details page, as well as in the documentation.

      \n

      The controlIdentifier is unique in each Amazon Web Services Region for each control. You can\n find the controlIdentifier for each Region and control in the Tables of control metadata or the Control availability by Region tables in the Amazon Web Services Control Tower Controls Reference Guide.

      \n

      A quick-reference list of control identifers for the Amazon Web Services Control Tower legacy Strongly recommended and\n Elective controls is given in Resource identifiers for\n APIs and controls in the \n Amazon Web Services Control Tower Controls Reference Guide\n . Remember that Mandatory controls cannot be added or removed.

      \n \n

      \n ARN format:\n arn:aws:controltower:{REGION}::control/{CONTROL_NAME}\n

      \n

      \n Example:\n

      \n

      \n arn:aws:controltower:us-west-2::control/AWS-GR_AUTOSCALING_LAUNCH_CONFIG_PUBLIC_IP_DISABLED\n

      \n       \n

      \n To get the targetIdentifier:\n

      \n

      The targetIdentifier is the ARN for an OU.

      \n

      In the Amazon Web Services Organizations console, you can find the ARN for the OU on the Organizational unit details page associated with that OU.

      \n \n

      \n OU ARN format:\n

      \n

      \n arn:${Partition}:organizations::${MasterAccountId}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}\n

      \n       \n

      \n About landing zone APIs\n

      \n

      You can configure and launch an Amazon Web Services Control Tower landing zone with APIs. For an introduction and steps, see Getting started with Amazon Web Services Control Tower using APIs.

      \n

      For an overview of landing zone API operations, see Amazon Web Services Control Tower supports landing zone APIs. The individual API operations for landing zones are detailed in this document, the API reference manual, in the \"Actions\" section.

      \n

      \n About baseline APIs\n

      \n

      You can apply the AWSControlTowerBaseline baseline to an organizational unit (OU) as a way to register the OU with Amazon Web Services Control Tower, programmatically. For a general overview of this capability, see Amazon Web Services Control Tower supports APIs for OU registration and configuration with baselines.

      \n

      You can call the baseline API operations to view the baselines that Amazon Web Services Control Tower enables for your landing zone, on your behalf, when setting up the landing zone. These baselines are read-only baselines.

      \n

      The individual API operations for baselines are detailed in this document, the API reference manual, in the \"Actions\" section. For usage examples, see Baseline API input and output examples with CLI.

      \n

      \n Details and examples\n

      \n \n

      To view the open source resource repository on GitHub, see aws-cloudformation/aws-cloudformation-resource-providers-controltower\n

      \n

      \n Recording API Requests\n

      \n

      Amazon Web Services Control Tower supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your\n Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information collected by\n CloudTrail, you can determine which requests the Amazon Web Services Control Tower service received, who made\n the request and when, and so on. For more about Amazon Web Services Control Tower and its support for\n CloudTrail, see Logging Amazon Web Services Control Tower\n Actions with Amazon Web Services CloudTrail in the Amazon Web Services Control Tower User Guide. To learn more about\n CloudTrail, including how to turn it on and find your log files, see the Amazon Web Services CloudTrail User\n Guide.

      ", "smithy.api#title": "AWS Control Tower", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -986,6 +992,17 @@ "smithy.api#documentation": "

      An object of shape BaselineOperation, returning details about the specified Baseline operation ID.

      " } }, + "com.amazonaws.controltower#BaselineOperationResource": { + "type": "resource", + "identifiers": { + "operationIdentifier": { + "target": "com.amazonaws.controltower#OperationIdentifier" + } + }, + "read": { + "target": "com.amazonaws.controltower#GetBaselineOperation" + } + }, "com.amazonaws.controltower#BaselineOperationStatus": { "type": "enum", "members": { @@ -1233,7 +1250,7 @@ } }, "traits": { - "smithy.api#documentation": "

      A filter object that lets you call ListCOntrolOperations with a specific filter.

      " + "smithy.api#documentation": "

      A filter object that lets you call ListControlOperations with a specific filter.

      " } }, "com.amazonaws.controltower#ControlOperationResource": { @@ -1646,7 +1663,7 @@ } ], "traits": { - "smithy.api#documentation": "

      This API call turns off a control. It starts an asynchronous operation that deletes AWS\n resources on the specified organizational unit and the accounts it contains. The resources\n will vary according to the control that you specify. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      This API call turns off a control. It starts an asynchronous operation that deletes Amazon Web Services\n resources on the specified organizational unit and the accounts it contains. The resources\n will vary according to the control that you specify. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -1881,7 +1898,7 @@ } ], "traits": { - "smithy.api#documentation": "

      This API call activates a control. It starts an asynchronous operation that creates Amazon Web Services\n resources on the specified organizational unit and the accounts it contains. The resources\n created will vary according to the control that you specify. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      This API call activates a control. It starts an asynchronous operation that creates Amazon Web Services\n resources on the specified organizational unit and the accounts it contains. The resources\n created will vary according to the control that you specify. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -2109,11 +2126,6 @@ "target": "com.amazonaws.controltower#ResetEnabledBaseline" } ], - "collectionOperations": [ - { - "target": "com.amazonaws.controltower#GetBaselineOperation" - } - ], "traits": { "aws.api#arn": { "template": "enabledbaseline/{enabledBaselineIdentifier}" @@ -2416,18 +2428,18 @@ "status": { "target": "com.amazonaws.controltower#EnablementStatus", "traits": { - "smithy.api#documentation": "

      The deployment status of the enabled control.

      \n

      Valid values:

      \n
        \n
      • \n

        \n SUCCEEDED: The enabledControl configuration was deployed successfully.

        \n
        • \n
      • \n

        \n UNDER_CHANGE: The enabledControl configuration is changing.

        \n
        • \n
      • \n

        \n FAILED: The enabledControl configuration failed to deploy.

        \n
        • \n
      " + "smithy.api#documentation": "

      The deployment status of the enabled resource.

      \n

      Valid values:

      \n
        \n
      • \n

        \n SUCCEEDED: The EnabledControl or EnabledBaseline configuration was deployed successfully.

        \n
        • \n
      • \n

        \n UNDER_CHANGE: The EnabledControl or EnabledBaseline configuration is changing.

        \n
        • \n
      • \n

        \n FAILED: The EnabledControl or EnabledBaseline configuration failed to deploy.

        \n
        • \n
      " } }, "lastOperationIdentifier": { "target": "com.amazonaws.controltower#OperationIdentifier", "traits": { - "smithy.api#documentation": "

      The last operation identifier for the enabled control.

      " + "smithy.api#documentation": "

      The last operation identifier for the enabled resource.

      " } } }, "traits": { - "smithy.api#documentation": "

      The deployment summary of the enabled control.

      " + "smithy.api#documentation": "

      The deployment summary of an EnabledControl or EnabledBaseline resource.

      " } }, "com.amazonaws.controltower#EnablementStatuses": { @@ -2523,7 +2535,8 @@ "code": 200, "method": "POST", "uri": "/get-baseline-operation" - } + }, + "smithy.api#readonly": {} } }, "com.amazonaws.controltower#GetBaselineOperationInput": { @@ -2610,7 +2623,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Returns the status of a particular EnableControl or\n DisableControl operation. Displays a message in case of error. Details for an\n operation are available for 90 days. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Returns the status of a particular EnableControl or\n DisableControl operation. Displays a message in case of error. Details for an\n operation are available for 90 days. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -2739,7 +2752,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Retrieves details about an enabled control. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Retrieves details about an enabled control. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -3011,6 +3024,18 @@ "smithy.api#documentation": "

      The landing zone operation type.

      \n

      Valid values:

      \n
        \n
      • \n

        \n DELETE: The DeleteLandingZone operation.

        \n
        • \n
      • \n

        \n CREATE: The CreateLandingZone operation.

        \n
        • \n
      • \n

        \n UPDATE: The UpdateLandingZone operation.

        \n
        • \n
      • \n

        \n RESET: The ResetLandingZone operation.

        \n
        • \n
      " } }, + "operationIdentifier": { + "target": "com.amazonaws.controltower#OperationIdentifier", + "traits": { + "smithy.api#documentation": "

      The operationIdentifier of the landing zone operation.

      " + } + }, + "status": { + "target": "com.amazonaws.controltower#LandingZoneOperationStatus", + "traits": { + "smithy.api#documentation": "

      Valid values:

      \n
        \n
      • \n

        \n SUCCEEDED: The landing zone operation succeeded.

        \n
        • \n
      • \n

        \n IN_PROGRESS: The landing zone operation is in progress.

        \n
        • \n
      • \n

        \n FAILED: The landing zone operation failed.

        \n
        • \n
      " + } + }, "startTime": { "target": "com.amazonaws.controltower#Timestamp", "traits": { @@ -3023,12 +3048,6 @@ "smithy.api#documentation": "

      The landing zone operation end time.

      " } }, - "status": { - "target": "com.amazonaws.controltower#LandingZoneOperationStatus", - "traits": { - "smithy.api#documentation": "

      Valid values:

      \n
        \n
      • \n

        \n SUCCEEDED: The landing zone operation succeeded.

        \n
        • \n
      • \n

        \n IN_PROGRESS: The landing zone operation is in progress.

        \n
        • \n
      • \n

        \n FAILED: The landing zone operation failed.

        \n
        • \n
      " - } - }, "statusMessage": { "target": "smithy.api#String", "traits": { @@ -3040,6 +3059,40 @@ "smithy.api#documentation": "

      Information about a landing zone operation.

      " } }, + "com.amazonaws.controltower#LandingZoneOperationFilter": { + "type": "structure", + "members": { + "types": { + "target": "com.amazonaws.controltower#LandingZoneOperationTypes", + "traits": { + "smithy.api#documentation": "

      The set of landing zone operation types selected by the filter.

      " + } + }, + "statuses": { + "target": "com.amazonaws.controltower#LandingZoneOperationStatuses", + "traits": { + "smithy.api#documentation": "

      The statuses of the set of landing zone operations selected by the filter.

      " + } + } + }, + "traits": { + "smithy.api#documentation": "

      A filter object that lets you call ListLandingZoneOperations with a specific filter.

      " + } + }, + "com.amazonaws.controltower#LandingZoneOperationResource": { + "type": "resource", + "identifiers": { + "operationIdentifier": { + "target": "com.amazonaws.controltower#OperationIdentifier" + } + }, + "read": { + "target": "com.amazonaws.controltower#GetLandingZoneOperation" + }, + "list": { + "target": "com.amazonaws.controltower#ListLandingZoneOperations" + } + }, "com.amazonaws.controltower#LandingZoneOperationStatus": { "type": "enum", "members": { @@ -3063,6 +3116,44 @@ } } }, + "com.amazonaws.controltower#LandingZoneOperationStatuses": { + "type": "list", + "member": { + "target": "com.amazonaws.controltower#LandingZoneOperationStatus" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, + "com.amazonaws.controltower#LandingZoneOperationSummary": { + "type": "structure", + "members": { + "operationType": { + "target": "com.amazonaws.controltower#LandingZoneOperationType", + "traits": { + "smithy.api#documentation": "

      The type of the landing zone operation.

      " + } + }, + "operationIdentifier": { + "target": "com.amazonaws.controltower#OperationIdentifier", + "traits": { + "smithy.api#documentation": "

      The operationIdentifier of the landing zone operation.

      " + } + }, + "status": { + "target": "com.amazonaws.controltower#LandingZoneOperationStatus", + "traits": { + "smithy.api#documentation": "

      The status of the landing zone operation.

      " + } + } + }, + "traits": { + "smithy.api#documentation": "

      Returns a summary of information about a landing zone operation.

      " + } + }, "com.amazonaws.controltower#LandingZoneOperationType": { "type": "enum", "members": { @@ -3092,6 +3183,24 @@ } } }, + "com.amazonaws.controltower#LandingZoneOperationTypes": { + "type": "list", + "member": { + "target": "com.amazonaws.controltower#LandingZoneOperationType" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, + "com.amazonaws.controltower#LandingZoneOperations": { + "type": "list", + "member": { + "target": "com.amazonaws.controltower#LandingZoneOperationSummary" + } + }, "com.amazonaws.controltower#LandingZoneResource": { "type": "resource", "identifiers": { @@ -3119,11 +3228,6 @@ "target": "com.amazonaws.controltower#ResetLandingZone" } ], - "collectionOperations": [ - { - "target": "com.amazonaws.controltower#GetLandingZoneOperation" - } - ], "traits": { "aws.cloudformation#cfnResource": { "name": "LandingZone" @@ -3294,7 +3398,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Provides a list of operations in progress or queued.

      ", + "smithy.api#documentation": "

      Provides a list of operations in progress or queued. For usage examples, see ListControlOperation examples.

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -3356,7 +3460,7 @@ "controlOperations": { "target": "com.amazonaws.controltower#ControlOperations", "traits": { - "smithy.api#documentation": "

      Returns a list of output from control operations. PLACEHOLDER

      ", + "smithy.api#documentation": "

      Returns a list of output from control operations.

      ", "smithy.api#required": {} } }, @@ -3497,7 +3601,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Lists the controls enabled by Amazon Web Services Control Tower on the specified organizational unit and\n the accounts it contains. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Lists the controls enabled by Amazon Web Services Control Tower on the specified organizational unit and\n the accounts it contains. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -3537,7 +3641,7 @@ "filter": { "target": "com.amazonaws.controltower#EnabledControlFilter", "traits": { - "smithy.api#documentation": "

      An input filter for the ListCEnabledControls API that lets you select the types of control operations to view.

      " + "smithy.api#documentation": "

      An input filter for the ListEnabledControls API that lets you select the types of control operations to view.

      " } } }, @@ -3566,6 +3670,100 @@ "smithy.api#output": {} } }, + "com.amazonaws.controltower#ListLandingZoneOperations": { + "type": "operation", + "input": { + "target": "com.amazonaws.controltower#ListLandingZoneOperationsInput" + }, + "output": { + "target": "com.amazonaws.controltower#ListLandingZoneOperationsOutput" + }, + "errors": [ + { + "target": "com.amazonaws.controltower#AccessDeniedException" + }, + { + "target": "com.amazonaws.controltower#InternalServerException" + }, + { + "target": "com.amazonaws.controltower#ThrottlingException" + }, + { + "target": "com.amazonaws.controltower#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

      Lists all landing zone operations from the past 90 days. Results are sorted by time, with the most recent operation first.

      ", + "smithy.api#http": { + "code": 200, + "method": "POST", + "uri": "/list-landingzone-operations" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "landingZoneOperations" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.controltower#ListLandingZoneOperationsInput": { + "type": "structure", + "members": { + "filter": { + "target": "com.amazonaws.controltower#LandingZoneOperationFilter", + "traits": { + "smithy.api#documentation": "

      An input filter for the ListLandingZoneOperations API that lets you select the types of landing zone operations to view.

      " + } + }, + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

      The token to continue the list from a previous API call with the same parameters.

      " + } + }, + "maxResults": { + "target": "com.amazonaws.controltower#ListLandingZoneOperationsMaxResults", + "traits": { + "smithy.api#documentation": "

      How many results to return per API call.

      " + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.controltower#ListLandingZoneOperationsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.controltower#ListLandingZoneOperationsOutput": { + "type": "structure", + "members": { + "landingZoneOperations": { + "target": "com.amazonaws.controltower#LandingZoneOperations", + "traits": { + "smithy.api#documentation": "

      Lists landing zone operations.

      ", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

      Retrieves the next page of results. If the string is empty, the response is the end of the results.

      " + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.controltower#ListLandingZones": { "type": "operation", "input": { @@ -3678,7 +3876,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Returns a list of tags associated with the resource. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Returns a list of tags associated with the resource. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 200, "method": "GET", @@ -3862,7 +4060,7 @@ } ], "traits": { - "smithy.api#documentation": "

      This API call resets a landing zone. It starts an asynchronous operation that resets the \n landing zone to the parameters specified in its original configuration.

      ", + "smithy.api#documentation": "

      This API call resets a landing zone. It starts an asynchronous operation that resets the\n landing zone to the parameters specified in the original configuration, which you specified\n in the manifest file. Nothing in the manifest file's original landing zone configuration is changed\n during the reset process, by default. This API is not the same as a rollback of a landing\n zone version, which is not a supported operation.

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -3988,7 +4186,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Applies tags to a resource. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Applies tags to a resource. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 204, "method": "POST", @@ -4146,7 +4344,7 @@ } ], "traits": { - "smithy.api#documentation": "

      Removes tags from a resource. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n .

      ", + "smithy.api#documentation": "

      Removes tags from a resource. For usage examples, see the \n Controls Reference Guide\n .

      ", "smithy.api#http": { "code": 204, "method": "DELETE", @@ -4300,7 +4498,7 @@ } ], "traits": { - "smithy.api#documentation": "

      \n Updates the configuration of an already enabled control.

      \n

      If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request.

      \n

      If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower will update the control to match any valid parameters that you supply.

      \n

      If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see \n the Amazon Web Services Control Tower User Guide\n \n

      ", + "smithy.api#documentation": "

      \n Updates the configuration of an already enabled control.

      \n

      If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request.

      \n

      If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower updates the control to match any valid parameters that you supply.

      \n

      If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see the \n Controls Reference Guide\n .\n

      ", "smithy.api#http": { "code": 200, "method": "POST", @@ -4395,7 +4593,7 @@ "manifest": { "target": "com.amazonaws.controltower#Manifest", "traits": { - "smithy.api#documentation": "

      The manifest JSON file is a text file that describes your Amazon Web Services resources. For examples, review \n Launch your landing zone.

      ", + "smithy.api#documentation": "

      The manifest file (JSON) is a text file that describes your Amazon Web Services resources. For an example, review \n Launch your landing zone. The example manifest file contains each of the available parameters. The schema for the landing zone's JSON manifest file is not published, by design.

      ", "smithy.api#required": {} } },