The unit of the metric. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference.
" }, + "Period":{ + "shape":"MetricGranularityInSeconds", + "documentation":"The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see Create a target tracking policy using high-resolution metrics for faster response.
" + }, "Metrics":{ "shape":"TargetTrackingMetricDataQueries", "documentation":"The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.
" @@ -4200,6 +4204,10 @@ "type":"list", "member":{"shape":"MetricDimension"} }, + "MetricGranularityInSeconds":{ + "type":"integer", + "min":1 + }, "MetricGranularityType":{ "type":"structure", "members":{ @@ -5613,6 +5621,10 @@ "shape":"XmlStringMetricLabel", "documentation":"A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.
" }, + "Period":{ + "shape":"MetricGranularityInSeconds", + "documentation":"The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see Create a target tracking policy using high-resolution metrics for faster response.
" + }, "ReturnData":{ "shape":"ReturnData", "documentation":"Indicates whether to return the timestamps and raw data values of this metric.
If you use any math expressions, specify true for this value for only the final math expression that the metric specification is based on. You must specify false for ReturnData for all the other metrics and expressions used in the metric specification.
If you are only retrieving metrics and not performing any math expressions, do not specify anything for ReturnData. This sets it to its default (true).
The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference.
" + }, + "Period":{ + "shape":"MetricGranularityInSeconds", + "documentation":"The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see Create a target tracking policy using high-resolution metrics for faster response.
" } }, "documentation":"This structure defines the CloudWatch metric to return, along with the statistic and unit.
For more information about the CloudWatch terminology below, see Amazon CloudWatch concepts in the Amazon CloudWatch User Guide.
" diff --git a/botocore/data/bcm-pricing-calculator/2024-06-19/endpoint-rule-set-1.json b/botocore/data/bcm-pricing-calculator/2024-06-19/endpoint-rule-set-1.json new file mode 100644 index 0000000000..bc6df3c488 --- /dev/null +++ b/botocore/data/bcm-pricing-calculator/2024-06-19/endpoint-rule-set-1.json @@ -0,0 +1,151 @@ +{ + "version": "1.0", + "parameters": { + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + }, + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, + { + "conditions": [], + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "endpoint": { + "url": "https://bcm-pricing-calculator-fips.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dualStackDnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [], + "endpoint": { + "url": "https://bcm-pricing-calculator.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dualStackDnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ], + "type": "tree" + } + ] +} \ No newline at end of file diff --git a/botocore/data/bcm-pricing-calculator/2024-06-19/paginators-1.json b/botocore/data/bcm-pricing-calculator/2024-06-19/paginators-1.json new file mode 100644 index 0000000000..678b04a93d --- /dev/null +++ b/botocore/data/bcm-pricing-calculator/2024-06-19/paginators-1.json @@ -0,0 +1,64 @@ +{ + "pagination": { + "ListBillEstimateCommitments": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillEstimateInputCommitmentModifications": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillEstimateInputUsageModifications": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillEstimateLineItems": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillEstimates": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillScenarioCommitmentModifications": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillScenarioUsageModifications": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListBillScenarios": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListWorkloadEstimateUsage": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + }, + "ListWorkloadEstimates": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "items" + } + } +} diff --git a/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json b/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json new file mode 100644 index 0000000000..976c20a5a6 --- /dev/null +++ b/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json @@ -0,0 +1,4004 @@ +{ + "version":"2.0", + "metadata":{ + "apiVersion":"2024-06-19", + "auth":["aws.auth#sigv4"], + "endpointPrefix":"bcm-pricing-calculator", + "jsonVersion":"1.0", + "protocol":"json", + "protocols":["json"], + "serviceFullName":"AWS Billing and Cost Management Pricing Calculator", + "serviceId":"BCM Pricing Calculator", + "signatureVersion":"v4", + "signingName":"bcm-pricing-calculator", + "targetPrefix":"AWSBCMPricingCalculator", + "uid":"bcm-pricing-calculator-2024-06-19" + }, + "operations":{ + "BatchCreateBillScenarioCommitmentModification":{ + "name":"BatchCreateBillScenarioCommitmentModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchCreateBillScenarioCommitmentModificationRequest"}, + "output":{"shape":"BatchCreateBillScenarioCommitmentModificationResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Create Compute Savings Plans, EC2 Instance Savings Plans, or EC2 Reserved Instances commitments that you want to model in a Bill Scenario.
", + "idempotent":true + }, + "BatchCreateBillScenarioUsageModification":{ + "name":"BatchCreateBillScenarioUsageModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchCreateBillScenarioUsageModificationRequest"}, + "output":{"shape":"BatchCreateBillScenarioUsageModificationResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Create Amazon Web Services service usage that you want to model in a Bill Scenario.
", + "idempotent":true + }, + "BatchCreateWorkloadEstimateUsage":{ + "name":"BatchCreateWorkloadEstimateUsage", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchCreateWorkloadEstimateUsageRequest"}, + "output":{"shape":"BatchCreateWorkloadEstimateUsageResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Create Amazon Web Services service usage that you want to model in a Workload Estimate.
", + "idempotent":true + }, + "BatchDeleteBillScenarioCommitmentModification":{ + "name":"BatchDeleteBillScenarioCommitmentModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchDeleteBillScenarioCommitmentModificationRequest"}, + "output":{"shape":"BatchDeleteBillScenarioCommitmentModificationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Delete commitment that you have created in a Bill Scenario. You can only delete a commitment that you had added and cannot model deletion (or removal) of a existing commitment. If you want model deletion of an existing commitment, see the negate BillScenarioCommitmentModificationAction of BatchCreateBillScenarioCommitmentModification operation.
", + "idempotent":true + }, + "BatchDeleteBillScenarioUsageModification":{ + "name":"BatchDeleteBillScenarioUsageModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchDeleteBillScenarioUsageModificationRequest"}, + "output":{"shape":"BatchDeleteBillScenarioUsageModificationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Delete usage that you have created in a Bill Scenario. You can only delete usage that you had added and cannot model deletion (or removal) of a existing usage. If you want model removal of an existing usage, see BatchUpdateBillScenarioUsageModification.
", + "idempotent":true + }, + "BatchDeleteWorkloadEstimateUsage":{ + "name":"BatchDeleteWorkloadEstimateUsage", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchDeleteWorkloadEstimateUsageRequest"}, + "output":{"shape":"BatchDeleteWorkloadEstimateUsageResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Delete usage that you have created in a Workload estimate. You can only delete usage that you had added and cannot model deletion (or removal) of a existing usage. If you want model removal of an existing usage, see BatchUpdateWorkloadEstimateUsage.
", + "idempotent":true + }, + "BatchUpdateBillScenarioCommitmentModification":{ + "name":"BatchUpdateBillScenarioCommitmentModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchUpdateBillScenarioCommitmentModificationRequest"}, + "output":{"shape":"BatchUpdateBillScenarioCommitmentModificationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Update a newly added or existing commitment. You can update the commitment group based on a commitment ID and a Bill scenario ID.
", + "idempotent":true + }, + "BatchUpdateBillScenarioUsageModification":{ + "name":"BatchUpdateBillScenarioUsageModification", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchUpdateBillScenarioUsageModificationRequest"}, + "output":{"shape":"BatchUpdateBillScenarioUsageModificationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Update a newly added or existing usage lines. You can update the usage amounts, usage hour, and usage group based on a usage ID and a Bill scenario ID.
", + "idempotent":true + }, + "BatchUpdateWorkloadEstimateUsage":{ + "name":"BatchUpdateWorkloadEstimateUsage", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"BatchUpdateWorkloadEstimateUsageRequest"}, + "output":{"shape":"BatchUpdateWorkloadEstimateUsageResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Update a newly added or existing usage lines. You can update the usage amounts and usage group based on a usage ID and a Workload estimate ID.
", + "idempotent":true + }, + "CreateBillEstimate":{ + "name":"CreateBillEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateBillEstimateRequest"}, + "output":{"shape":"CreateBillEstimateResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Create a Bill estimate from a Bill scenario. In the Bill scenario you can model usage addition, usage changes, and usage removal. You can also model commitment addition and commitment removal. After all changes in a Bill scenario is made satisfactorily, you can call this API with a Bill scenario ID to generate the Bill estimate. Bill estimate calculates the pre-tax cost for your consolidated billing family, incorporating all modeled usage and commitments alongside existing usage and commitments from your most recent completed anniversary bill, with any applicable discounts applied.
", + "idempotent":true + }, + "CreateBillScenario":{ + "name":"CreateBillScenario", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateBillScenarioRequest"}, + "output":{"shape":"CreateBillScenarioResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Creates a new bill scenario to model potential changes to Amazon Web Services usage and costs.
", + "idempotent":true + }, + "CreateWorkloadEstimate":{ + "name":"CreateWorkloadEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateWorkloadEstimateRequest"}, + "output":{"shape":"CreateWorkloadEstimateResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Creates a new workload estimate to model costs for a specific workload.
", + "idempotent":true + }, + "DeleteBillEstimate":{ + "name":"DeleteBillEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteBillEstimateRequest"}, + "output":{"shape":"DeleteBillEstimateResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Deletes an existing bill estimate.
", + "idempotent":true + }, + "DeleteBillScenario":{ + "name":"DeleteBillScenario", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteBillScenarioRequest"}, + "output":{"shape":"DeleteBillScenarioResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Deletes an existing bill scenario.
", + "idempotent":true + }, + "DeleteWorkloadEstimate":{ + "name":"DeleteWorkloadEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteWorkloadEstimateRequest"}, + "output":{"shape":"DeleteWorkloadEstimateResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Deletes an existing workload estimate.
", + "idempotent":true + }, + "GetBillEstimate":{ + "name":"GetBillEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetBillEstimateRequest"}, + "output":{"shape":"GetBillEstimateResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Retrieves details of a specific bill estimate.
" + }, + "GetBillScenario":{ + "name":"GetBillScenario", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetBillScenarioRequest"}, + "output":{"shape":"GetBillScenarioResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Retrieves details of a specific bill scenario.
" + }, + "GetPreferences":{ + "name":"GetPreferences", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetPreferencesRequest"}, + "output":{"shape":"GetPreferencesResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Retrieves the current preferences for the Amazon Web Services Cost Explorer service.
" + }, + "GetWorkloadEstimate":{ + "name":"GetWorkloadEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetWorkloadEstimateRequest"}, + "output":{"shape":"GetWorkloadEstimateResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Retrieves details of a specific workload estimate.
" + }, + "ListBillEstimateCommitments":{ + "name":"ListBillEstimateCommitments", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillEstimateCommitmentsRequest"}, + "output":{"shape":"ListBillEstimateCommitmentsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the commitments associated with a bill estimate.
" + }, + "ListBillEstimateInputCommitmentModifications":{ + "name":"ListBillEstimateInputCommitmentModifications", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillEstimateInputCommitmentModificationsRequest"}, + "output":{"shape":"ListBillEstimateInputCommitmentModificationsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the input commitment modifications associated with a bill estimate.
" + }, + "ListBillEstimateInputUsageModifications":{ + "name":"ListBillEstimateInputUsageModifications", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillEstimateInputUsageModificationsRequest"}, + "output":{"shape":"ListBillEstimateInputUsageModificationsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the input usage modifications associated with a bill estimate.
" + }, + "ListBillEstimateLineItems":{ + "name":"ListBillEstimateLineItems", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillEstimateLineItemsRequest"}, + "output":{"shape":"ListBillEstimateLineItemsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the line items associated with a bill estimate.
" + }, + "ListBillEstimates":{ + "name":"ListBillEstimates", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillEstimatesRequest"}, + "output":{"shape":"ListBillEstimatesResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists all bill estimates for the account.
" + }, + "ListBillScenarioCommitmentModifications":{ + "name":"ListBillScenarioCommitmentModifications", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillScenarioCommitmentModificationsRequest"}, + "output":{"shape":"ListBillScenarioCommitmentModificationsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the commitment modifications associated with a bill scenario.
" + }, + "ListBillScenarioUsageModifications":{ + "name":"ListBillScenarioUsageModifications", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillScenarioUsageModificationsRequest"}, + "output":{"shape":"ListBillScenarioUsageModificationsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the usage modifications associated with a bill scenario.
" + }, + "ListBillScenarios":{ + "name":"ListBillScenarios", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListBillScenariosRequest"}, + "output":{"shape":"ListBillScenariosResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists all bill scenarios for the account.
" + }, + "ListTagsForResource":{ + "name":"ListTagsForResource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListTagsForResourceRequest"}, + "output":{"shape":"ListTagsForResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists all tags associated with a specified resource.
" + }, + "ListWorkloadEstimateUsage":{ + "name":"ListWorkloadEstimateUsage", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListWorkloadEstimateUsageRequest"}, + "output":{"shape":"ListWorkloadEstimateUsageResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists the usage associated with a workload estimate.
" + }, + "ListWorkloadEstimates":{ + "name":"ListWorkloadEstimates", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ListWorkloadEstimatesRequest"}, + "output":{"shape":"ListWorkloadEstimatesResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Lists all workload estimates for the account.
" + }, + "TagResource":{ + "name":"TagResource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"TagResourceRequest"}, + "output":{"shape":"TagResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Adds one or more tags to a specified resource.
" + }, + "UntagResource":{ + "name":"UntagResource", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UntagResourceRequest"}, + "output":{"shape":"UntagResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Removes one or more tags from a specified resource.
" + }, + "UpdateBillEstimate":{ + "name":"UpdateBillEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateBillEstimateRequest"}, + "output":{"shape":"UpdateBillEstimateResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Updates an existing bill estimate.
", + "idempotent":true + }, + "UpdateBillScenario":{ + "name":"UpdateBillScenario", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateBillScenarioRequest"}, + "output":{"shape":"UpdateBillScenarioResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Updates an existing bill scenario.
", + "idempotent":true + }, + "UpdatePreferences":{ + "name":"UpdatePreferences", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdatePreferencesRequest"}, + "output":{"shape":"UpdatePreferencesResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"InternalServerException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Updates the preferences for the Amazon Web Services Cost Explorer service.
", + "idempotent":true + }, + "UpdateWorkloadEstimate":{ + "name":"UpdateWorkloadEstimate", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateWorkloadEstimateRequest"}, + "output":{"shape":"UpdateWorkloadEstimateResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"DataUnavailableException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"Updates an existing workload estimate.
", + "idempotent":true + } + }, + "shapes":{ + "AccessDeniedException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"} + }, + "documentation":"You do not have sufficient access to perform this action.
", + "exception":true + }, + "AccountId":{ + "type":"string", + "max":12, + "min":12, + "pattern":"\\d{12}" + }, + "AddReservedInstanceAction":{ + "type":"structure", + "members":{ + "reservedInstancesOfferingId":{ + "shape":"Uuid", + "documentation":"The ID of the Reserved Instance offering to add. For more information, see DescribeReservedInstancesOfferings.
" + }, + "instanceCount":{ + "shape":"ReservedInstanceInstanceCount", + "documentation":"The number of instances to add for this Reserved Instance offering.
" + } + }, + "documentation":"Represents an action to add a Reserved Instance to a bill scenario.
" + }, + "AddSavingsPlanAction":{ + "type":"structure", + "members":{ + "savingsPlanOfferingId":{ + "shape":"Uuid", + "documentation":"The ID of the Savings Plan offering to add. For more information, see DescribeSavingsPlansOfferings.
" + }, + "commitment":{ + "shape":"SavingsPlanCommitment", + "documentation":" The hourly commitment, in the same currency of the savingsPlanOfferingId. This is a value between 0.001 and 1 million. You cannot specify more than five digits after the decimal point.
Represents an action to add a Savings Plan to a bill scenario.
" + }, + "Arn":{ + "type":"string", + "max":2048, + "min":20, + "pattern":"arn:aws[-a-z0-9]*:bcm-pricing-calculator:[-a-z0-9]*:[0-9]{12}:[-a-z0-9/:_]+" + }, + "AvailabilityZone":{ + "type":"string", + "max":32, + "min":0, + "pattern":"[-a-zA-Z0-9\\.\\-_:,]*" + }, + "BatchCreateBillScenarioCommitmentModificationEntries":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioCommitmentModificationEntry"}, + "max":25, + "min":1 + }, + "BatchCreateBillScenarioCommitmentModificationEntry":{ + "type":"structure", + "required":[ + "key", + "usageAccountId", + "commitmentAction" + ], + "members":{ + "key":{ + "shape":"Key", + "documentation":"A unique identifier for this entry in the batch operation. This can be any valid string. This key is useful to identify errors associated with any commitment entry as any error is returned with this key.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"An optional group identifier for the commitment modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID to which this commitment will be applied to.
" + }, + "commitmentAction":{ + "shape":"BillScenarioCommitmentModificationAction", + "documentation":"The specific commitment action to be taken (e.g., adding a Reserved Instance or Savings Plan).
" + } + }, + "documentation":"Represents an entry object in the batch operation to create bill scenario commitment modifications.
" + }, + "BatchCreateBillScenarioCommitmentModificationError":{ + "type":"structure", + "members":{ + "key":{ + "shape":"Key", + "documentation":"The key of the entry that caused the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"A descriptive message for the error that occurred.
" + }, + "errorCode":{ + "shape":"BatchCreateBillScenarioCommitmentModificationErrorCode", + "documentation":"The error code associated with the failed operation.
" + } + }, + "documentation":"Represents an error that occurred during a batch create operation for bill scenario commitment modifications.
" + }, + "BatchCreateBillScenarioCommitmentModificationErrorCode":{ + "type":"string", + "enum":[ + "CONFLICT", + "INTERNAL_SERVER_ERROR", + "INVALID_ACCOUNT" + ] + }, + "BatchCreateBillScenarioCommitmentModificationErrors":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioCommitmentModificationError"} + }, + "BatchCreateBillScenarioCommitmentModificationItem":{ + "type":"structure", + "members":{ + "key":{ + "shape":"Key", + "documentation":"The key of the successfully created entry. This can be any valid string. This key is useful to identify errors associated with any commitment entry as any error is returned with this key.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier assigned to the created commitment modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the created commitment modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with the created commitment modification.
" + }, + "commitmentAction":{ + "shape":"BillScenarioCommitmentModificationAction", + "documentation":"The specific commitment action that was taken.
" + } + }, + "documentation":"Represents a successfully created item in a batch operation for bill scenario commitment modifications.
" + }, + "BatchCreateBillScenarioCommitmentModificationItems":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioCommitmentModificationItem"} + }, + "BatchCreateBillScenarioCommitmentModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "commitmentModifications" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to create the modeled commitment.
" + }, + "commitmentModifications":{ + "shape":"BatchCreateBillScenarioCommitmentModificationEntries", + "documentation":"List of commitments that you want to model in the Bill Scenario.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", + "idempotencyToken":true + } + } + }, + "BatchCreateBillScenarioCommitmentModificationResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BatchCreateBillScenarioCommitmentModificationItems", + "documentation":"Returns the list of successful commitment line items that were created for the Bill Scenario.
" + }, + "errors":{ + "shape":"BatchCreateBillScenarioCommitmentModificationErrors", + "documentation":"Returns the list of errors reason and the commitment item keys that cannot be created in the Bill Scenario.
" + } + } + }, + "BatchCreateBillScenarioUsageModificationEntries":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioUsageModificationEntry"}, + "max":25, + "min":1 + }, + "BatchCreateBillScenarioUsageModificationEntry":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation", + "key", + "usageAccountId" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":" The Amazon Web Services service code for this usage modification. This identifies the specific Amazon Web Services service to the customer as a unique short abbreviation. For example, AmazonEC2 and AWSKMS.
Describes the usage details of the usage line item.
" + }, + "operation":{ + "shape":"Operation", + "documentation":" The specific operation associated with this usage modification. Describes the specific Amazon Web Services operation that this usage line models. For example, RunInstances indicates the operation of an Amazon EC2 instance.
The Availability Zone that this usage line uses.
" + }, + "key":{ + "shape":"Key", + "documentation":"A unique identifier for this entry in the batch operation. This can be any valid string. This key is useful to identify errors associated with any usage entry as any error is returned with this key.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"An optional group identifier for the usage modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID to which this usage will be applied to.
" + }, + "amounts":{ + "shape":"UsageAmounts", + "documentation":"The amount of usage you want to create for the service use you are modeling.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this modification, if available.
" + } + }, + "documentation":"Represents an entry in a batch operation to create bill scenario usage modifications.
" + }, + "BatchCreateBillScenarioUsageModificationError":{ + "type":"structure", + "members":{ + "key":{ + "shape":"Key", + "documentation":"The key of the entry that caused the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"A descriptive message for the error that occurred.
" + }, + "errorCode":{ + "shape":"BatchCreateBillScenarioUsageModificationErrorCode", + "documentation":"The error code associated with the failed operation.
" + } + }, + "documentation":"Represents an error that occurred during a batch create operation for bill scenario usage modifications.
" + }, + "BatchCreateBillScenarioUsageModificationErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "NOT_FOUND", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchCreateBillScenarioUsageModificationErrors":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioUsageModificationError"} + }, + "BatchCreateBillScenarioUsageModificationItem":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code for this usage modification.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage that was modified.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage modification.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this usage modification.
" + }, + "availabilityZone":{ + "shape":"AvailabilityZone", + "documentation":"The availability zone associated with this usage modification, if applicable.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier assigned to the created usage modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the created usage modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with the created usage modification.
" + }, + "quantities":{ + "shape":"UsageQuantities", + "documentation":"The modified usage quantities.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this modification, if available.
" + }, + "key":{ + "shape":"Key", + "documentation":"The key of the successfully created entry.
" + } + }, + "documentation":"Represents a successfully created item in a batch operation for bill scenario usage modifications.
" + }, + "BatchCreateBillScenarioUsageModificationItems":{ + "type":"list", + "member":{"shape":"BatchCreateBillScenarioUsageModificationItem"} + }, + "BatchCreateBillScenarioUsageModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "usageModifications" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to create the modeled usage.
" + }, + "usageModifications":{ + "shape":"BatchCreateBillScenarioUsageModificationEntries", + "documentation":"List of usage that you want to model in the Bill Scenario.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", + "idempotencyToken":true + } + } + }, + "BatchCreateBillScenarioUsageModificationResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BatchCreateBillScenarioUsageModificationItems", + "documentation":"Returns the list of successful usage line items that were created for the Bill Scenario.
" + }, + "errors":{ + "shape":"BatchCreateBillScenarioUsageModificationErrors", + "documentation":"Returns the list of errors reason and the usage item keys that cannot be created in the Bill Scenario.
" + } + } + }, + "BatchCreateWorkloadEstimateUsageCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "NOT_FOUND", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchCreateWorkloadEstimateUsageEntries":{ + "type":"list", + "member":{"shape":"BatchCreateWorkloadEstimateUsageEntry"}, + "max":25, + "min":1 + }, + "BatchCreateWorkloadEstimateUsageEntry":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation", + "key", + "usageAccountId", + "amount" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code for this usage estimate.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage being estimated.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage estimate.
" + }, + "key":{ + "shape":"Key", + "documentation":"A unique identifier for this entry in the batch operation.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"An optional group identifier for the usage estimate.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this usage estimate.
" + }, + "amount":{ + "shape":"Double", + "documentation":"The estimated usage amount.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this estimate, if available.
" + } + }, + "documentation":"Represents an entry in a batch operation to create workload estimate usage.
" + }, + "BatchCreateWorkloadEstimateUsageError":{ + "type":"structure", + "members":{ + "key":{ + "shape":"Key", + "documentation":"The key of the entry that caused the error.
" + }, + "errorCode":{ + "shape":"BatchCreateWorkloadEstimateUsageCode", + "documentation":"The error code associated with the failed operation.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"A descriptive message for the error that occurred.
" + } + }, + "documentation":"Represents an error that occurred during a batch create operation for workload estimate usage.
" + }, + "BatchCreateWorkloadEstimateUsageErrors":{ + "type":"list", + "member":{"shape":"BatchCreateWorkloadEstimateUsageError"} + }, + "BatchCreateWorkloadEstimateUsageItem":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code for this usage estimate.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage that was estimated.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage estimate.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this usage estimate.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier assigned to the created usage estimate.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with the created usage estimate.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the created usage estimate.
" + }, + "quantity":{ + "shape":"WorkloadEstimateUsageQuantity", + "documentation":"The estimated usage quantity.
" + }, + "cost":{ + "shape":"Double", + "documentation":"The estimated cost associated with this usage.
" + }, + "currency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the estimated cost.
" + }, + "status":{ + "shape":"WorkloadEstimateCostStatus", + "documentation":"The current status of the created usage estimate.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this estimate, if available.
" + }, + "key":{ + "shape":"Key", + "documentation":"The key of the successfully created entry.
" + } + }, + "documentation":"Represents a successfully created item in a batch operation for workload estimate usage.
" + }, + "BatchCreateWorkloadEstimateUsageItems":{ + "type":"list", + "member":{"shape":"BatchCreateWorkloadEstimateUsageItem"} + }, + "BatchCreateWorkloadEstimateUsageRequest":{ + "type":"structure", + "required":[ + "workloadEstimateId", + "usage" + ], + "members":{ + "workloadEstimateId":{ + "shape":"ResourceId", + "documentation":"The ID of the Workload estimate for which you want to create the modeled usage.
" + }, + "usage":{ + "shape":"BatchCreateWorkloadEstimateUsageEntries", + "documentation":"List of usage that you want to model in the Workload estimate.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", + "idempotencyToken":true + } + } + }, + "BatchCreateWorkloadEstimateUsageResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BatchCreateWorkloadEstimateUsageItems", + "documentation":"Returns the list of successful usage line items that were created for the Workload estimate.
" + }, + "errors":{ + "shape":"BatchCreateWorkloadEstimateUsageErrors", + "documentation":"Returns the list of errors reason and the usage item keys that cannot be created in the Workload estimate.
" + } + } + }, + "BatchDeleteBillScenarioCommitmentModificationEntries":{ + "type":"list", + "member":{"shape":"ResourceId"}, + "max":25, + "min":1 + }, + "BatchDeleteBillScenarioCommitmentModificationError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorCode":{ + "shape":"BatchDeleteBillScenarioCommitmentModificationErrorCode", + "documentation":"The code associated with the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + } + }, + "documentation":"Represents an error that occurred when deleting a commitment in a Bill Scenario.
" + }, + "BatchDeleteBillScenarioCommitmentModificationErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchDeleteBillScenarioCommitmentModificationErrors":{ + "type":"list", + "member":{"shape":"BatchDeleteBillScenarioCommitmentModificationError"} + }, + "BatchDeleteBillScenarioCommitmentModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "ids" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to delete the modeled commitment.
" + }, + "ids":{ + "shape":"BatchDeleteBillScenarioCommitmentModificationEntries", + "documentation":"List of commitments that you want to delete from the Bill Scenario.
" + } + } + }, + "BatchDeleteBillScenarioCommitmentModificationResponse":{ + "type":"structure", + "members":{ + "errors":{ + "shape":"BatchDeleteBillScenarioCommitmentModificationErrors", + "documentation":"Returns the list of errors reason and the commitment item keys that cannot be deleted from the Bill Scenario.
" + } + } + }, + "BatchDeleteBillScenarioUsageModificationEntries":{ + "type":"list", + "member":{"shape":"ResourceId"}, + "max":25, + "min":1 + }, + "BatchDeleteBillScenarioUsageModificationError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + }, + "errorCode":{ + "shape":"BatchDeleteBillScenarioUsageModificationErrorCode", + "documentation":"The code associated with the error.
" + } + }, + "documentation":"Represents an error that occurred when deleting usage in a Bill Scenario.
" + }, + "BatchDeleteBillScenarioUsageModificationErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchDeleteBillScenarioUsageModificationErrors":{ + "type":"list", + "member":{"shape":"BatchDeleteBillScenarioUsageModificationError"} + }, + "BatchDeleteBillScenarioUsageModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "ids" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to delete the modeled usage.
" + }, + "ids":{ + "shape":"BatchDeleteBillScenarioUsageModificationEntries", + "documentation":"List of usage that you want to delete from the Bill Scenario.
" + } + } + }, + "BatchDeleteBillScenarioUsageModificationResponse":{ + "type":"structure", + "members":{ + "errors":{ + "shape":"BatchDeleteBillScenarioUsageModificationErrors", + "documentation":"Returns the list of errors reason and the usage item keys that cannot be deleted from the Bill Scenario.
" + } + } + }, + "BatchDeleteWorkloadEstimateUsageEntries":{ + "type":"list", + "member":{"shape":"ResourceId"}, + "max":25, + "min":1 + }, + "BatchDeleteWorkloadEstimateUsageError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + }, + "errorCode":{ + "shape":"WorkloadEstimateUpdateUsageErrorCode", + "documentation":"The code associated with the error.
" + } + }, + "documentation":"Represents an error that occurred when deleting usage in a workload estimate.
" + }, + "BatchDeleteWorkloadEstimateUsageErrors":{ + "type":"list", + "member":{"shape":"BatchDeleteWorkloadEstimateUsageError"} + }, + "BatchDeleteWorkloadEstimateUsageRequest":{ + "type":"structure", + "required":[ + "workloadEstimateId", + "ids" + ], + "members":{ + "workloadEstimateId":{ + "shape":"ResourceId", + "documentation":"The ID of the Workload estimate for which you want to delete the modeled usage.
" + }, + "ids":{ + "shape":"BatchDeleteWorkloadEstimateUsageEntries", + "documentation":"List of usage that you want to delete from the Workload estimate.
" + } + } + }, + "BatchDeleteWorkloadEstimateUsageResponse":{ + "type":"structure", + "members":{ + "errors":{ + "shape":"BatchDeleteWorkloadEstimateUsageErrors", + "documentation":"Returns the list of errors reason and the usage item keys that cannot be deleted from the Workload estimate.
" + } + } + }, + "BatchUpdateBillScenarioCommitmentModificationEntries":{ + "type":"list", + "member":{"shape":"BatchUpdateBillScenarioCommitmentModificationEntry"}, + "max":25, + "min":1 + }, + "BatchUpdateBillScenarioCommitmentModificationEntry":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the commitment modification to update.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The updated group identifier for the commitment modification.
" + } + }, + "documentation":"Represents an entry in a batch operation to update bill scenario commitment modifications.
" + }, + "BatchUpdateBillScenarioCommitmentModificationError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorCode":{ + "shape":"BatchUpdateBillScenarioCommitmentModificationErrorCode", + "documentation":"The code associated with the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + } + }, + "documentation":"Represents an error that occurred when updating a commitment in a Bill Scenario.
" + }, + "BatchUpdateBillScenarioCommitmentModificationErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "NOT_FOUND", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchUpdateBillScenarioCommitmentModificationErrors":{ + "type":"list", + "member":{"shape":"BatchUpdateBillScenarioCommitmentModificationError"} + }, + "BatchUpdateBillScenarioCommitmentModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "commitmentModifications" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to modify the commitment group of a modeled commitment.
" + }, + "commitmentModifications":{ + "shape":"BatchUpdateBillScenarioCommitmentModificationEntries", + "documentation":"List of commitments that you want to update in a Bill Scenario.
" + } + } + }, + "BatchUpdateBillScenarioCommitmentModificationResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillScenarioCommitmentModificationItems", + "documentation":"Returns the list of successful commitment line items that were updated for a Bill Scenario.
" + }, + "errors":{ + "shape":"BatchUpdateBillScenarioCommitmentModificationErrors", + "documentation":"Returns the list of error reasons and commitment line item IDs that could not be updated for the Bill Scenario.
" + } + } + }, + "BatchUpdateBillScenarioUsageModificationEntries":{ + "type":"list", + "member":{"shape":"BatchUpdateBillScenarioUsageModificationEntry"}, + "max":25, + "min":1 + }, + "BatchUpdateBillScenarioUsageModificationEntry":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the usage modification to update.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The updated group identifier for the usage modification.
" + }, + "amounts":{ + "shape":"UsageAmounts", + "documentation":"The updated usage amounts for the modification.
" + } + }, + "documentation":"Represents an entry in a batch operation to update bill scenario usage modifications.
" + }, + "BatchUpdateBillScenarioUsageModificationError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + }, + "errorCode":{ + "shape":"BatchUpdateBillScenarioUsageModificationErrorCode", + "documentation":"The code associated with the error.
" + } + }, + "documentation":"Represents an error that occurred when updating usage in a Bill Scenario.
" + }, + "BatchUpdateBillScenarioUsageModificationErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "NOT_FOUND", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "BatchUpdateBillScenarioUsageModificationErrors":{ + "type":"list", + "member":{"shape":"BatchUpdateBillScenarioUsageModificationError"} + }, + "BatchUpdateBillScenarioUsageModificationRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "usageModifications" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to modify the usage lines.
" + }, + "usageModifications":{ + "shape":"BatchUpdateBillScenarioUsageModificationEntries", + "documentation":"List of usage lines that you want to update in a Bill Scenario identified by the usage ID.
" + } + } + }, + "BatchUpdateBillScenarioUsageModificationResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillScenarioUsageModificationItems", + "documentation":"Returns the list of successful usage line items that were updated for a Bill Scenario.
" + }, + "errors":{ + "shape":"BatchUpdateBillScenarioUsageModificationErrors", + "documentation":"Returns the list of error reasons and usage line item IDs that could not be updated for the Bill Scenario.
" + } + } + }, + "BatchUpdateWorkloadEstimateUsageEntries":{ + "type":"list", + "member":{"shape":"BatchUpdateWorkloadEstimateUsageEntry"}, + "max":25, + "min":1 + }, + "BatchUpdateWorkloadEstimateUsageEntry":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the usage estimate to update.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The updated group identifier for the usage estimate.
" + }, + "amount":{ + "shape":"Double", + "documentation":"The updated estimated usage amount.
" + } + }, + "documentation":"Represents an entry in a batch operation to update workload estimate usage.
" + }, + "BatchUpdateWorkloadEstimateUsageError":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The ID of the error.
" + }, + "errorMessage":{ + "shape":"String", + "documentation":"The message that describes the error.
" + }, + "errorCode":{ + "shape":"WorkloadEstimateUpdateUsageErrorCode", + "documentation":"The code associated with the error.
" + } + }, + "documentation":"Represents an error that occurred when updating usage in a workload estimate.
" + }, + "BatchUpdateWorkloadEstimateUsageErrors":{ + "type":"list", + "member":{"shape":"BatchUpdateWorkloadEstimateUsageError"} + }, + "BatchUpdateWorkloadEstimateUsageRequest":{ + "type":"structure", + "required":[ + "workloadEstimateId", + "usage" + ], + "members":{ + "workloadEstimateId":{ + "shape":"ResourceId", + "documentation":"The ID of the Workload estimate for which you want to modify the usage lines.
" + }, + "usage":{ + "shape":"BatchUpdateWorkloadEstimateUsageEntries", + "documentation":"List of usage line amounts and usage group that you want to update in a Workload estimate identified by the usage ID.
" + } + } + }, + "BatchUpdateWorkloadEstimateUsageResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"WorkloadEstimateUsageItems", + "documentation":"Returns the list of successful usage line items that were updated for a Workload estimate.
" + }, + "errors":{ + "shape":"BatchUpdateWorkloadEstimateUsageErrors", + "documentation":"Returns the list of error reasons and usage line item IDs that could not be updated for the Workload estimate.
" + } + } + }, + "BillEstimateCommitmentSummaries":{ + "type":"list", + "member":{"shape":"BillEstimateCommitmentSummary"} + }, + "BillEstimateCommitmentSummary":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the commitment.
" + }, + "purchaseAgreementType":{ + "shape":"PurchaseAgreementType", + "documentation":"The type of purchase agreement (e.g., Reserved Instance, Savings Plan).
" + }, + "offeringId":{ + "shape":"Uuid", + "documentation":"The identifier of the specific offering associated with this commitment.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this commitment.
" + }, + "region":{ + "shape":"String", + "documentation":"The Amazon Web Services region associated with this commitment.
" + }, + "termLength":{ + "shape":"String", + "documentation":"The length of the commitment term.
" + }, + "paymentOption":{ + "shape":"String", + "documentation":"The payment option chosen for this commitment (e.g., All Upfront, Partial Upfront, No Upfront).
" + }, + "upfrontPayment":{ + "shape":"CostAmount", + "documentation":"The upfront payment amount for this commitment, if applicable.
" + }, + "monthlyPayment":{ + "shape":"CostAmount", + "documentation":"The monthly payment amount for this commitment, if applicable.
" + } + }, + "documentation":"Provides a summary of commitment-related information for a bill estimate.
" + }, + "BillEstimateCostSummary":{ + "type":"structure", + "members":{ + "totalCostDifference":{ + "shape":"CostDifference", + "documentation":"The total difference in cost between the estimated and historical costs.
" + }, + "serviceCostDifferences":{ + "shape":"ServiceCostDifferenceMap", + "documentation":"A breakdown of cost differences by Amazon Web Services service.
" + } + }, + "documentation":"Provides a summary of cost-related information for a bill estimate.
" + }, + "BillEstimateInputCommitmentModificationSummaries":{ + "type":"list", + "member":{"shape":"BillEstimateInputCommitmentModificationSummary"} + }, + "BillEstimateInputCommitmentModificationSummary":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the commitment modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the commitment modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this commitment modification.
" + }, + "commitmentAction":{ + "shape":"BillScenarioCommitmentModificationAction", + "documentation":"The specific commitment action taken in this modification.
" + } + }, + "documentation":"Summarizes an input commitment modification for a bill estimate.
" + }, + "BillEstimateInputUsageModificationSummaries":{ + "type":"list", + "member":{"shape":"BillEstimateInputUsageModificationSummary"} + }, + "BillEstimateInputUsageModificationSummary":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code for this usage modification.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage being modified.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage modification.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this usage modification.
" + }, + "availabilityZone":{ + "shape":"AvailabilityZone", + "documentation":"The availability zone associated with this usage modification, if applicable.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the usage modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the usage modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this usage modification.
" + }, + "quantities":{ + "shape":"UsageQuantities", + "documentation":"The modified usage quantities.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this modification, if available.
" + } + }, + "documentation":"Summarizes an input usage modification for a bill estimate.
" + }, + "BillEstimateLineItemSummaries":{ + "type":"list", + "member":{"shape":"BillEstimateLineItemSummary"} + }, + "BillEstimateLineItemSummary":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code associated with this line item.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage for this line item.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this line item.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this line item.
" + }, + "availabilityZone":{ + "shape":"AvailabilityZone", + "documentation":"The availability zone associated with this line item, if applicable.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of this line item.
" + }, + "lineItemId":{ + "shape":"String", + "documentation":"The line item identifier from the original bill.
" + }, + "lineItemType":{ + "shape":"String", + "documentation":"The type of this line item (e.g., Usage, Tax, Credit).
" + }, + "payerAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID of the payer for this line item.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with the usage for this line item.
" + }, + "estimatedUsageQuantity":{ + "shape":"UsageQuantityResult", + "documentation":"The estimated usage quantity for this line item.
" + }, + "estimatedCost":{ + "shape":"CostAmount", + "documentation":"The estimated cost for this line item.
" + }, + "historicalUsageQuantity":{ + "shape":"UsageQuantityResult", + "documentation":"The historical usage quantity for this line item.
" + }, + "historicalCost":{ + "shape":"CostAmount", + "documentation":"The historical cost for this line item.
" + }, + "savingsPlanArns":{ + "shape":"SavingsPlanArns", + "documentation":"The Amazon Resource Names (ARNs) of any Savings Plans applied to this line item.
" + } + }, + "documentation":"Provides a summary of a line item in a bill estimate.
" + }, + "BillEstimateName":{ + "type":"string", + "max":64, + "min":0, + "pattern":"[a-zA-Z0-9-]+" + }, + "BillEstimateStatus":{ + "type":"string", + "enum":[ + "IN_PROGRESS", + "COMPLETE", + "FAILED" + ] + }, + "BillEstimateSummaries":{ + "type":"list", + "member":{"shape":"BillEstimateSummary"} + }, + "BillEstimateSummary":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The name of the bill estimate.
" + }, + "status":{ + "shape":"BillEstimateStatus", + "documentation":"The current status of the bill estimate.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the bill estimate.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill estimate was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill estimate will expire.
" + } + }, + "documentation":"Provides a summary of a bill estimate.
" + }, + "BillInterval":{ + "type":"structure", + "members":{ + "start":{ + "shape":"Timestamp", + "documentation":"The start date and time of the interval.
" + }, + "end":{ + "shape":"Timestamp", + "documentation":"The end date and time of the interval.
" + } + }, + "documentation":"Represents a time interval for a bill or estimate.
" + }, + "BillScenarioCommitmentModificationAction":{ + "type":"structure", + "members":{ + "addReservedInstanceAction":{ + "shape":"AddReservedInstanceAction", + "documentation":"Action to add a Reserved Instance to the scenario.
" + }, + "addSavingsPlanAction":{ + "shape":"AddSavingsPlanAction", + "documentation":"Action to add a Savings Plan to the scenario.
" + }, + "negateReservedInstanceAction":{ + "shape":"NegateReservedInstanceAction", + "documentation":"Action to remove a Reserved Instance from the scenario.
" + }, + "negateSavingsPlanAction":{ + "shape":"NegateSavingsPlanAction", + "documentation":"Action to remove a Savings Plan from the scenario.
" + } + }, + "documentation":"Represents an action to modify commitments in a bill scenario.
", + "union":true + }, + "BillScenarioCommitmentModificationItem":{ + "type":"structure", + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the commitment modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this commitment modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the commitment modification.
" + }, + "commitmentAction":{ + "shape":"BillScenarioCommitmentModificationAction", + "documentation":"The specific commitment action taken in this modification.
" + } + }, + "documentation":"Represents a commitment modification item in a bill scenario.
" + }, + "BillScenarioCommitmentModificationItems":{ + "type":"list", + "member":{"shape":"BillScenarioCommitmentModificationItem"} + }, + "BillScenarioName":{ + "type":"string", + "max":64, + "min":0, + "pattern":"[a-zA-Z0-9-]+" + }, + "BillScenarioStatus":{ + "type":"string", + "enum":[ + "READY", + "LOCKED", + "FAILED" + ] + }, + "BillScenarioSummaries":{ + "type":"list", + "member":{"shape":"BillScenarioSummary"} + }, + "BillScenarioSummary":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario.
" + }, + "name":{ + "shape":"BillScenarioName", + "documentation":"The name of the bill scenario.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the bill scenario.
" + }, + "status":{ + "shape":"BillScenarioStatus", + "documentation":"The current status of the bill scenario.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario will expire.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill scenario creation or processing failed.
" + } + }, + "documentation":"Provides a summary of a bill scenario.
" + }, + "BillScenarioUsageModificationItem":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code for this usage modification.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage being modified.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage modification.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this usage modification.
" + }, + "availabilityZone":{ + "shape":"AvailabilityZone", + "documentation":"The availability zone associated with this usage modification, if applicable.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the usage modification.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for the usage modification.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this usage modification.
" + }, + "quantities":{ + "shape":"UsageQuantities", + "documentation":"The modified usage quantities.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this modification, if available.
" + } + }, + "documentation":"Represents a usage modification item in a bill scenario.
" + }, + "BillScenarioUsageModificationItems":{ + "type":"list", + "member":{"shape":"BillScenarioUsageModificationItem"} + }, + "ClientToken":{ + "type":"string", + "max":64, + "min":1, + "pattern":"[\\u0021-\\u007E]+" + }, + "ConflictException":{ + "type":"structure", + "required":[ + "message", + "resourceId", + "resourceType" + ], + "members":{ + "message":{"shape":"String"}, + "resourceId":{ + "shape":"String", + "documentation":"The identifier of the resource that was not found.
" + }, + "resourceType":{ + "shape":"String", + "documentation":"The type of the resource that was not found.
" + } + }, + "documentation":"The request could not be processed because of conflict in the current state of the resource.
", + "exception":true + }, + "CostAmount":{ + "type":"structure", + "members":{ + "amount":{ + "shape":"Double", + "documentation":"The numeric value of the cost.
" + }, + "currency":{ + "shape":"CurrencyCode", + "documentation":"The currency code for the cost amount.
" + } + }, + "documentation":"Represents a monetary amount with associated currency.
" + }, + "CostDifference":{ + "type":"structure", + "members":{ + "historicalCost":{ + "shape":"CostAmount", + "documentation":"The historical cost amount.
" + }, + "estimatedCost":{ + "shape":"CostAmount", + "documentation":"The estimated cost amount.
" + } + }, + "documentation":"Represents the difference between historical and estimated costs.
" + }, + "CreateBillEstimateRequest":{ + "type":"structure", + "required":[ + "billScenarioId", + "name" + ], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The ID of the Bill Scenario for which you want to create a Bill estimate.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The name of the Bill estimate that will be created. Names must be unique for an account.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", + "idempotencyToken":true + }, + "tags":{ + "shape":"Tags", + "documentation":"An optional list of tags to associate with the specified BillEstimate. You can use resource tags to control access to your BillEstimate using IAM policies. Each tag consists of a key and a value, and each key must be unique for the resource. The following restrictions apply to resource tags:
Although the maximum number of array members is 200, you can assign a maximum of 50 user-tags to one resource. The remaining are reserved for Amazon Web Services.
The maximum length of a key is 128 characters.
The maximum length of a value is 256 characters.
Keys and values can only contain alphanumeric characters, spaces, and any of the following: _.:/=+@-.
Keys and values are case sensitive.
Keys and values are trimmed for any leading or trailing whitespaces.
Don't use aws: as a prefix for your keys. This prefix is reserved for Amazon Web Services.
The unique identifier of your newly created Bill estimate.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The name of your newly created Bill estimate.
" + }, + "status":{ + "shape":"BillEstimateStatus", + "documentation":"The status of your newly created Bill estimate. Bill estimate creation can take anywhere between 8 to 12 hours. The status will allow you to identify when the Bill estimate is complete or has failed.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"This attribute provides the reason if a Bill estimate result generation fails.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The bill month start and end timestamp that was used to create the Bill estimate. This is set to the last complete anniversary bill month start and end timestamp.
" + }, + "costSummary":{ + "shape":"BillEstimateCostSummary", + "documentation":"Returns summary-level cost information once a Bill estimate is successfully generated. This summary includes: 1) the total cost difference, showing the pre-tax cost change for the consolidated billing family between the completed anniversary bill and the estimated bill, and 2) total cost differences per service, detailing the pre-tax cost of each service, comparing the completed anniversary bill to the estimated bill on a per-service basis.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp of when the Bill estimate create process was started (not when it successfully completed or failed).
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp of when the Bill estimate will expire. A Bill estimate becomes inaccessible after expiration.
" + } + } + }, + "CreateBillScenarioRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{ + "shape":"BillScenarioName", + "documentation":"A descriptive name for the bill scenario.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier to ensure idempotency of the request.
", + "idempotencyToken":true + }, + "tags":{ + "shape":"Tags", + "documentation":"The tags to apply to the bill scenario.
" + } + } + }, + "CreateBillScenarioResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier for the created bill scenario.
" + }, + "name":{ + "shape":"BillScenarioName", + "documentation":"The name of the created bill scenario.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the bill scenario.
" + }, + "status":{ + "shape":"BillScenarioStatus", + "documentation":"The current status of the bill scenario.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario will expire.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill scenario creation failed.
" + } + } + }, + "CreateWorkloadEstimateRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"A descriptive name for the workload estimate.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier to ensure idempotency of the request.
", + "idempotencyToken":true + }, + "rateType":{ + "shape":"WorkloadEstimateRateType", + "documentation":"The type of pricing rates to use for the estimate.
" + }, + "tags":{ + "shape":"Tags", + "documentation":"The tags to apply to the workload estimate.
" + } + } + }, + "CreateWorkloadEstimateResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier for the created workload estimate.
" + }, + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"The name of the created workload estimate.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate will expire.
" + }, + "rateType":{ + "shape":"WorkloadEstimateRateType", + "documentation":"The type of pricing rates used for the estimate.
" + }, + "rateTimestamp":{ + "shape":"Timestamp", + "documentation":"The timestamp of the pricing rates used for the estimate.
" + }, + "status":{ + "shape":"WorkloadEstimateStatus", + "documentation":"The current status of the workload estimate.
" + }, + "totalCost":{ + "shape":"Double", + "documentation":"The total estimated cost for the workload.
" + }, + "costCurrency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the estimated cost.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the workload estimate creation failed.
" + } + }, + "documentation":"Mixin for common fields returned by CRUD APIs
" + }, + "CurrencyCode":{ + "type":"string", + "enum":["USD"] + }, + "DataUnavailableException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"} + }, + "documentation":"The requested data is currently unavailable.
", + "exception":true + }, + "DeleteBillEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to delete.
" + } + } + }, + "DeleteBillEstimateResponse":{ + "type":"structure", + "members":{ + } + }, + "DeleteBillScenarioRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario to delete.
" + } + } + }, + "DeleteBillScenarioResponse":{ + "type":"structure", + "members":{ + } + }, + "DeleteWorkloadEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the workload estimate to delete.
" + } + } + }, + "DeleteWorkloadEstimateResponse":{ + "type":"structure", + "members":{ + } + }, + "Double":{ + "type":"double", + "box":true + }, + "Expression":{ + "type":"structure", + "members":{ + "and":{ + "shape":"ExpressionList", + "documentation":"A list of expressions to be combined with AND logic.
" + }, + "or":{ + "shape":"ExpressionList", + "documentation":"A list of expressions to be combined with OR logic.
" + }, + "not":{ + "shape":"Expression", + "documentation":"An expression to be negated.
" + }, + "costCategories":{ + "shape":"ExpressionFilter", + "documentation":"Filters based on cost categories.
" + }, + "dimensions":{ + "shape":"ExpressionFilter", + "documentation":"Filters based on dimensions (e.g., service, operation).
" + }, + "tags":{ + "shape":"ExpressionFilter", + "documentation":"Filters based on resource tags.
" + } + }, + "documentation":"Represents a complex filtering expression for cost and usage data.
" + }, + "ExpressionFilter":{ + "type":"structure", + "members":{ + "key":{ + "shape":"String", + "documentation":"The key or attribute to filter on.
" + }, + "matchOptions":{ + "shape":"StringList", + "documentation":"The match options for the filter (e.g., equals, contains).
" + }, + "values":{ + "shape":"StringList", + "documentation":"The values to match against.
" + } + }, + "documentation":"Represents a filter used within an expression.
" + }, + "ExpressionList":{ + "type":"list", + "member":{"shape":"Expression"} + }, + "FilterTimestamp":{ + "type":"structure", + "members":{ + "afterTimestamp":{ + "shape":"Timestamp", + "documentation":"Include results after this timestamp.
" + }, + "beforeTimestamp":{ + "shape":"Timestamp", + "documentation":"Include results before this timestamp.
" + } + }, + "documentation":"Represents a time-based filter.
" + }, + "GetBillEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to retrieve.
" + } + } + }, + "GetBillEstimateResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the retrieved bill estimate.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The name of the retrieved bill estimate.
" + }, + "status":{ + "shape":"BillEstimateStatus", + "documentation":"The current status of the bill estimate.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill estimate retrieval failed.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the bill estimate.
" + }, + "costSummary":{ + "shape":"BillEstimateCostSummary", + "documentation":"A summary of the estimated costs.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill estimate was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill estimate will expire.
" + } + } + }, + "GetBillScenarioRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario to retrieve.
" + } + } + }, + "GetBillScenarioResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the retrieved bill scenario.
" + }, + "name":{ + "shape":"BillScenarioName", + "documentation":"The name of the retrieved bill scenario.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the bill scenario.
" + }, + "status":{ + "shape":"BillScenarioStatus", + "documentation":"The current status of the bill scenario.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario will expire.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill scenario retrieval failed.
" + } + } + }, + "GetPreferencesRequest":{ + "type":"structure", + "members":{ + } + }, + "GetPreferencesResponse":{ + "type":"structure", + "members":{ + "managementAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The preferred rate types for the management account.
" + }, + "memberAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The preferred rate types for member accounts.
" + } + } + }, + "GetWorkloadEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the workload estimate to retrieve.
" + } + } + }, + "GetWorkloadEstimateResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the retrieved workload estimate.
" + }, + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"The name of the retrieved workload estimate.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate will expire.
" + }, + "rateType":{ + "shape":"WorkloadEstimateRateType", + "documentation":"The type of pricing rates used for the estimate.
" + }, + "rateTimestamp":{ + "shape":"Timestamp", + "documentation":"The timestamp of the pricing rates used for the estimate.
" + }, + "status":{ + "shape":"WorkloadEstimateStatus", + "documentation":"The current status of the workload estimate.
" + }, + "totalCost":{ + "shape":"Double", + "documentation":"The total estimated cost for the workload.
" + }, + "costCurrency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the estimated cost.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the workload estimate retrieval failed.
" + } + }, + "documentation":"Mixin for common fields returned by CRUD APIs
" + }, + "HistoricalUsageEntity":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation", + "usageAccountId", + "billInterval", + "filterExpression" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code associated with the usage.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with the usage.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with the usage.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with the usage.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time interval for the historical usage data.
" + }, + "filterExpression":{ + "shape":"Expression", + "documentation":"An optional filter expression to apply to the historical usage data.
" + } + }, + "documentation":"Represents historical usage data for a specific entity.
" + }, + "Integer":{ + "type":"integer", + "box":true + }, + "InternalServerException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"}, + "retryAfterSeconds":{ + "shape":"Integer", + "documentation":"An internal error has occurred. Retry your request, but if the problem persists, contact Amazon Web Services support.
" + } + }, + "documentation":"An internal error has occurred. Retry your request, but if the problem persists, contact Amazon Web Services support.
", + "exception":true, + "fault":true + }, + "Key":{ + "type":"string", + "max":10, + "min":0, + "pattern":"[a-zA-Z0-9]*" + }, + "ListBillEstimateCommitmentsRequest":{ + "type":"structure", + "required":["billEstimateId"], + "members":{ + "billEstimateId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to list commitments for.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillEstimateCommitmentsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillEstimateCommitmentSummaries", + "documentation":"The list of commitments associated with the bill estimate.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillEstimateInputCommitmentModificationsRequest":{ + "type":"structure", + "required":["billEstimateId"], + "members":{ + "billEstimateId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to list input commitment modifications for.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillEstimateInputCommitmentModificationsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillEstimateInputCommitmentModificationSummaries", + "documentation":"The list of input commitment modifications associated with the bill estimate.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillEstimateInputUsageModificationsRequest":{ + "type":"structure", + "required":["billEstimateId"], + "members":{ + "billEstimateId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to list input usage modifications for.
" + }, + "filters":{ + "shape":"ListUsageFilters", + "documentation":"Filters to apply to the list of input usage modifications.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillEstimateInputUsageModificationsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillEstimateInputUsageModificationSummaries", + "documentation":"The list of input usage modifications associated with the bill estimate.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillEstimateLineItemsFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{ + "shape":"ListBillEstimateLineItemsFilterName", + "documentation":"The name of the filter attribute.
" + }, + "values":{ + "shape":"ListBillEstimateLineItemsFilterValues", + "documentation":"The values to filter by.
" + }, + "matchOption":{ + "shape":"MatchOption", + "documentation":"The match option for the filter (e.g., equals, contains).
" + } + }, + "documentation":"Represents a filter for listing bill estimate line items.
" + }, + "ListBillEstimateLineItemsFilterName":{ + "type":"string", + "enum":[ + "USAGE_ACCOUNT_ID", + "SERVICE_CODE", + "USAGE_TYPE", + "OPERATION", + "LOCATION", + "LINE_ITEM_TYPE" + ] + }, + "ListBillEstimateLineItemsFilterValues":{ + "type":"list", + "member":{"shape":"String"} + }, + "ListBillEstimateLineItemsFilters":{ + "type":"list", + "member":{"shape":"ListBillEstimateLineItemsFilter"} + }, + "ListBillEstimateLineItemsRequest":{ + "type":"structure", + "required":["billEstimateId"], + "members":{ + "billEstimateId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to list line items for.
" + }, + "filters":{ + "shape":"ListBillEstimateLineItemsFilters", + "documentation":"Filters to apply to the list of line items.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillEstimateLineItemsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillEstimateLineItemSummaries", + "documentation":"The list of line items associated with the bill estimate.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillEstimatesFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{ + "shape":"ListBillEstimatesFilterName", + "documentation":"The name of the filter attribute.
" + }, + "values":{ + "shape":"ListBillEstimatesFilterValues", + "documentation":"The values to filter by.
" + }, + "matchOption":{ + "shape":"MatchOption", + "documentation":"The match option for the filter (e.g., equals, contains).
" + } + }, + "documentation":"Represents a filter for listing bill estimates.
" + }, + "ListBillEstimatesFilterName":{ + "type":"string", + "enum":[ + "STATUS", + "NAME" + ] + }, + "ListBillEstimatesFilterValues":{ + "type":"list", + "member":{"shape":"String"} + }, + "ListBillEstimatesFilters":{ + "type":"list", + "member":{"shape":"ListBillEstimatesFilter"} + }, + "ListBillEstimatesRequest":{ + "type":"structure", + "members":{ + "filters":{ + "shape":"ListBillEstimatesFilters", + "documentation":"Filters to apply to the list of bill estimates.
" + }, + "createdAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter bill estimates based on their creation date.
" + }, + "expiresAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter bill estimates based on their expiration date.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillEstimatesResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillEstimateSummaries", + "documentation":"The list of bill estimates for the account.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillScenarioCommitmentModificationsRequest":{ + "type":"structure", + "required":["billScenarioId"], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario to list commitment modifications for.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillScenarioCommitmentModificationsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillScenarioCommitmentModificationItems", + "documentation":"The list of commitment modifications associated with the bill scenario.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillScenarioUsageModificationsRequest":{ + "type":"structure", + "required":["billScenarioId"], + "members":{ + "billScenarioId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario to list usage modifications for.
" + }, + "filters":{ + "shape":"ListUsageFilters", + "documentation":"Filters to apply to the list of usage modifications.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillScenarioUsageModificationsResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillScenarioUsageModificationItems", + "documentation":"The list of usage modifications associated with the bill scenario.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListBillScenariosFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{ + "shape":"ListBillScenariosFilterName", + "documentation":"The name of the filter attribute.
" + }, + "values":{ + "shape":"ListBillScenariosFilterValues", + "documentation":"The values to filter by.
" + }, + "matchOption":{ + "shape":"MatchOption", + "documentation":"The match option for the filter (e.g., equals, contains).
" + } + }, + "documentation":"Represents a filter for listing bill scenarios.
" + }, + "ListBillScenariosFilterName":{ + "type":"string", + "enum":[ + "STATUS", + "NAME" + ] + }, + "ListBillScenariosFilterValues":{ + "type":"list", + "member":{"shape":"String"} + }, + "ListBillScenariosFilters":{ + "type":"list", + "member":{"shape":"ListBillScenariosFilter"} + }, + "ListBillScenariosRequest":{ + "type":"structure", + "members":{ + "filters":{ + "shape":"ListBillScenariosFilters", + "documentation":"Filters to apply to the list of bill scenarios.
" + }, + "createdAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter bill scenarios based on their creation date.
" + }, + "expiresAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter bill scenarios based on their expiration date.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListBillScenariosResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"BillScenarioSummaries", + "documentation":"The list of bill scenarios for the account.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListTagsForResourceRequest":{ + "type":"structure", + "required":["arn"], + "members":{ + "arn":{ + "shape":"Arn", + "documentation":"The Amazon Resource Name (ARN) of the resource to list tags for.
" + } + } + }, + "ListTagsForResourceResponse":{ + "type":"structure", + "members":{ + "tags":{ + "shape":"Tags", + "documentation":"The list of tags associated with the specified resource.
" + } + } + }, + "ListUsageFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{ + "shape":"ListUsageFilterName", + "documentation":"The name of the filter attribute.
" + }, + "values":{ + "shape":"ListUsageFilterValues", + "documentation":"The values to filter by.
" + }, + "matchOption":{ + "shape":"MatchOption", + "documentation":"The match option for the filter (e.g., equals, contains).
" + } + }, + "documentation":"Represents a filter for listing usage data.
" + }, + "ListUsageFilterName":{ + "type":"string", + "enum":[ + "USAGE_ACCOUNT_ID", + "SERVICE_CODE", + "USAGE_TYPE", + "OPERATION", + "LOCATION", + "USAGE_GROUP", + "HISTORICAL_USAGE_ACCOUNT_ID", + "HISTORICAL_SERVICE_CODE", + "HISTORICAL_USAGE_TYPE", + "HISTORICAL_OPERATION", + "HISTORICAL_LOCATION" + ] + }, + "ListUsageFilterValues":{ + "type":"list", + "member":{"shape":"String"} + }, + "ListUsageFilters":{ + "type":"list", + "member":{"shape":"ListUsageFilter"} + }, + "ListWorkloadEstimateUsageRequest":{ + "type":"structure", + "required":["workloadEstimateId"], + "members":{ + "workloadEstimateId":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the workload estimate to list usage for.
" + }, + "filters":{ + "shape":"ListUsageFilters", + "documentation":"Filters to apply to the list of usage items.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListWorkloadEstimateUsageResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"WorkloadEstimateUsageItems", + "documentation":"The list of usage items associated with the workload estimate.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "ListWorkloadEstimatesFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{ + "shape":"ListWorkloadEstimatesFilterName", + "documentation":"The name of the filter attribute.
" + }, + "values":{ + "shape":"ListWorkloadEstimatesFilterValues", + "documentation":"The values to filter by.
" + }, + "matchOption":{ + "shape":"MatchOption", + "documentation":"The match option for the filter (e.g., equals, contains).
" + } + }, + "documentation":"Represents a filter for listing workload estimates.
" + }, + "ListWorkloadEstimatesFilterName":{ + "type":"string", + "enum":[ + "STATUS", + "NAME" + ] + }, + "ListWorkloadEstimatesFilterValues":{ + "type":"list", + "member":{"shape":"String"} + }, + "ListWorkloadEstimatesFilters":{ + "type":"list", + "member":{"shape":"ListWorkloadEstimatesFilter"} + }, + "ListWorkloadEstimatesRequest":{ + "type":"structure", + "members":{ + "createdAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter workload estimates based on their creation date.
" + }, + "expiresAtFilter":{ + "shape":"FilterTimestamp", + "documentation":"Filter workload estimates based on their expiration date.
" + }, + "filters":{ + "shape":"ListWorkloadEstimatesFilters", + "documentation":"Filters to apply to the list of workload estimates.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results.
" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to return per page.
" + } + } + }, + "ListWorkloadEstimatesResponse":{ + "type":"structure", + "members":{ + "items":{ + "shape":"WorkloadEstimateSummaries", + "documentation":"The list of workload estimates for the account.
" + }, + "nextToken":{ + "shape":"NextPageToken", + "documentation":"A token to retrieve the next page of results, if any.
" + } + } + }, + "MatchOption":{ + "type":"string", + "enum":[ + "EQUALS", + "STARTS_WITH", + "CONTAINS" + ] + }, + "MaxResults":{ + "type":"integer", + "box":true, + "max":25 + }, + "NegateReservedInstanceAction":{ + "type":"structure", + "members":{ + "reservedInstancesId":{ + "shape":"Uuid", + "documentation":"The ID of the Reserved Instance to remove.
" + } + }, + "documentation":"Represents an action to remove a Reserved Instance from a bill scenario.
This is the ID of an existing Reserved Instance in your account.
" + }, + "NegateSavingsPlanAction":{ + "type":"structure", + "members":{ + "savingsPlanId":{ + "shape":"Uuid", + "documentation":"The ID of the Savings Plan to remove.
" + } + }, + "documentation":"Represents an action to remove a Savings Plan from a bill scenario.
This is the ID of an existing Savings Plan in your account.
" + }, + "NextPageToken":{ + "type":"string", + "max":2048, + "min":0, + "pattern":"[\\S\\s]*" + }, + "Operation":{ + "type":"string", + "max":32, + "min":0, + "pattern":"[-a-zA-Z0-9\\.\\-_:,]*" + }, + "PurchaseAgreementType":{ + "type":"string", + "enum":[ + "SAVINGS_PLANS", + "RESERVED_INSTANCE" + ] + }, + "RateType":{ + "type":"string", + "enum":[ + "BEFORE_DISCOUNTS", + "AFTER_DISCOUNTS" + ] + }, + "RateTypes":{ + "type":"list", + "member":{"shape":"RateType"}, + "max":2, + "min":1 + }, + "ReservedInstanceInstanceCount":{ + "type":"integer", + "box":true, + "min":1 + }, + "ResourceId":{ + "type":"string", + "max":36, + "min":36, + "pattern":"[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}" + }, + "ResourceNotFoundException":{ + "type":"structure", + "required":[ + "message", + "resourceId", + "resourceType" + ], + "members":{ + "message":{"shape":"String"}, + "resourceId":{ + "shape":"String", + "documentation":"The identifier of the resource that was not found.
" + }, + "resourceType":{ + "shape":"String", + "documentation":"The type of the resource that was not found.
" + } + }, + "documentation":"The specified resource was not found.
", + "exception":true + }, + "ResourceTagKey":{ + "type":"string", + "max":128, + "min":1, + "pattern":"[\\w\\s:+=@/-]+" + }, + "ResourceTagKeys":{ + "type":"list", + "member":{"shape":"ResourceTagKey"}, + "max":200, + "min":0 + }, + "ResourceTagValue":{ + "type":"string", + "max":256, + "min":0, + "pattern":"[\\w\\s:+=@/-]*" + }, + "SavingsPlanArns":{ + "type":"list", + "member":{"shape":"String"} + }, + "SavingsPlanCommitment":{ + "type":"double", + "box":true, + "max":1000000, + "min":0.001 + }, + "ServiceCode":{ + "type":"string", + "max":32, + "min":0, + "pattern":"[-a-zA-Z0-9\\.\\-_:, \\/()]*" + }, + "ServiceCostDifferenceMap":{ + "type":"map", + "key":{"shape":"String"}, + "value":{"shape":"CostDifference"} + }, + "ServiceQuotaExceededException":{ + "type":"structure", + "required":[ + "message", + "resourceId", + "resourceType" + ], + "members":{ + "message":{"shape":"String"}, + "resourceId":{ + "shape":"String", + "documentation":"The identifier of the resource that exceeded quota.
" + }, + "resourceType":{ + "shape":"String", + "documentation":"The type of the resource that exceeded quota.
" + }, + "serviceCode":{ + "shape":"String", + "documentation":"The service code that exceeded quota.
" + }, + "quotaCode":{ + "shape":"String", + "documentation":"The quota code that was exceeded.
" + } + }, + "documentation":"The request would cause you to exceed your service quota.
", + "exception":true + }, + "String":{"type":"string"}, + "StringList":{ + "type":"list", + "member":{"shape":"String"} + }, + "TagResourceRequest":{ + "type":"structure", + "required":[ + "arn", + "tags" + ], + "members":{ + "arn":{ + "shape":"Arn", + "documentation":"The Amazon Resource Name (ARN) of the resource to add tags to.
" + }, + "tags":{ + "shape":"Tags", + "documentation":"The tags to add to the resource.
" + } + } + }, + "TagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "Tags":{ + "type":"map", + "key":{"shape":"ResourceTagKey"}, + "value":{"shape":"ResourceTagValue"}, + "max":200, + "min":0 + }, + "ThrottlingException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"}, + "serviceCode":{ + "shape":"String", + "documentation":"The service code that exceeded the throttling limit.
" + }, + "quotaCode":{ + "shape":"String", + "documentation":"The quota code that exceeded the throttling limit.
" + }, + "retryAfterSeconds":{ + "shape":"Integer", + "documentation":"The service code that exceeded the throttling limit. Retry your request, but if the problem persists, contact Amazon Web Services support.
" + } + }, + "documentation":"The request was denied due to request throttling.
", + "exception":true + }, + "Timestamp":{"type":"timestamp"}, + "UntagResourceRequest":{ + "type":"structure", + "required":[ + "arn", + "tagKeys" + ], + "members":{ + "arn":{ + "shape":"Arn", + "documentation":"The Amazon Resource Name (ARN) of the resource to remove tags from.
" + }, + "tagKeys":{ + "shape":"ResourceTagKeys", + "documentation":"The keys of the tags to remove from the resource.
" + } + } + }, + "UntagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "UpdateBillEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill estimate to update.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The new name for the bill estimate.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The new expiration date for the bill estimate.
" + } + } + }, + "UpdateBillEstimateResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the updated bill estimate.
" + }, + "name":{ + "shape":"BillEstimateName", + "documentation":"The updated name of the bill estimate.
" + }, + "status":{ + "shape":"BillEstimateStatus", + "documentation":"The current status of the updated bill estimate.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill estimate update failed.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the updated bill estimate.
" + }, + "costSummary":{ + "shape":"BillEstimateCostSummary", + "documentation":"A summary of the updated estimated costs.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill estimate was originally created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The updated expiration timestamp for the bill estimate.
" + } + } + }, + "UpdateBillScenarioRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the bill scenario to update.
" + }, + "name":{ + "shape":"BillScenarioName", + "documentation":"The new name for the bill scenario.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The new expiration date for the bill scenario.
" + } + } + }, + "UpdateBillScenarioResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the updated bill scenario.
" + }, + "name":{ + "shape":"BillScenarioName", + "documentation":"The updated name of the bill scenario.
" + }, + "billInterval":{ + "shape":"BillInterval", + "documentation":"The time period covered by the updated bill scenario.
" + }, + "status":{ + "shape":"BillScenarioStatus", + "documentation":"The current status of the updated bill scenario.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the bill scenario was originally created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The updated expiration timestamp for the bill scenario.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the bill scenario update failed.
" + } + } + }, + "UpdatePreferencesRequest":{ + "type":"structure", + "members":{ + "managementAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The updated preferred rate types for the management account.
" + }, + "memberAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The updated preferred rate types for member accounts.
" + } + } + }, + "UpdatePreferencesResponse":{ + "type":"structure", + "members":{ + "managementAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The updated preferred rate types for the management account.
" + }, + "memberAccountRateTypeSelections":{ + "shape":"RateTypes", + "documentation":"The updated preferred rate types for member accounts.
" + } + } + }, + "UpdateWorkloadEstimateRequest":{ + "type":"structure", + "required":["identifier"], + "members":{ + "identifier":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the workload estimate to update.
" + }, + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"The new name for the workload estimate.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The new expiration date for the workload estimate.
" + } + } + }, + "UpdateWorkloadEstimateResponse":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the updated workload estimate.
" + }, + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"The updated name of the workload estimate.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate was originally created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The updated expiration timestamp for the workload estimate.
" + }, + "rateType":{ + "shape":"WorkloadEstimateRateType", + "documentation":"The type of pricing rates used for the updated estimate.
" + }, + "rateTimestamp":{ + "shape":"Timestamp", + "documentation":"The timestamp of the pricing rates used for the updated estimate.
" + }, + "status":{ + "shape":"WorkloadEstimateStatus", + "documentation":"The current status of the updated workload estimate.
" + }, + "totalCost":{ + "shape":"Double", + "documentation":"The updated total estimated cost for the workload.
" + }, + "costCurrency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the updated estimated cost.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the workload estimate update failed.
" + } + }, + "documentation":"Mixin for common fields returned by CRUD APIs
" + }, + "UsageAmount":{ + "type":"structure", + "required":[ + "startHour", + "amount" + ], + "members":{ + "startHour":{ + "shape":"Timestamp", + "documentation":"The start hour of the usage period.
" + }, + "amount":{ + "shape":"Double", + "documentation":"The usage amount for the period.
" + } + }, + "documentation":"Represents a usage amount for a specific time period.
" + }, + "UsageAmounts":{ + "type":"list", + "member":{"shape":"UsageAmount"} + }, + "UsageGroup":{ + "type":"string", + "max":30, + "min":0, + "pattern":"[a-zA-Z0-9-]*" + }, + "UsageQuantities":{ + "type":"list", + "member":{"shape":"UsageQuantity"} + }, + "UsageQuantity":{ + "type":"structure", + "members":{ + "startHour":{ + "shape":"Timestamp", + "documentation":"The start hour of the usage period.
" + }, + "unit":{ + "shape":"String", + "documentation":"The unit of measurement for the usage quantity.
" + }, + "amount":{ + "shape":"Double", + "documentation":"The numeric value of the usage quantity.
" + } + }, + "documentation":"Represents a usage quantity with associated unit and time period.
" + }, + "UsageQuantityResult":{ + "type":"structure", + "members":{ + "amount":{ + "shape":"Double", + "documentation":"The numeric value of the usage quantity result.
" + }, + "unit":{ + "shape":"String", + "documentation":"The unit of measurement for the usage quantity result.
" + } + }, + "documentation":"Represents the result of a usage quantity calculation.
" + }, + "UsageType":{ + "type":"string", + "max":128, + "min":0, + "pattern":"[-a-zA-Z0-9\\.\\-_:,]*" + }, + "Uuid":{ + "type":"string", + "max":36, + "min":36, + "pattern":"[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}" + }, + "ValidationException":{ + "type":"structure", + "required":["message"], + "members":{ + "message":{"shape":"String"}, + "reason":{ + "shape":"ValidationExceptionReason", + "documentation":"The reason for the validation exception.
" + }, + "fieldList":{ + "shape":"ValidationExceptionFieldList", + "documentation":"The list of fields that are invalid.
" + } + }, + "documentation":"The input provided fails to satisfy the constraints specified by an Amazon Web Services service.
", + "exception":true + }, + "ValidationExceptionField":{ + "type":"structure", + "required":[ + "name", + "message" + ], + "members":{ + "name":{ + "shape":"String", + "documentation":"The name of the field that failed validation.
" + }, + "message":{ + "shape":"String", + "documentation":"The error message describing why the field failed validation.
" + } + }, + "documentation":"Represents a field that failed validation in a request.
" + }, + "ValidationExceptionFieldList":{ + "type":"list", + "member":{"shape":"ValidationExceptionField"} + }, + "ValidationExceptionReason":{ + "type":"string", + "enum":[ + "unknownOperation", + "cannotParse", + "fieldValidationFailed", + "invalidRequestFromMember", + "disallowedRate", + "other" + ] + }, + "WorkloadEstimateCostStatus":{ + "type":"string", + "enum":[ + "VALID", + "INVALID", + "STALE" + ] + }, + "WorkloadEstimateName":{ + "type":"string", + "max":64, + "min":0, + "pattern":"[a-zA-Z0-9-]+" + }, + "WorkloadEstimateRateType":{ + "type":"string", + "enum":[ + "BEFORE_DISCOUNTS", + "AFTER_DISCOUNTS" + ] + }, + "WorkloadEstimateStatus":{ + "type":"string", + "enum":[ + "UPDATING", + "VALID", + "INVALID", + "ACTION_NEEDED" + ] + }, + "WorkloadEstimateSummaries":{ + "type":"list", + "member":{"shape":"WorkloadEstimateSummary"} + }, + "WorkloadEstimateSummary":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of the workload estimate.
" + }, + "name":{ + "shape":"WorkloadEstimateName", + "documentation":"The name of the workload estimate.
" + }, + "createdAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate was created.
" + }, + "expiresAt":{ + "shape":"Timestamp", + "documentation":"The timestamp when the workload estimate will expire.
" + }, + "rateType":{ + "shape":"WorkloadEstimateRateType", + "documentation":"The type of pricing rates used for the estimate.
" + }, + "rateTimestamp":{ + "shape":"Timestamp", + "documentation":"The timestamp of the pricing rates used for the estimate.
" + }, + "status":{ + "shape":"WorkloadEstimateStatus", + "documentation":"The current status of the workload estimate.
" + }, + "totalCost":{ + "shape":"Double", + "documentation":"The total estimated cost for the workload.
" + }, + "costCurrency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the estimated cost.
" + }, + "failureMessage":{ + "shape":"String", + "documentation":"An error message if the workload estimate creation or processing failed.
" + } + }, + "documentation":"Provides a summary of a workload estimate.
" + }, + "WorkloadEstimateUpdateUsageErrorCode":{ + "type":"string", + "enum":[ + "BAD_REQUEST", + "NOT_FOUND", + "CONFLICT", + "INTERNAL_SERVER_ERROR" + ] + }, + "WorkloadEstimateUsageItem":{ + "type":"structure", + "required":[ + "serviceCode", + "usageType", + "operation" + ], + "members":{ + "serviceCode":{ + "shape":"ServiceCode", + "documentation":"The Amazon Web Services service code associated with this usage item.
" + }, + "usageType":{ + "shape":"UsageType", + "documentation":"The type of usage for this item.
" + }, + "operation":{ + "shape":"Operation", + "documentation":"The specific operation associated with this usage item.
" + }, + "location":{ + "shape":"String", + "documentation":"The location associated with this usage item.
" + }, + "id":{ + "shape":"ResourceId", + "documentation":"The unique identifier of this usage item.
" + }, + "usageAccountId":{ + "shape":"AccountId", + "documentation":"The Amazon Web Services account ID associated with this usage item.
" + }, + "group":{ + "shape":"UsageGroup", + "documentation":"The group identifier for this usage item.
" + }, + "quantity":{ + "shape":"WorkloadEstimateUsageQuantity", + "documentation":"The estimated usage quantity for this item.
" + }, + "cost":{ + "shape":"Double", + "documentation":"The estimated cost for this usage item.
" + }, + "currency":{ + "shape":"CurrencyCode", + "documentation":"The currency of the estimated cost.
" + }, + "status":{ + "shape":"WorkloadEstimateCostStatus", + "documentation":"The current status of this usage item.
" + }, + "historicalUsage":{ + "shape":"HistoricalUsageEntity", + "documentation":"Historical usage data associated with this item, if available.
" + } + }, + "documentation":"Represents a usage item in a workload estimate.
" + }, + "WorkloadEstimateUsageItems":{ + "type":"list", + "member":{"shape":"WorkloadEstimateUsageItem"} + }, + "WorkloadEstimateUsageQuantity":{ + "type":"structure", + "members":{ + "unit":{ + "shape":"String", + "documentation":"The unit of measurement for the usage quantity.
" + }, + "amount":{ + "shape":"Double", + "documentation":"The numeric value of the usage quantity.
" + } + }, + "documentation":"Represents a usage quantity for a workload estimate.
" + } + }, + "documentation":"You can use the Pricing Calculator API to programmatically create estimates for your planned cloud use. You can model usage and commitments such as Savings Plans and Reserved Instances, and generate estimated costs using your discounts and benefit sharing preferences.
The Pricing Calculator API provides the following endpoint:
https://bcm-pricing-calculator.us-east-1.api.aws
Invokes an alias of a flow to run the inputs that you specify and return the output of each node as a stream. If there's an error, the error is returned. For more information, see Test a flow in Amazon Bedrock in the Amazon Bedrock User Guide.
The CLI doesn't support streaming operations in Amazon Bedrock, including InvokeFlow.
Invokes an inline Amazon Bedrock agent using the configurations you provide with the request.
Specify the following fields for security purposes.
(Optional) customerEncryptionKeyArn – The Amazon Resource Name (ARN) of a KMS key to encrypt the creation of the agent.
(Optional) idleSessionTTLinSeconds – Specify the number of seconds for which the agent should maintain session information. After this time expires, the subsequent InvokeInlineAgent request begins a new session.
To override the default prompt behavior for agent orchestration and to use advanced prompts, include a promptOverrideConfiguration object. For more information, see Advanced prompts.
The agent instructions will not be honored if your agent has only one knowledge base, uses default prompts, has no action group, and user input is disabled.
The CLI doesn't support streaming operations in Amazon Bedrock, including InvokeInlineAgent.
The JSON or YAML-formatted payload defining the OpenAPI schema for the action group.
" + }, + "s3":{ + "shape":"S3Identifier", + "documentation":"Contains details about the S3 object containing the OpenAPI schema for the action group.
" + } + }, + "documentation":"Contains details about the OpenAPI schema for the action group. For more information, see Action group OpenAPI schemas. You can either include the schema directly in the payload field or you can upload it to an S3 bucket and specify the S3 bucket location in the s3 field.
", + "union":true + }, "AccessDeniedException":{ "type":"structure", "members":{ @@ -180,6 +217,21 @@ }, "exception":true }, + "ActionGroupExecutor":{ + "type":"structure", + "members":{ + "customControl":{ + "shape":"CustomControlMethod", + "documentation":" To return the action group invocation results directly in the InvokeInlineAgent response, specify RETURN_CONTROL.
The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.
" + } + }, + "documentation":"Contains details about the Lambda function containing the business logic that is carried out upon invoking the action or the custom control method for handling the information elicited from the user.
", + "union":true + }, "ActionGroupInvocationInput":{ "type":"structure", "members":{ @@ -236,6 +288,13 @@ "type":"string", "sensitive":true }, + "ActionGroupSignature":{ + "type":"string", + "enum":[ + "AMAZON.UserInput", + "AMAZON.CodeInterpreter" + ] + }, "ActionInvocationType":{ "type":"string", "enum":[ @@ -260,6 +319,41 @@ }, "document":true }, + "AgentActionGroup":{ + "type":"structure", + "required":["actionGroupName"], + "members":{ + "actionGroupExecutor":{ + "shape":"ActionGroupExecutor", + "documentation":"The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action or the custom control method for handling the information elicited from the user.
" + }, + "actionGroupName":{ + "shape":"ResourceName", + "documentation":"The name of the action group.
" + }, + "apiSchema":{ + "shape":"APISchema", + "documentation":"Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see Action group OpenAPI schemas.
" + }, + "description":{ + "shape":"ResourceDescription", + "documentation":"A description of the action group.
" + }, + "functionSchema":{ + "shape":"FunctionSchema", + "documentation":"Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.
" + }, + "parentActionGroupSignature":{ + "shape":"ActionGroupSignature", + "documentation":" To allow your agent to request the user for additional information when trying to complete a task, set this field to AMAZON.UserInput. You must leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.
To allow your agent to generate, run, and troubleshoot code when trying to complete a task, set this field to AMAZON.CodeInterpreter. You must leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.
During orchestration, if your agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an Observation reprompting the user for more information.
" + } + }, + "documentation":"Contains details of the inline agent's action group.
" + }, + "AgentActionGroups":{ + "type":"list", + "member":{"shape":"AgentActionGroup"} + }, "AgentAliasId":{ "type":"string", "max":10, @@ -421,6 +515,12 @@ "exception":true, "fault":true }, + "BasePromptTemplate":{ + "type":"string", + "max":100000, + "min":1, + "sensitive":true + }, "BedrockModelArn":{ "type":"string", "max":2048, @@ -577,6 +677,10 @@ "OVERRIDDEN" ] }, + "CustomControlMethod":{ + "type":"string", + "enum":["RETURN_CONTROL"] + }, "DateTimestamp":{ "type":"timestamp", "documentation":"Time Stamp.
", @@ -1199,6 +1303,34 @@ "type":"string", "sensitive":true }, + "FunctionDefinition":{ + "type":"structure", + "required":["name"], + "members":{ + "description":{ + "shape":"FunctionDescription", + "documentation":"A description of the function and its purpose.
" + }, + "name":{ + "shape":"ResourceName", + "documentation":"A name for the function.
" + }, + "parameters":{ + "shape":"ParameterMap", + "documentation":"The parameters that the agent elicits from the user to fulfill the function.
" + }, + "requireConfirmation":{ + "shape":"RequireConfirmation", + "documentation":"Contains information if user confirmation is required to invoke the function.
" + } + }, + "documentation":"Defines parameters that the agent needs to invoke from the user to complete the function. Corresponds to an action in an action group.
" + }, + "FunctionDescription":{ + "type":"string", + "max":1200, + "min":1 + }, "FunctionInvocationInput":{ "type":"structure", "required":["actionGroup"], @@ -1271,6 +1403,21 @@ }, "documentation":"Contains information about the function that was called from the action group and the response that was returned.
This data type is used in the following API operations:
In the returnControlInvocationResults of the InvokeAgent request
A list of functions that each define an action in the action group.
" + } + }, + "documentation":"Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema.
", + "union":true + }, + "Functions":{ + "type":"list", + "member":{"shape":"FunctionDefinition"} + }, "GeneratedResponsePart":{ "type":"structure", "members":{ @@ -1434,6 +1581,24 @@ "min":1, "pattern":"^(([1-9][0-9]{0,7})|(DRAFT))$" }, + "GuardrailConfigurationWithArn":{ + "type":"structure", + "required":[ + "guardrailIdentifier", + "guardrailVersion" + ], + "members":{ + "guardrailIdentifier":{ + "shape":"GuardrailIdentifierWithArn", + "documentation":"The unique identifier for the guardrail.
" + }, + "guardrailVersion":{ + "shape":"GuardrailVersion", + "documentation":"The version of the guardrail.
" + } + }, + "documentation":"The configuration details for the guardrail.
" + }, "GuardrailContentFilter":{ "type":"structure", "members":{ @@ -1513,6 +1678,12 @@ "member":{"shape":"GuardrailCustomWord"}, "sensitive":true }, + "GuardrailIdentifierWithArn":{ + "type":"string", + "max":2048, + "min":0, + "pattern":"^(([a-z0-9]+)|(arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}:[0-9]{12}:guardrail/[a-z0-9]+))$" + }, "GuardrailManagedWord":{ "type":"structure", "members":{ @@ -1717,6 +1888,12 @@ "documentation":"The trace details used in the Guardrail.
", "sensitive":true }, + "GuardrailVersion":{ + "type":"string", + "max":5, + "min":1, + "pattern":"^(([1-9][0-9]{0,7})|(DRAFT))$" + }, "GuardrailWordPolicyAction":{ "type":"string", "enum":["BLOCKED"] @@ -1778,6 +1955,150 @@ }, "documentation":"Specifications about the inference parameters that were provided alongside the prompt. These are specified in the PromptOverrideConfiguration object that was set when the agent was created or updated. For more information, see Inference parameters for foundation models.
" }, + "InlineAgentFilePart":{ + "type":"structure", + "members":{ + "files":{ + "shape":"OutputFiles", + "documentation":"Files containing intermediate response for the user.
" + } + }, + "documentation":"Contains intermediate response for code interpreter if any files have been generated.
", + "event":true + }, + "InlineAgentPayloadPart":{ + "type":"structure", + "members":{ + "attribution":{ + "shape":"Attribution", + "documentation":"Contains citations for a part of an agent response.
" + }, + "bytes":{ + "shape":"PartBody", + "documentation":"A part of the agent response in bytes.
" + } + }, + "documentation":"Contains a part of an agent response and citations for it.
", + "event":true, + "sensitive":true + }, + "InlineAgentResponseStream":{ + "type":"structure", + "members":{ + "accessDeniedException":{ + "shape":"AccessDeniedException", + "documentation":"The request is denied because of missing access permissions. Check your permissions and retry your request.
" + }, + "badGatewayException":{ + "shape":"BadGatewayException", + "documentation":"There was an issue with a dependency due to a server issue. Retry your request.
" + }, + "chunk":{ + "shape":"InlineAgentPayloadPart", + "documentation":"Contains a part of an agent response and citations for it.
" + }, + "conflictException":{ + "shape":"ConflictException", + "documentation":"There was a conflict performing an operation. Resolve the conflict and retry your request.
" + }, + "dependencyFailedException":{ + "shape":"DependencyFailedException", + "documentation":"There was an issue with a dependency. Check the resource configurations and retry the request.
" + }, + "files":{ + "shape":"InlineAgentFilePart", + "documentation":"Contains intermediate response for code interpreter if any files have been generated.
" + }, + "internalServerException":{ + "shape":"InternalServerException", + "documentation":"An internal server error occurred. Retry your request.
" + }, + "resourceNotFoundException":{ + "shape":"ResourceNotFoundException", + "documentation":"The specified resource Amazon Resource Name (ARN) was not found. Check the Amazon Resource Name (ARN) and try your request again.
" + }, + "returnControl":{ + "shape":"InlineAgentReturnControlPayload", + "documentation":"Contains the parameters and information that the agent elicited from the customer to carry out an action. This information is returned to the system and can be used in your own setup for fulfilling the action.
" + }, + "serviceQuotaExceededException":{ + "shape":"ServiceQuotaExceededException", + "documentation":"The number of requests exceeds the service quota. Resubmit your request later.
" + }, + "throttlingException":{ + "shape":"ThrottlingException", + "documentation":"The number of requests exceeds the limit. Resubmit your request later.
" + }, + "trace":{ + "shape":"InlineAgentTracePart", + "documentation":"Contains information about the agent and session, alongside the agent's reasoning process and results from calling actions and querying knowledge bases and metadata about the trace. You can use the trace to understand how the agent arrived at the response it provided the customer. For more information, see Trace events.
" + }, + "validationException":{ + "shape":"ValidationException", + "documentation":"Input validation failed. Check your request parameters and retry the request.
" + } + }, + "documentation":"The response from invoking the agent and associated citations and trace information.
", + "eventstream":true + }, + "InlineAgentReturnControlPayload":{ + "type":"structure", + "members":{ + "invocationId":{ + "shape":"String", + "documentation":"The identifier of the action group invocation.
" + }, + "invocationInputs":{ + "shape":"InvocationInputs", + "documentation":"A list of objects that contain information about the parameters and inputs that need to be sent into the API operation or function, based on what the agent determines from its session with the user.
" + } + }, + "documentation":"Contains information to return from the action group that the agent has predicted to invoke.
This data type is used in the InvokeAgent response API operation.
", + "event":true, + "sensitive":true + }, + "InlineAgentTracePart":{ + "type":"structure", + "members":{ + "sessionId":{ + "shape":"SessionId", + "documentation":"The unique identifier of the session with the agent.
" + }, + "trace":{ + "shape":"Trace", + "documentation":"Contains one part of the agent's reasoning process and results from calling API actions and querying knowledge bases. You can use the trace to understand how the agent arrived at the response it provided the customer. For more information, see Trace enablement.
" + } + }, + "documentation":"Contains information about the agent and session, alongside the agent's reasoning process and results from calling API actions and querying knowledge bases and metadata about the trace. You can use the trace to understand how the agent arrived at the response it provided the customer. For more information, see Trace enablement.
", + "event":true, + "sensitive":true + }, + "InlineSessionState":{ + "type":"structure", + "members":{ + "files":{ + "shape":"InputFiles", + "documentation":"Contains information about the files used by code interpreter.
" + }, + "invocationId":{ + "shape":"String", + "documentation":" The identifier of the invocation of an action. This value must match the invocationId returned in the InvokeInlineAgent response for the action whose results are provided in the returnControlInvocationResults field. For more information, see Return control to the agent developer.
Contains attributes that persist across a session and the values of those attributes.
" + }, + "returnControlInvocationResults":{ + "shape":"ReturnControlInvocationResults", + "documentation":"Contains information about the results from the action group invocation. For more information, see Return control to the agent developer.
If you include this field in the sessionState field, the inputText field will be ignored.
Contains attributes that persist across a session and the values of those attributes.
" + } + }, + "documentation":" Contains parameters that specify various attributes that persist across a session or prompt. You can define session state attributes as key-value pairs when writing a Lambda function for an action group or pass them when making an InvokeInlineAgent request. Use session state attributes to control and provide conversational context for your inline agent and to help customize your agent's behavior. For more information, see Control session context
A list of action groups with each action group defining the action the inline agent needs to carry out.
" + }, + "customerEncryptionKeyArn":{ + "shape":"KmsKeyArn", + "documentation":"The Amazon Resource Name (ARN) of the Amazon Web Services KMS key to use to encrypt your inline agent.
" + }, + "enableTrace":{ + "shape":"Boolean", + "documentation":"Specifies whether to turn on the trace or not to track the agent's reasoning process. For more information, see Using trace.
</p> Specifies whether to end the session with the inline agent or not.
" + }, + "foundationModel":{ + "shape":"ModelIdentifier", + "documentation":" The model identifier (ID) of the model to use for orchestration by the inline agent. For example, meta.llama3-1-70b-instruct-v1:0.
The guardrails to assign to the inline agent.
" + }, + "idleSessionTTLInSeconds":{ + "shape":"SessionTTL", + "documentation":" The number of seconds for which the inline agent should maintain session information. After this time expires, the subsequent InvokeInlineAgent request begins a new session.
A user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and the data provided before the timeout is deleted.
" + }, + "inlineSessionState":{ + "shape":"InlineSessionState", + "documentation":"Parameters that specify the various attributes of a sessions. You can include attributes for the session or prompt or, if you configured an action group to return control, results from invocation of the action group. For more information, see Control session context.
If you include returnControlInvocationResults in the sessionState field, the inputText field will be ignored.
The prompt text to send to the agent.
If you include returnControlInvocationResults in the sessionState field, the inputText field will be ignored.
The instructions that tell the inline agent what it should do and how it should interact with users.
" + }, + "knowledgeBases":{ + "shape":"KnowledgeBases", + "documentation":"Contains information of the knowledge bases to associate with.
" + }, + "promptOverrideConfiguration":{ + "shape":"PromptOverrideConfiguration", + "documentation":"Configurations for advanced prompts used to override the default prompts to enhance the accuracy of the inline agent.
" + }, + "sessionId":{ + "shape":"SessionId", + "documentation":"The unique identifier of the session. Use the same value across requests to continue the same conversation.
", + "location":"uri", + "locationName":"sessionId" + } + } + }, + "InvokeInlineAgentResponse":{ + "type":"structure", + "required":[ + "completion", + "contentType", + "sessionId" + ], + "members":{ + "completion":{ + "shape":"InlineAgentResponseStream", + "documentation":"
</p> The MIME type of the input data in the request. The default value is application/json.
", + "location":"header", + "locationName":"x-amzn-bedrock-agent-content-type" + }, + "sessionId":{ + "shape":"SessionId", + "documentation":"The unique identifier of the session with the agent.
", + "location":"header", + "locationName":"x-amz-bedrock-agent-session-id" + } + }, + "payload":"completion" + }, "KmsKeyArn":{ "type":"string", "max":2048, "min":1, "pattern":"^arn:aws(|-cn|-us-gov):kms:[a-zA-Z0-9-]*:[0-9]{12}:key/[a-zA-Z0-9-]{36}$" }, + "KnowledgeBase":{ + "type":"structure", + "required":[ + "description", + "knowledgeBaseId" + ], + "members":{ + "description":{ + "shape":"ResourceDescription", + "documentation":"The description of the knowledge base associated with the inline agent.
" + }, + "knowledgeBaseId":{ + "shape":"KnowledgeBaseId", + "documentation":"The unique identifier for a knowledge base associated with the inline agent.
" + }, + "retrievalConfiguration":{ + "shape":"KnowledgeBaseRetrievalConfiguration", + "documentation":"The configurations to apply to the knowledge base during query. For more information, see Query configurations.
" + } + }, + "documentation":"Details of the knowledge base associated withe inline agent.
" + }, "KnowledgeBaseConfiguration":{ "type":"structure", "required":[ @@ -2204,7 +2643,17 @@ "max":100, "min":1 }, + "KnowledgeBases":{ + "type":"list", + "member":{"shape":"KnowledgeBase"} + }, "LambdaArn":{"type":"string"}, + "LambdaResourceArn":{ + "type":"string", + "max":2048, + "min":0, + "pattern":"^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$" + }, "MaxResults":{ "type":"integer", "documentation":"Max Results.
", @@ -2287,6 +2736,12 @@ "sensitive":true }, "MimeType":{"type":"string"}, + "ModelIdentifier":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"(^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}:(([0-9]{12}:custom-model/[a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}(([:][a-z0-9-]{1,63}){0,2})?/[a-z0-9]{12})|(:foundation-model/([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2})))|(([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2}))|(([0-9a-zA-Z][_-]?)+))$|(^arn:aws(|-us-gov|-cn|-iso|-iso-b):bedrock:(|[0-9a-z-]{1,20}):(|[0-9]{12}):inference-profile/[a-zA-Z0-9-:.]+)$" + }, "ModelInvocationInput":{ "type":"structure", "members":{ @@ -2603,10 +3058,53 @@ }, "documentation":"A parameter for the API request or function.
" }, + "ParameterDescription":{ + "type":"string", + "max":500, + "min":1 + }, + "ParameterDetail":{ + "type":"structure", + "required":["type"], + "members":{ + "description":{ + "shape":"ParameterDescription", + "documentation":"A description of the parameter. Helps the foundation model determine how to elicit the parameters from the user.
" + }, + "required":{ + "shape":"Boolean", + "documentation":"Whether the parameter is required for the agent to complete the function for action group invocation.
" + }, + "type":{ + "shape":"ParameterType", + "documentation":"The data type of the parameter.
" + } + }, + "documentation":"Contains details about a parameter in a function for an action group.
" + }, "ParameterList":{ "type":"list", "member":{"shape":"Parameter"} }, + "ParameterMap":{ + "type":"map", + "key":{"shape":"ParameterName"}, + "value":{"shape":"ParameterDetail"} + }, + "ParameterName":{ + "type":"string", + "pattern":"^([0-9a-zA-Z][_-]?){1,100}$" + }, + "ParameterType":{ + "type":"string", + "enum":[ + "string", + "number", + "integer", + "boolean", + "array" + ] + }, "Parameters":{ "type":"list", "member":{"shape":"Parameter"} @@ -2617,6 +3115,10 @@ "min":0, "sensitive":true }, + "Payload":{ + "type":"string", + "sensitive":true + }, "PayloadPart":{ "type":"structure", "members":{ @@ -2737,11 +3239,70 @@ "sensitive":true, "union":true }, + "PromptConfiguration":{ + "type":"structure", + "members":{ + "basePromptTemplate":{ + "shape":"BasePromptTemplate", + "documentation":"Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see Prompt template placeholder variables. For more information, see Configure the prompt templates.
" + }, + "inferenceConfiguration":{ + "shape":"InferenceConfiguration", + "documentation":"Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the promptType. For more information, see Inference parameters for foundation models.
Specifies whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the promptType. If you set the field as OVERRIDEN, the overrideLambda field in the PromptOverrideConfiguration must be specified with the ARN of a Lambda function.
Specifies whether to override the default prompt template for this promptType. Set this value to OVERRIDDEN to use the prompt that you provide in the basePromptTemplate. If you leave it as DEFAULT, the agent uses a default prompt template.
Specifies whether to allow the inline agent to carry out the step specified in the promptType. If you set this value to DISABLED, the agent skips that step. The default state for each promptType is as follows.
PRE_PROCESSING – ENABLED
ORCHESTRATION – ENABLED
KNOWLEDGE_BASE_RESPONSE_GENERATION – ENABLED
POST_PROCESSING – DISABLED
The step in the agent sequence that this prompt configuration applies to.
" + } + }, + "documentation":"Contains configurations to override a prompt template in one part of an agent sequence. For more information, see Advanced prompts.
" + }, + "PromptConfigurations":{ + "type":"list", + "member":{"shape":"PromptConfiguration"}, + "max":10, + "min":0 + }, + "PromptOverrideConfiguration":{ + "type":"structure", + "required":["promptConfigurations"], + "members":{ + "overrideLambda":{ + "shape":"LambdaResourceArn", + "documentation":"The ARN of the Lambda function to use when parsing the raw foundation model output in parts of the agent sequence. If you specify this field, at least one of the promptConfigurations must contain a parserMode value that is set to OVERRIDDEN. For more information, see Parser Lambda function in Amazon Bedrock Agents.
Contains configurations to override a prompt template in one part of an agent sequence. For more information, see Advanced prompts.
" + } + }, + "documentation":"Contains configurations to override prompts in different parts of an agent sequence. For more information, see Advanced prompts.
", + "sensitive":true + }, "PromptSessionAttributesMap":{ "type":"map", "key":{"shape":"String"}, "value":{"shape":"String"} }, + "PromptState":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "PromptTemplate":{ "type":"structure", "members":{ @@ -2762,7 +3323,8 @@ "PRE_PROCESSING", "ORCHESTRATION", "KNOWLEDGE_BASE_RESPONSE_GENERATION", - "POST_PROCESSING" + "POST_PROCESSING", + "ROUTING_CLASSIFIER" ] }, "PropertyParameters":{ @@ -2856,6 +3418,25 @@ }, "documentation":"The parameters in the API request body.
" }, + "RequireConfirmation":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, + "ResourceDescription":{ + "type":"string", + "documentation":"/ @documentation("Description of the using the resource.")
", + "max":200, + "min":1, + "sensitive":true + }, + "ResourceName":{ + "type":"string", + "pattern":"^([0-9a-zA-Z][_-]?){1,100}$", + "sensitive":true + }, "ResourceNotFoundException":{ "type":"structure", "members":{ @@ -3324,6 +3905,26 @@ "event":true, "sensitive":true }, + "S3BucketName":{ + "type":"string", + "max":63, + "min":3, + "pattern":"^[a-z0-9][\\.\\-a-z0-9]{1,61}[a-z0-9]$" + }, + "S3Identifier":{ + "type":"structure", + "members":{ + "s3BucketName":{ + "shape":"S3BucketName", + "documentation":"The name of the S3 bucket.
" + }, + "s3ObjectKey":{ + "shape":"S3ObjectKey", + "documentation":"The S3 object key for the S3 resource.
" + } + }, + "documentation":"The identifier information for an Amazon S3 bucket.
" + }, "S3ObjectDoc":{ "type":"structure", "required":["uri"], @@ -3346,6 +3947,12 @@ }, "documentation":"Contains details of the s3 object where the source file is located.
" }, + "S3ObjectKey":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"^[\\.\\-\\!\\*\\_\\'\\(\\)a-zA-Z0-9][\\.\\-\\!\\*\\_\\'\\(\\)\\/a-zA-Z0-9]*$" + }, "S3Uri":{ "type":"string", "max":1024, @@ -3412,6 +4019,12 @@ }, "documentation":"Contains parameters that specify various attributes that persist across a session or prompt. You can define session state attributes as key-value pairs when writing a Lambda function for an action group or pass them when making an InvokeAgent request. Use session state attributes to control and provide conversational context for your agent and to help customize your agent's behavior. For more information, see Control session context.
" }, + "SessionTTL":{ + "type":"integer", + "box":true, + "max":3600, + "min":60 + }, "Source":{ "type":"string", "enum":[ diff --git a/botocore/data/ce/2017-10-25/service-2.json b/botocore/data/ce/2017-10-25/service-2.json index e5447b9aa3..f958c92655 100644 --- a/botocore/data/ce/2017-10-25/service-2.json +++ b/botocore/data/ce/2017-10-25/service-2.json @@ -444,7 +444,7 @@ {"shape":"InvalidNextTokenException"}, {"shape":"DataUnavailableException"} ], - "documentation":"Lists the commitment purchase analyses for your account based on the last 30 days.
" + "documentation":"Lists the commitment purchase analyses for your account.
" }, "ListCostAllocationTagBackfillHistory":{ "name":"ListCostAllocationTagBackfillHistory", @@ -543,7 +543,7 @@ {"shape":"DataUnavailableException"}, {"shape":"GenerationExistsException"} ], - "documentation":"Specifies the parameters of a planned commitment purchase and starts the generation of the analysis. This enables you to estimate the cost, coverage, and utilization impact of your planned commitment purchases. You can request up to 20 analysis runs per day.
" + "documentation":"Specifies the parameters of a planned commitment purchase and starts the generation of the analysis. This enables you to estimate the cost, coverage, and utilization impact of your planned commitment purchases.
" }, "StartCostAllocationTagBackfill":{ "name":"StartCostAllocationTagBackfill", @@ -741,11 +741,11 @@ }, "AnalysisId":{ "shape":"AnalysisId", - "documentation":"The analysis ID that's associated with the commitment purchase.
" + "documentation":"The analysis ID that's associated with the commitment purchase analysis.
" }, "CommitmentPurchaseAnalysisConfiguration":{ "shape":"CommitmentPurchaseAnalysisConfiguration", - "documentation":"The analysis configuration for the commitment purchase analysis.
" + "documentation":"The configuration for the commitment purchase analysis.
" } }, "documentation":"A summary of the analysis.
" @@ -1281,7 +1281,7 @@ "Value":{"shape":"CostCategoryValue"}, "Rule":{ "shape":"Expression", - "documentation":"An Expression object used to categorize costs. This supports dimensions, tags, and nested expressions. Currently the only dimensions supported are LINKED_ACCOUNT, SERVICE_CODE, RECORD_TYPE, LINKED_ACCOUNT_NAME, REGION, USAGE_TYPE, and BILLING_ENTITY.
RECORD_TYPE is a dimension used for Cost Explorer APIs, and is also supported for Cost Category expressions. This dimension uses different terms, depending on whether you're using the console or API/JSON editor. For a detailed comparison, see Term Comparisons in the Billing and Cost Management User Guide.
An Expression object used to categorize costs. This supports dimensions, tags, and nested expressions. Currently the only dimensions supported are LINKED_ACCOUNT, SERVICE_CODE, RECORD_TYPE, LINKED_ACCOUNT_NAME, REGION, and USAGE_TYPE.
RECORD_TYPE is a dimension used for Cost Explorer APIs, and is also supported for Cost Category expressions. This dimension uses different terms, depending on whether you're using the console or API/JSON editor. For a detailed comparison, see Term Comparisons in the Billing and Cost Management User Guide.
A request to generate a recommendation is already in progress.
", + "documentation":"A request to generate a recommendation or analysis is already in progress.
", "exception":true }, "GenerationStatus":{ @@ -4226,15 +4226,15 @@ }, "AverageUtilization":{ "shape":"GenericString", - "documentation":"The average utilization of your recommendations. Amazon Web Services uses this to calculate your recommended reservation purchases.
" + "documentation":"The average utilization of your instances. Amazon Web Services uses this to calculate your recommended reservation purchases.
" }, "EstimatedBreakEvenInMonths":{ "shape":"GenericString", - "documentation":"How long Amazon Web Services estimates that it takes for this recommendation to start saving you money, in months.
" + "documentation":"How long Amazon Web Services estimates that it takes for this instance to start saving you money, in months.
" }, "CurrencyCode":{ "shape":"GenericString", - "documentation":"The currency code that Amazon Web Services used to calculate the costs for this recommendation.
" + "documentation":"The currency code that Amazon Web Services used to calculate the costs for this instance.
" }, "EstimatedMonthlySavingsAmount":{ "shape":"GenericString", @@ -4254,11 +4254,11 @@ }, "UpfrontCost":{ "shape":"GenericString", - "documentation":"How much purchasing this recommendation costs you upfront.
" + "documentation":"How much purchasing this instance costs you upfront.
" }, "RecurringStandardMonthlyCost":{ "shape":"GenericString", - "documentation":"How much purchasing this recommendation costs you on a monthly basis.
" + "documentation":"How much purchasing this instance costs you on a monthly basis.
" }, "ReservedCapacityDetails":{ "shape":"ReservedCapacityDetails", @@ -4580,16 +4580,31 @@ "shape":"GenericString", "documentation":"The member account value that's associated with the cost anomaly.
" }, + "LinkedAccountName":{ + "shape":"GenericString", + "documentation":"The member account name value that's associated with the cost anomaly.
" + }, "UsageType":{ "shape":"GenericString", "documentation":"The UsageType value that's associated with the cost anomaly.
The member account name value that's associated with the cost anomaly.
" + "Impact":{ + "shape":"RootCauseImpact", + "documentation":"The dollar impact for the root cause.
" + } + }, + "documentation":"The combination of Amazon Web Services service, linked account, linked account name, Region, and usage type where a cost anomaly is observed, along with the dollar and percentage amount of the anomaly impact. The linked account name will only be available when the account name can be identified.
" + }, + "RootCauseImpact":{ + "type":"structure", + "required":["Contribution"], + "members":{ + "Contribution":{ + "shape":"GenericDouble", + "documentation":"The dollar amount that this root cause contributed to the anomaly's TotalImpact.
" } }, - "documentation":"The combination of Amazon Web Services service, linked account, linked account name, Region, and usage type where a cost anomaly is observed. The linked account name will only be available when the account name can be identified.
" + "documentation":"The dollar value of the root cause.
" }, "RootCauses":{ "type":"list", @@ -4625,7 +4640,7 @@ }, "OfferingId":{ "shape":"GenericString", - "documentation":"The unique ID that's used to distinguish commitments from one another.
" + "documentation":"The unique ID that's used to distinguish Savings Plans commitments from one another.
" } }, "documentation":"The Savings Plans commitment details.
" @@ -4819,19 +4834,19 @@ }, "EstimatedOnDemandCost":{ "shape":"GenericString", - "documentation":"The remaining On-Demand cost estimated to not be covered by the commitment, over the length of the lookback period.
" + "documentation":"The remaining On-Demand cost estimated to not be covered by the Savings Plan over the length of the lookback period.
" }, "EstimatedOnDemandCostWithCurrentCommitment":{ "shape":"GenericString", - "documentation":"The estimated On-Demand cost you expect with no additional commitment, based on your usage of the selected time period and the Savings Plan you own.
" + "documentation":"The estimated On-Demand cost you expect with no additional commitment based on your usage of the selected time period and the Savings Plan you own.
" }, "EstimatedROI":{ "shape":"GenericString", - "documentation":"The estimated return on investment that's based on the purchase commitment and estimated savings. This is calculated as estimatedSavingsAmount/estimatedSPCost*100.
" + "documentation":"The estimated return on investment that's based on the Savings Plan and estimated savings. This is calculated as estimatedSavingsAmount/estimatedSPCost*100.
" }, "EstimatedSavingsAmount":{ "shape":"GenericString", - "documentation":"The estimated savings amount that's based on the purchase commitment over the length of the lookback period.
" + "documentation":"The estimated savings amount that's based on the Savings Plan over the length of the lookback period.
" }, "EstimatedSavingsPercentage":{ "shape":"GenericString", @@ -4839,7 +4854,7 @@ }, "EstimatedCommitmentCost":{ "shape":"GenericString", - "documentation":"The estimated cost of the purchase commitment over the length of the lookback period.
" + "documentation":"The estimated cost of the Savings Plan over the length of the lookback period.
" }, "LatestUsageTimestamp":{ "shape":"GenericString", @@ -4847,7 +4862,7 @@ }, "UpfrontCost":{ "shape":"GenericString", - "documentation":"The upfront cost of the Savings Plan, based on the selected payment option.
" + "documentation":"The upfront cost of the Savings Plan based on the selected payment option.
" }, "AdditionalMetadata":{ "shape":"GenericString", diff --git a/botocore/data/chatbot/2017-10-11/paginators-1.json b/botocore/data/chatbot/2017-10-11/paginators-1.json index 61484d8433..5e4b76466c 100644 --- a/botocore/data/chatbot/2017-10-11/paginators-1.json +++ b/botocore/data/chatbot/2017-10-11/paginators-1.json @@ -41,6 +41,18 @@ "output_token": "NextToken", "limit_key": "MaxResults", "result_key": "TeamsUserIdentities" + }, + "ListAssociations": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults", + "result_key": "Associations" + }, + "ListCustomActions": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults", + "result_key": "CustomActions" } } } diff --git a/botocore/data/chatbot/2017-10-11/service-2.json b/botocore/data/chatbot/2017-10-11/service-2.json index af4332e9c5..e516a4335a 100644 --- a/botocore/data/chatbot/2017-10-11/service-2.json +++ b/botocore/data/chatbot/2017-10-11/service-2.json @@ -13,6 +13,23 @@ "uid":"chatbot-2017-10-11" }, "operations":{ + "AssociateToConfiguration":{ + "name":"AssociateToConfiguration", + "http":{ + "method":"POST", + "requestUri":"/associate-to-configuration", + "responseCode":201 + }, + "input":{"shape":"AssociateToConfigurationRequest"}, + "output":{"shape":"AssociateToConfigurationResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Links a resource (for example, a custom action) to a channel configuration.
", + "idempotent":true + }, "CreateChimeWebhookConfiguration":{ "name":"CreateChimeWebhookConfiguration", "http":{ @@ -31,6 +48,25 @@ ], "documentation":"Creates an AWS Chatbot configuration for Amazon Chime.
" }, + "CreateCustomAction":{ + "name":"CreateCustomAction", + "http":{ + "method":"POST", + "requestUri":"/create-custom-action", + "responseCode":201 + }, + "input":{"shape":"CreateCustomActionRequest"}, + "output":{"shape":"CreateCustomActionResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"LimitExceededException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Creates a custom action that can be invoked as an alias or as a button on a notification.
", + "idempotent":true + }, "CreateMicrosoftTeamsChannelConfiguration":{ "name":"CreateMicrosoftTeamsChannelConfiguration", "http":{ @@ -84,6 +120,24 @@ ], "documentation":"Deletes a Amazon Chime webhook configuration for AWS Chatbot.
" }, + "DeleteCustomAction":{ + "name":"DeleteCustomAction", + "http":{ + "method":"POST", + "requestUri":"/delete-custom-action", + "responseCode":204 + }, + "input":{"shape":"DeleteCustomActionRequest"}, + "output":{"shape":"DeleteCustomActionResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Deletes a custom action.
", + "idempotent":true + }, "DeleteMicrosoftTeamsChannelConfiguration":{ "name":"DeleteMicrosoftTeamsChannelConfiguration", "http":{ @@ -244,6 +298,23 @@ ], "documentation":"List all authorized Slack workspaces connected to the AWS Account onboarded with AWS Chatbot.
" }, + "DisassociateFromConfiguration":{ + "name":"DisassociateFromConfiguration", + "http":{ + "method":"POST", + "requestUri":"/disassociate-from-configuration", + "responseCode":204 + }, + "input":{"shape":"DisassociateFromConfigurationRequest"}, + "output":{"shape":"DisassociateFromConfigurationResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Unlink a resource, for example a custom action, from a channel configuration.
", + "idempotent":true + }, "GetAccountPreferences":{ "name":"GetAccountPreferences", "http":{ @@ -259,6 +330,23 @@ ], "documentation":"Returns AWS Chatbot account preferences.
" }, + "GetCustomAction":{ + "name":"GetCustomAction", + "http":{ + "method":"POST", + "requestUri":"/get-custom-action", + "responseCode":200 + }, + "input":{"shape":"GetCustomActionRequest"}, + "output":{"shape":"GetCustomActionResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Returns a custom action.
" + }, "GetMicrosoftTeamsChannelConfiguration":{ "name":"GetMicrosoftTeamsChannelConfiguration", "http":{ @@ -275,6 +363,33 @@ ], "documentation":"Returns a Microsoft Teams channel configuration in an AWS account.
" }, + "ListAssociations":{ + "name":"ListAssociations", + "http":{ + "method":"POST", + "requestUri":"/list-associations", + "responseCode":200 + }, + "input":{"shape":"ListAssociationsRequest"}, + "output":{"shape":"ListAssociationsResult"}, + "documentation":"Lists resources associated with a channel configuration.
" + }, + "ListCustomActions":{ + "name":"ListCustomActions", + "http":{ + "method":"POST", + "requestUri":"/list-custom-actions", + "responseCode":200 + }, + "input":{"shape":"ListCustomActionsRequest"}, + "output":{"shape":"ListCustomActionsResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Lists custom actions defined in this account.
" + }, "ListMicrosoftTeamsChannelConfigurations":{ "name":"ListMicrosoftTeamsChannelConfigurations", "http":{ @@ -405,6 +520,23 @@ ], "documentation":"Updates a Amazon Chime webhook configuration.
" }, + "UpdateCustomAction":{ + "name":"UpdateCustomAction", + "http":{ + "method":"POST", + "requestUri":"/update-custom-action", + "responseCode":200 + }, + "input":{"shape":"UpdateCustomActionRequest"}, + "output":{"shape":"UpdateCustomActionResult"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServiceError"}, + {"shape":"UnauthorizedException"} + ], + "documentation":"Updates a custom action.
" + }, "UpdateMicrosoftTeamsChannelConfiguration":{ "name":"UpdateMicrosoftTeamsChannelConfiguration", "http":{ @@ -467,6 +599,43 @@ "min":12, "pattern":"arn:aws:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}" }, + "AssociateToConfigurationRequest":{ + "type":"structure", + "required":[ + "Resource", + "ChatConfiguration" + ], + "members":{ + "Resource":{ + "shape":"ResourceIdentifier", + "documentation":"The resource Amazon Resource Name (ARN) to link.
" + }, + "ChatConfiguration":{ + "shape":"ChatConfigurationArn", + "documentation":"The channel configuration to associate with the resource.
" + } + } + }, + "AssociateToConfigurationResult":{ + "type":"structure", + "members":{ + } + }, + "AssociationList":{ + "type":"list", + "member":{"shape":"AssociationListing"} + }, + "AssociationListing":{ + "type":"structure", + "required":["Resource"], + "members":{ + "Resource":{ + "shape":"Arn", + "documentation":"The Amazon Resource Name (ARN) of the resource (for example, a custom action).
" + } + }, + "documentation":"A listing of an association with a channel configuration.
" + }, "AwsUserIdentity":{ "type":"string", "max":1101, @@ -498,7 +667,7 @@ }, "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the ChimeWebhookConfiguration.
" + "documentation":"The Amazon Resource Name (ARN) of the ChimeWebhookConfiguration.
" }, "IamRoleArn":{ "shape":"Arn", @@ -548,6 +717,12 @@ "pattern":"https://hooks\\.chime\\.aws/incomingwebhooks/[A-Za-z0-9\\-]+?\\?token=[A-Za-z0-9\\-]+", "sensitive":true }, + "ClientToken":{ + "type":"string", + "max":126, + "min":33, + "pattern":"[\\x21-\\x7F]+" + }, "ConfigurationName":{ "type":"string", "max":128, @@ -659,6 +834,50 @@ } } }, + "CreateCustomActionRequest":{ + "type":"structure", + "required":[ + "Definition", + "ActionName" + ], + "members":{ + "Definition":{ + "shape":"CustomActionDefinition", + "documentation":"The definition of the command to run when invoked as an alias or as an action button.
" + }, + "AliasName":{ + "shape":"CustomActionAliasName", + "documentation":"The name used to invoke this action in a chat channel. For example, @aws run my-alias.
Defines when this custom action button should be attached to a notification.
" + }, + "Tags":{ + "shape":"TagList", + "documentation":"A map of tags assigned to a resource. A tag is a string-to-string map of key-value pairs.
" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, subsequent retries with the same client token returns the result from the original successful request.
If you do not specify a client token, one is automatically generated by the SDK.
", + "idempotencyToken":true + }, + "ActionName":{ + "shape":"CustomActionName", + "documentation":"The name of the custom action. This name is included in the Amazon Resource Name (ARN).
" + } + } + }, + "CreateCustomActionResult":{ + "type":"structure", + "required":["CustomActionArn"], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"The fully defined ARN of the custom action.
" + } + } + }, "CreateSlackChannelConfigurationException":{ "type":"structure", "members":{ @@ -808,6 +1027,179 @@ } } }, + "CustomAction":{ + "type":"structure", + "required":[ + "CustomActionArn", + "Definition" + ], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"The fully defined Amazon Resource Name (ARN) of the custom action.
" + }, + "Definition":{ + "shape":"CustomActionDefinition", + "documentation":"The definition of the command to run when invoked an alias or as an action button.
" + }, + "AliasName":{ + "shape":"CustomActionAliasName", + "documentation":"The name used to invoke this action in the chat channel. For example, @aws run my-alias.
Defines when this custom action button should be attached to a notification.
" + }, + "ActionName":{ + "shape":"CustomActionName", + "documentation":"The name of the custom action that is included in the ARN.
" + } + }, + "documentation":"Represents a parameterized command that can be invoked as an alias or as a notification button in the chat client.
" + }, + "CustomActionAliasName":{ + "type":"string", + "max":30, + "min":1, + "pattern":"[A-Za-z0-9-_]+" + }, + "CustomActionArn":{ + "type":"string", + "max":1011, + "min":1, + "pattern":"arn:aws:chatbot:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:custom-action/[a-zA-Z0-9_-]{1,64}" + }, + "CustomActionArnList":{ + "type":"list", + "member":{"shape":"CustomActionArn"} + }, + "CustomActionAttachment":{ + "type":"structure", + "members":{ + "NotificationType":{ + "shape":"CustomActionAttachmentNotificationType", + "documentation":"The type of notification that the custom action should be attached to.
" + }, + "ButtonText":{ + "shape":"CustomActionButtonText", + "documentation":"The text of the button that appears on the notification.
" + }, + "Criteria":{ + "shape":"CustomActionAttachmentCriteriaList", + "documentation":"The criteria for when a button should be shown based on values in the notification.
" + }, + "Variables":{ + "shape":"CustomActionAttachmentVariables", + "documentation":"The variables to extract from the notification.
" + } + }, + "documentation":"Defines when a custom action button should be attached to a notification.
" + }, + "CustomActionAttachmentCriteria":{ + "type":"structure", + "required":[ + "Operator", + "VariableName" + ], + "members":{ + "Operator":{ + "shape":"CustomActionAttachmentCriteriaOperator", + "documentation":"The operation to perform on the named variable.
" + }, + "VariableName":{ + "shape":"CustomActionAttachmentCriteriaVariableNameString", + "documentation":"The name of the variable to operate on.
" + }, + "Value":{ + "shape":"CustomActionAttachmentCriteriaValueString", + "documentation":"A value that is compared with the actual value of the variable based on the behavior of the operator.
" + } + }, + "documentation":"A criteria for when a button should be shown based on values in the notification
" + }, + "CustomActionAttachmentCriteriaList":{ + "type":"list", + "member":{"shape":"CustomActionAttachmentCriteria"}, + "max":5, + "min":1 + }, + "CustomActionAttachmentCriteriaOperator":{ + "type":"string", + "enum":[ + "HAS_VALUE", + "EQUALS" + ] + }, + "CustomActionAttachmentCriteriaValueString":{ + "type":"string", + "max":1024, + "min":0, + "pattern":"[\\S\\s]+" + }, + "CustomActionAttachmentCriteriaVariableNameString":{ + "type":"string", + "max":100, + "min":1, + "pattern":"[A-Za-z0-9-_]+" + }, + "CustomActionAttachmentList":{ + "type":"list", + "member":{"shape":"CustomActionAttachment"} + }, + "CustomActionAttachmentNotificationType":{ + "type":"string", + "max":100, + "min":1, + "pattern":"[a-zA-Z0-9-]+" + }, + "CustomActionAttachmentVariables":{ + "type":"map", + "key":{"shape":"CustomActionAttachmentVariablesKeyString"}, + "value":{"shape":"CustomActionAttachmentVariablesValueString"}, + "max":5, + "min":1 + }, + "CustomActionAttachmentVariablesKeyString":{ + "type":"string", + "max":100, + "min":1, + "pattern":"[A-Za-z0-9-_]+" + }, + "CustomActionAttachmentVariablesValueString":{ + "type":"string", + "max":1024, + "min":0, + "pattern":"[\\x21-\\x7F]+" + }, + "CustomActionButtonText":{ + "type":"string", + "max":50, + "min":1, + "pattern":"[\\S\\s]+" + }, + "CustomActionDefinition":{ + "type":"structure", + "required":["CommandText"], + "members":{ + "CommandText":{ + "shape":"CustomActionDefinitionCommandTextString", + "documentation":"The command string to run which may include variables by prefixing with a dollar sign ($).
" + } + }, + "documentation":"The definition of the command to run when invoked as an alias or as an action button.
" + }, + "CustomActionDefinitionCommandTextString":{ + "type":"string", + "max":100, + "min":1, + "pattern":"[\\S\\s]+" + }, + "CustomActionName":{ + "type":"string", + "max":64, + "min":1, + "pattern":"[a-zA-Z0-9_-]{1,64}" + }, "CustomerCwLogLevel":{ "type":"string", "max":5, @@ -839,6 +1231,21 @@ "members":{ } }, + "DeleteCustomActionRequest":{ + "type":"structure", + "required":["CustomActionArn"], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"The fully defined ARN of the custom action.
" + } + } + }, + "DeleteCustomActionResult":{ + "type":"structure", + "members":{ + } + }, "DeleteMicrosoftTeamsUserIdentityException":{ "type":"structure", "members":{ @@ -1031,7 +1438,7 @@ }, "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"An optional Amazon Resource Number (ARN) of a ChimeWebhookConfiguration to describe.
" + "documentation":"An optional Amazon Resource Name (ARN) of a ChimeWebhookConfiguration to describe.
" } } }, @@ -1071,7 +1478,7 @@ }, "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"An optional Amazon Resource Number (ARN) of a SlackChannelConfiguration to describe.
" + "documentation":"An optional Amazon Resource Name (ARN) of a SlackChannelConfiguration to describe.
" } } }, @@ -1103,7 +1510,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the SlackChannelConfiguration associated with the user identities to describe.
" + "documentation":"The Amazon Resource Name (ARN) of the SlackChannelConfiguration associated with the user identities to describe.
" }, "NextToken":{ "shape":"PaginationToken", @@ -1164,6 +1571,28 @@ } } }, + "DisassociateFromConfigurationRequest":{ + "type":"structure", + "required":[ + "Resource", + "ChatConfiguration" + ], + "members":{ + "Resource":{ + "shape":"ResourceIdentifier", + "documentation":"The resource (for example, a custom action) Amazon Resource Name (ARN) to unlink.
" + }, + "ChatConfiguration":{ + "shape":"ChatConfigurationArn", + "documentation":"The channel configuration the resource is being disassociated from.
" + } + } + }, + "DisassociateFromConfigurationResult":{ + "type":"structure", + "members":{ + } + }, "ErrorMessage":{"type":"string"}, "GetAccountPreferencesException":{ "type":"structure", @@ -1189,6 +1618,25 @@ } } }, + "GetCustomActionRequest":{ + "type":"structure", + "required":["CustomActionArn"], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"Returns the fully defined Amazon Resource Name (ARN) of the custom action.
" + } + } + }, + "GetCustomActionResult":{ + "type":"structure", + "members":{ + "CustomAction":{ + "shape":"CustomAction", + "documentation":"Returns the custom action.
" + } + } + }, "GetTeamsChannelConfigurationException":{ "type":"structure", "members":{ @@ -1205,7 +1653,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the MicrosoftTeamsChannelConfiguration to retrieve.
" + "documentation":"The Amazon Resource Name (ARN) of the MicrosoftTeamsChannelConfiguration to retrieve.
" } } }, @@ -1274,6 +1722,101 @@ }, "exception":true }, + "ListAssociationsRequest":{ + "type":"structure", + "required":["ChatConfiguration"], + "members":{ + "ChatConfiguration":{ + "shape":"ChatConfigurationArn", + "documentation":"The channel configuration to list associations for.
" + }, + "MaxResults":{ + "shape":"ListAssociationsRequestMaxResultsInteger", + "documentation":"The maximum number of results to include in the response. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
" + }, + "NextToken":{ + "shape":"ListAssociationsRequestNextTokenString", + "documentation":"An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
" + } + } + }, + "ListAssociationsRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListAssociationsRequestNextTokenString":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"[\\x20-\\x7F]+" + }, + "ListAssociationsResult":{ + "type":"structure", + "required":["Associations"], + "members":{ + "Associations":{ + "shape":"AssociationList", + "documentation":"The resources associated with this channel configuration.
" + }, + "NextToken":{ + "shape":"ListAssociationsResultNextTokenString", + "documentation":"An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
" + } + } + }, + "ListAssociationsResultNextTokenString":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"[\\x20-\\x7F]+" + }, + "ListCustomActionsRequest":{ + "type":"structure", + "members":{ + "MaxResults":{ + "shape":"ListCustomActionsRequestMaxResultsInteger", + "documentation":"The maximum number of results to include in the response. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
" + }, + "NextToken":{ + "shape":"ListCustomActionsRequestNextTokenString", + "documentation":"An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
" + } + } + }, + "ListCustomActionsRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListCustomActionsRequestNextTokenString":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"[\\x20-\\x7F]+" + }, + "ListCustomActionsResult":{ + "type":"structure", + "required":["CustomActions"], + "members":{ + "CustomActions":{ + "shape":"CustomActionArnList", + "documentation":"A list of custom actions.
" + }, + "NextToken":{ + "shape":"ListCustomActionsResultNextTokenString", + "documentation":"An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
" + } + } + }, + "ListCustomActionsResultNextTokenString":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"[\\x20-\\x7F]+" + }, "ListMicrosoftTeamsConfiguredTeamsException":{ "type":"structure", "members":{ @@ -1325,7 +1868,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the MicrosoftTeamsChannelConfiguration associated with the user identities to list.
" + "documentation":"The Amazon Resource Name (ARN) of the MicrosoftTeamsChannelConfiguration associated with the user identities to list.
" }, "NextToken":{ "shape":"PaginationToken", @@ -1356,7 +1899,7 @@ "members":{ "ResourceARN":{ "shape":"AmazonResourceName", - "documentation":"The ARN you specified to list the tags of.
" + "documentation":"The ARN of the resource to list tags for.
" } } }, @@ -1421,6 +1964,12 @@ "min":1, "pattern":"[a-zA-Z0-9=\\/+_.\\-,#:\\\\\"{}]{4,1276}" }, + "ResourceIdentifier":{ + "type":"string", + "max":1011, + "min":1, + "pattern":"arn:aws:chatbot:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:custom-action/[a-zA-Z0-9_-]{1,64}" + }, "ResourceNotFoundException":{ "type":"structure", "members":{ @@ -1479,7 +2028,7 @@ }, "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the SlackChannelConfiguration.
" + "documentation":"The Amazon Resource Name (ARN) of the SlackChannelConfiguration.
" }, "IamRoleArn":{ "shape":"Arn", @@ -1572,7 +2121,7 @@ }, "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the SlackChannelConfiguration associated with the user identity to delete.
" + "documentation":"The Amazon Resource Name (ARN) of the SlackChannelConfiguration associated with the user identity to delete.
" }, "SlackTeamId":{ "shape":"SlackTeamId", @@ -1849,6 +2398,18 @@ "min":36, "pattern":"[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}" }, + "UnauthorizedException":{ + "type":"structure", + "members":{ + "message":{"shape":"ErrorMessage"} + }, + "documentation":"The request was rejected because it doesn't have valid credentials for the target resource.
", + "error":{ + "httpStatusCode":403, + "senderFault":true + }, + "exception":true + }, "UntagResourceRequest":{ "type":"structure", "required":[ @@ -1919,7 +2480,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the ChimeWebhookConfiguration to update.
" + "documentation":"The Amazon Resource Name (ARN) of the ChimeWebhookConfiguration to update.
" }, "WebhookDescription":{ "shape":"ChimeWebhookDescription", @@ -1952,6 +2513,41 @@ } } }, + "UpdateCustomActionRequest":{ + "type":"structure", + "required":[ + "CustomActionArn", + "Definition" + ], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"The fully defined Amazon Resource Name (ARN) of the custom action.
" + }, + "Definition":{ + "shape":"CustomActionDefinition", + "documentation":"The definition of the command to run when invoked as an alias or as an action button.
" + }, + "AliasName":{ + "shape":"CustomActionAliasName", + "documentation":"The name used to invoke this action in the chat channel. For example, @aws run my-alias.
Defines when this custom action button should be attached to a notification.
" + } + } + }, + "UpdateCustomActionResult":{ + "type":"structure", + "required":["CustomActionArn"], + "members":{ + "CustomActionArn":{ + "shape":"CustomActionArn", + "documentation":"The fully defined ARN of the custom action.
" + } + } + }, "UpdateSlackChannelConfigurationException":{ "type":"structure", "members":{ @@ -1971,7 +2567,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the SlackChannelConfiguration to update.
" + "documentation":"The Amazon Resource Name (ARN) of the SlackChannelConfiguration to update.
" }, "SlackChannelId":{ "shape":"SlackChannelId", @@ -2031,7 +2627,7 @@ "members":{ "ChatConfigurationArn":{ "shape":"ChatConfigurationArn", - "documentation":"The Amazon Resource Number (ARN) of the TeamsChannelConfiguration to update.
" + "documentation":"The Amazon Resource Name (ARN) of the TeamsChannelConfiguration to update.
" }, "ChannelId":{ "shape":"TeamsChannelId", diff --git a/botocore/data/codepipeline/2015-07-09/service-2.json b/botocore/data/codepipeline/2015-07-09/service-2.json index 7b919be2ca..9ae1256b9b 100644 --- a/botocore/data/codepipeline/2015-07-09/service-2.json +++ b/botocore/data/codepipeline/2015-07-09/service-2.json @@ -996,6 +996,10 @@ "errorDetails":{ "shape":"ErrorDetails", "documentation":"The details of an error returned by a URL external to Amazon Web Services.
" + }, + "logStreamARN":{ + "shape":"LogStreamARN", + "documentation":"The Amazon Resource Name (ARN) of the log stream for the action compute.
" } }, "documentation":"Represents information about the run of an action.
" @@ -1133,7 +1137,11 @@ "shape":"Url", "documentation":"The deepest external link to the external resource (for example, a repository URL or deployment endpoint) that is used when running the action.
" }, - "errorDetails":{"shape":"ErrorDetails"} + "errorDetails":{"shape":"ErrorDetails"}, + "logStreamARN":{ + "shape":"LogStreamARN", + "documentation":"The Amazon Resource Name (ARN) of the log stream for the action compute.
" + } }, "documentation":"Execution result information, such as the external execution ID.
" }, @@ -3268,6 +3276,11 @@ } } }, + "LogStreamARN":{ + "type":"string", + "max":250, + "min":1 + }, "MatchEquals":{ "type":"string", "max":150, @@ -3988,7 +4001,7 @@ }, "token":{ "shape":"ApprovalToken", - "documentation":"The system-generated token used to identify a unique approval request. The token for each open approval request can be obtained using the GetPipelineState action. It is used to validate that the approval request corresponding to this token is still valid.
" + "documentation":"The system-generated token used to identify a unique approval request. The token for each open approval request can be obtained using the GetPipelineState action. It is used to validate that the approval request corresponding to this token is still valid.
For a pipeline where the execution mode is set to PARALLEL, the token required to approve/reject approval request as detailed above is not available. Instead, use the externalExecutionId from the GetPipelineState action as the token in the approval request.
Represents the input of a PutApprovalResult action.
Creates a new user in the specified user pool.
If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Creates a new user in the specified user pool.
If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.
Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.
In either case, if the user has a password, they will be in the FORCE_CHANGE_PASSWORD state until they sign in and set their password. Your invitation message template must have the {####} password placeholder if your users have passwords. If your template doesn't have this placeholder, Amazon Cognito doesn't deliver the invitation message. In this case, you must update your message template and resend the password with a new AdminCreateUser request with a MessageAction value of RESEND.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Gets the specified user by user name in a user pool as an administrator. Works on any user.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Gets the specified user by user name in a user pool as an administrator. Works on any user. This operation contributes to your monthly active user (MAU) count for the purpose of billing.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Initiates the authentication flow, as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Lists devices, as an administrator.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Lists a user's registered devices.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then perform the actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Resets the specified user's password in a user pool as an administrator. Works on any user.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Deactivates a user's password, requiring them to change it. If a user tries to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException error. Your app must then perform the actions that reset your user's password: the forgot-password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. An AdminRespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.
For custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Completes registration of a passkey authenticator for the current user. Your application provides data from a successful registration request with the data from the output of a StartWebAuthnRegistration.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Adds a configuration and trust relationship between a third-party identity provider (IdP) and a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Creates a new set of branding settings for a user pool style and associates it with an app client. This operation is the programmatic option for the creation of a new style in the branding designer.
Provides values for UI customization in a Settings JSON object and image files in an Assets array. To send the JSON object Document type parameter in Settings, you might need to update to the most recent version of your Amazon Web Services SDK.
This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.
For more information, see API and SDK operations for managed login branding
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Creates a new domain for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Creates a new domain for a user pool. The domain hosts user pool domain services like managed login, the hosted UI (classic), and the user pool authorization server.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Deletes an IdP for a user pool.
" }, + "DeleteManagedLoginBranding":{ + "name":"DeleteManagedLoginBranding", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteManagedLoginBrandingRequest"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ConcurrentModificationException"}, + {"shape":"InvalidParameterException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"NotAuthorizedException"}, + {"shape":"InternalErrorException"} + ], + "documentation":"Deletes a managed login branding style. When you delete a style, you delete the branding association for an app client and restore it to default settings.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Deletes a domain for a user pool.
" }, + "DeleteWebAuthnCredential":{ + "name":"DeleteWebAuthnCredential", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteWebAuthnCredentialRequest"}, + "output":{"shape":"DeleteWebAuthnCredentialResponse"}, + "errors":[ + {"shape":"ForbiddenException"}, + {"shape":"InternalErrorException"}, + {"shape":"InvalidParameterException"}, + {"shape":"NotAuthorizedException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Deletes a registered passkey, or webauthN, device for the currently signed-in user.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Gets information about a specific IdP.
" }, + "DescribeManagedLoginBranding":{ + "name":"DescribeManagedLoginBranding", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeManagedLoginBrandingRequest"}, + "output":{"shape":"DescribeManagedLoginBrandingResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InvalidParameterException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"NotAuthorizedException"}, + {"shape":"InternalErrorException"} + ], + "documentation":"When given the ID of a managed login branding style, returns detailed information about the style.
" + }, + "DescribeManagedLoginBrandingByClient":{ + "name":"DescribeManagedLoginBrandingByClient", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeManagedLoginBrandingByClientRequest"}, + "output":{"shape":"DescribeManagedLoginBrandingByClientResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InvalidParameterException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"NotAuthorizedException"}, + {"shape":"InternalErrorException"} + ], + "documentation":"When given the ID of a user pool app client, returns detailed information about the style assigned to the app client.
" + }, "DescribeResourceServer":{ "name":"DescribeResourceServer", "http":{ @@ -1140,7 +1259,7 @@ {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} ], - "documentation":"Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.
If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. To use the confirmation code for resetting the password, call ConfirmForgotPassword.
If neither a verified phone number nor a verified email exists, this API returns InvalidParameterException. If your app client has a client secret and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.
To use this API operation, your user pool must have self-service account recovery configured. Use AdminSetUserPassword if you manage passwords as an administrator.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Lists the authentication options for the currently signed-in user. Returns the following:
The user's multi-factor authentication (MFA) preferences.
The user's options in the USER_AUTH flow that they can select in a SELECT_CHALLENGE response or request in a PREFERRED_CHALLENGErequest.
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Lists the users in the specified group.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Generates a list of the current user's registered passkey, or webauthN, credentials.
", + "authtype":"none", + "auth":["smithy.api#noAuth"] + }, "ResendConfirmationCode":{ "name":"ResendConfirmationCode", "http":{ @@ -1592,7 +1752,7 @@ {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} ], - "documentation":"Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Some API operations in a user pool generate a challenge, like a prompt for an MFA code, for device authentication that bypasses MFA, or for a custom authentication challenge. A RespondToAuthChallenge API request provides the answer to that challenge, like a code or a secure remote password (SRP). The parameters of a response to an authentication challenge vary with the type of challenge.
For more information about custom authentication challenges, see Custom authentication challenge Lambda triggers.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs.
" }, @@ -1746,9 +1907,10 @@ {"shape":"InvalidSmsRoleAccessPolicyException"}, {"shape":"InvalidSmsRoleTrustRelationshipException"}, {"shape":"NotAuthorizedException"}, - {"shape":"InternalErrorException"} + {"shape":"InternalErrorException"}, + {"shape":"FeatureUnavailableInTierException"} ], - "documentation":"Sets the user pool multi-factor authentication (MFA) configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Sets the user pool multi-factor authentication (MFA) and passkey configuration.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Registers the user in the specified user pool and creates a user name, password, and user attributes.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
You might receive a LimitExceeded exception in response to this request if you have exceeded a rate quota for email or SMS messages, and if your user pool automatically verifies email addresses or phone numbers. When you get this exception in the response, the user is successfully created and is in an UNCONFIRMED state. You can send a new code with the ResendConfirmationCode request, or confirm the user as an administrator with an AdminConfirmSignUp request.
Starts the user import.
" }, + "StartWebAuthnRegistration":{ + "name":"StartWebAuthnRegistration", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"StartWebAuthnRegistrationRequest"}, + "output":{"shape":"StartWebAuthnRegistrationResponse"}, + "errors":[ + {"shape":"ForbiddenException"}, + {"shape":"InternalErrorException"}, + {"shape":"InvalidParameterException"}, + {"shape":"LimitExceededException"}, + {"shape":"NotAuthorizedException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"WebAuthnNotEnabledException"}, + {"shape":"WebAuthnConfigurationMissingException"} + ], + "documentation":"Requests credential creation options from your user pool for registration of a passkey authenticator. Returns information about the user pool, the user profile, and authentication requirements. Users must provide this information in their request to enroll your application with their passkey provider.
After users present this data and register with their passkey provider, return the response to your user pool in a CompleteWebAuthnRegistration API request.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Updates IdP information for a user pool.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Configures the branding settings for a user pool style. This operation is the programmatic option for the configuration of a style in the branding designer.
Provides values for UI customization in a Settings JSON object and image files in an Assets array.
This operation has a 2-megabyte request-size limit and include the CSS settings and image assets for your app client. Your branding settings might exceed 2MB in size. Amazon Cognito doesn't require that you pass all parameters in one request and preserves existing style settings that you don't specify. If your request is larger than 2MB, separate it into multiple requests, each with a size smaller than the limit.
For more information, see API and SDK operations for managed login branding.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
With this operation, your users can update one or more of their attributes with their own credentials. You authorize this API request with the user's access token. To delete an attribute from your user, submit the attribute in your API request with a blank value. Custom attribute values in this request must include the custom: prefix.
Authorize this action with a signed-in user's access token. It must include the scope aws.cognito.signin.user.admin.
Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito user pools API and user pool endpoints.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Servicesservice, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.
If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Services service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.
Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.
If you don't provide a value for an attribute, Amazon Cognito sets it to its default value.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.
However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.
When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.
Learn more
The list of RecoveryOptionTypes.
The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.
" } }, - "documentation":"The data type for AccountRecoverySetting.
The settings for user message delivery in forgot-password operations. Contains preference for email or SMS message delivery of password reset codes, or for admin-only password reset.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "AccountTakeoverActionNotifyType":{"type":"boolean"}, "AccountTakeoverActionType":{ @@ -2150,32 +2355,32 @@ "members":{ "Notify":{ "shape":"AccountTakeoverActionNotifyType", - "documentation":"Flag specifying whether to send a notification.
" + "documentation":"Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
" }, "EventAction":{ "shape":"AccountTakeoverEventActionType", - "documentation":"The action to take in response to the account takeover action. Valid values are as follows:
BLOCK Choosing this action will block the request.
MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
NO_ACTION Allow the user to sign in.
The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:
BLOCK: Block the request.
MFA_IF_CONFIGURED: Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
MFA_REQUIRED: Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
NO_ACTION: Take no action. Permit sign-in.
Account takeover action type.
" + "documentation":"The automated response to a risk level for adaptive authentication in full-function, or ENFORCED, mode. You can assign an action to each risk level that advanced security features evaluates.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "AccountTakeoverActionsType":{ "type":"structure", "members":{ "LowAction":{ "shape":"AccountTakeoverActionType", - "documentation":"Action to take for a low risk.
" + "documentation":"The action that you assign to a low-risk assessment by advanced security features.
" }, "MediumAction":{ "shape":"AccountTakeoverActionType", - "documentation":"Action to take for a medium risk.
" + "documentation":"The action that you assign to a medium-risk assessment by advanced security features.
" }, "HighAction":{ "shape":"AccountTakeoverActionType", - "documentation":"Action to take for a high risk.
" + "documentation":"The action that you assign to a high-risk assessment by advanced security features.
" } }, - "documentation":"Account takeover actions type.
" + "documentation":"A list of account-takeover actions for each level of risk that Amazon Cognito might assess with advanced security features.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "AccountTakeoverEventActionType":{ "type":"string", @@ -2192,14 +2397,14 @@ "members":{ "NotifyConfiguration":{ "shape":"NotifyConfigurationType", - "documentation":"The notify configuration used to construct email notifications.
" + "documentation":"The settings for composing and sending an email message when advanced security features assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration, Amazon Cognito sends an email message using the method and template that you set with this data type.
Account takeover risk configuration actions.
" + "documentation":"A list of account-takeover actions for each level of risk that Amazon Cognito might assess with advanced security features.
" } }, - "documentation":"Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.
" + "documentation":"The settings for automated responses and notification templates for adaptive authentication with advanced security features.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "AddCustomAttributesRequest":{ "type":"structure", @@ -2280,18 +2485,18 @@ "members":{ "AllowAdminCreateUserOnly":{ "shape":"BooleanType", - "documentation":"Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.
The setting for allowing self-service sign-up. When true, only administrators can create new user profiles. When false, users can register themselves and create a new user profile with the SignUp operation.
The user account expiration limit, in days, after which a new account that hasn't signed in is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying \"RESEND\" for the MessageAction parameter. The default value for this parameter is 7.
If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that value will be used, and UnusedAccountValidityDays will be no longer be an available parameter for that user pool.
This parameter is no longer in use. Configure the duration of temporary passwords with the TemporaryPasswordValidityDays parameter of PasswordPolicyType. For older user pools that have a UnusedAccountValidityDays configuration, that value is effective until you set a value for TemporaryPasswordValidityDays.
The password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call AdminCreateUser again, specifying RESEND for the MessageAction parameter.
The default value for this parameter is 7.
" }, "InviteMessageTemplate":{ "shape":"MessageTemplateType", - "documentation":"The message template to be used for the welcome message to new users.
See also Customizing User Invitation Messages.
" + "documentation":"The template for the welcome message to new users. This template must include the {####} temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.
See also Customizing User Invitation Messages.
" } }, - "documentation":"The configuration for creating a new user profile.
" + "documentation":"The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "AdminCreateUserRequest":{ "type":"structure", @@ -2310,7 +2515,7 @@ }, "UserAttributes":{ "shape":"AttributeListType", - "documentation":"An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (when creating a user pool or in the Attributes tab of the console) either you should supply (in your call to AdminCreateUser) or the user should supply (when they sign up in response to your welcome message).
For custom attributes, you must prepend the custom: prefix to the attribute name.
To send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools.
In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. You can also do this by calling AdminUpdateUserAttributes.
email: The email address of the user to whom the message that contains the code and username will be sent. Required if the email_verified attribute is set to True, or if \"EMAIL\" is specified in the DesiredDeliveryMediums parameter.
phone_number: The phone number of the user to whom the message that contains the code and username will be sent. Required if the phone_number_verified attribute is set to True, or if \"SMS\" is specified in the DesiredDeliveryMediums parameter.
An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (when creating a user pool or in the Attributes tab of the console) either you should supply (in your call to AdminCreateUser) or the user should supply (when they sign up in response to your welcome message).
For custom attributes, you must prepend the custom: prefix to the attribute name.
To send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools.
You must also provide an email address or phone number when you expect the user to do passwordless sign-in with an email or SMS OTP. These attributes must be provided when passwordless options are the only available, or when you don't submit a TemporaryPassword.
In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. You can also do this by calling AdminUpdateUserAttributes.
email: The email address of the user to whom the message that contains the code and username will be sent. Required if the email_verified attribute is set to True, or if \"EMAIL\" is specified in the DesiredDeliveryMediums parameter.
phone_number: The phone number of the user to whom the message that contains the code and username will be sent. Required if the phone_number_verified attribute is set to True, or if \"SMS\" is specified in the DesiredDeliveryMediums parameter.
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.
The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page, along with a new password to be used in all future sign-ins.
This parameter isn't required. If you don't specify a value, Amazon Cognito generates one for you.
The temporary password can only be used until the user account expiration limit that you set for your user pool. To reset the account after that time limit, you must call AdminCreateUser again and specify RESEND for the MessageAction parameter.
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.
The exception to the requirement for a password is when your user pool supports passwordless sign-in with email or SMS OTPs. To create a user with no password, omit this parameter or submit a blank value. You can only create a passwordless user when passwordless sign-in is available. See the SignInPolicyType property of CreateUserPool and UpdateUserPool.
The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page, along with a new password to be used in all future sign-ins.
If you don't specify a value, Amazon Cognito generates one for you unless you have passwordless options active for your user pool.
The temporary password can only be used until the user account expiration limit that you set for your user pool. To reset the account after that time limit, you must call AdminCreateUser again and specify RESEND for the MessageAction parameter.
A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the pre sign-up trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
Represents the request to create a user in the specified user pool.
" + "documentation":"Creates a new user in the specified user pool.
" }, "AdminCreateUserResponse":{ "type":"structure", @@ -2607,15 +2812,15 @@ }, "AuthFlow":{ "shape":"AuthFlowType", - "documentation":"The authentication flow for this call to run. The API action will depend on this value. For example:
REFRESH_TOKEN_AUTH will take in a valid refresh token and return new tokens.
USER_SRP_AUTH will take in USERNAME and SRP_A and return the Secure Remote Password (SRP) protocol variables to be used for next challenge execution.
ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD and return the next challenge or tokens.
Valid values include:
USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
CUSTOM_AUTH: Custom authentication flow.
ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the USERNAME and PASSWORD directly if the flow is enabled for calling the app client.
ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication. This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow, Amazon Cognito receives the password in the request instead of using the SRP process to verify passwords.
The authentication flow that you want to initiate. The AuthParameters that you must submit are linked to the flow that you submit. For example:
USER_AUTH: Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response.
REFRESH_TOKEN_AUTH: Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value.
USER_SRP_AUTH: Receive secure remote password (SRP) variables for the next challenge, PASSWORD_VERIFIER, when you pass USERNAME and SRP_A parameters..
ADMIN_USER_PASSWORD_AUTH: Receive new tokens or the next challenge, for example SOFTWARE_TOKEN_MFA, when you pass USERNAME and PASSWORD parameters.
Valid values include the following:
The entry point for sign-in with passwords, one-time passwords, biometric devices, and security keys.
Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.
Provide a valid refresh token and receive new ID and access tokens. For more information, see Using the refresh token.
Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.
Username-password authentication with the password sent directly in the request. For more information, see Admin authentication flow.
USER_PASSWORD_AUTH is a flow type of InitiateAuth and isn't valid for AdminInitiateAuth.
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For ADMIN_USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_AUTH: USERNAME (required), PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For ADMIN_USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
Pre signup
Pre authentication
User migration
When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminInitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
Post authentication
Custom message
Pre token generation
Create auth challenge
Define auth challenge
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
Pre signup
Pre authentication
User migration
When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminInitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
Post authentication
Custom message
Pre token generation
Create auth challenge
Define auth challenge
Custom email sender
Custom SMS sender
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito advanced security evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.
" + }, + "Session":{ + "shape":"SessionType", + "documentation":"The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow.
Initiates the authorization request, as an administrator.
" @@ -2633,7 +2842,7 @@ "members":{ "ChallengeName":{ "shape":"ChallengeNameType", - "documentation":"The name of the challenge that you're responding to with this call. This is returned in the AdminInitiateAuth response if you must pass another challenge.
MFA_SETUP: If MFA is required, users who don't have at least one of the MFA methods set up are presented with an MFA_SETUP challenge. The user must set up at least one MFA type to continue to authenticate.
SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA for SMS message MFA, EMAIL_OTP for email message MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password (TOTP) software token MFA.
SMS_MFA: Next challenge is to supply an SMS_MFA_CODEthat your user pool delivered in an SMS message.
EMAIL_OTP: Next challenge is to supply an EMAIL_OTP_CODE that your user pool delivered in an email message.
PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
DEVICE_SRP_AUTH: If device tracking was activated in your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME and PASSWORD directly. An app client must be enabled to use this flow.
NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren't required by your user pool and that your app client can write. For more information, see AdminRespondToAuthChallenge.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In AdminRespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the AdminUpdateUserAttributes API operation to modify the value of any additional attributes.
MFA_SETUP: For users who are required to set up an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken, and use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, users will need help from an administrator to add a phone number to their account and then call InitiateAuth again to restart sign-in.
The name of the challenge that you're responding to with this call. This is returned in the AdminInitiateAuth response if you must pass another challenge.
WEB_AUTHN: Respond to the challenge with the results of a successful authentication with a passkey, or webauthN, factor. These are typically biometric devices or security keys.
PASSWORD: Respond with USER_PASSWORD_AUTH parameters: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
PASSWORD_SRP: Respond with USER_SRP_AUTH parameters: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
SELECT_CHALLENGE: Respond to the challenge with USERNAME and an ANSWER that matches one of the challenge types in the AvailableChallenges response parameter.
MFA_SETUP: If MFA is required, users who don't have at least one of the MFA methods set up are presented with an MFA_SETUP challenge. The user must set up at least one MFA type to continue to authenticate.
SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA for SMS message MFA, EMAIL_OTP for email message MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password (TOTP) software token MFA.
SMS_MFA: Next challenge is to supply an SMS_MFA_CODEthat your user pool delivered in an SMS message.
EMAIL_OTP: Next challenge is to supply an EMAIL_OTP_CODE that your user pool delivered in an email message.
PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
DEVICE_SRP_AUTH: If device tracking was activated in your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME and PASSWORD directly. An app client must be enabled to use this flow.
NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren't required by your user pool and that your app client can write. For more information, see AdminRespondToAuthChallenge.
Amazon Cognito only returns this challenge for users who have temporary passwords. Because of this, and because in some cases you can create users who don't have values for required attributes, take care to collect and submit required-attribute values for all users who don't have passwords. You can create a user in the Amazon Cognito console without, for example, a required birthdate attribute. The API response from Amazon Cognito won't prompt you to submit a birthdate for the user if they don't have a password.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In AdminRespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the AdminUpdateUserAttributes API operation to modify the value of any additional attributes.
MFA_SETUP: For users who are required to set up an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken, and use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, users will need help from an administrator to add a phone number to their account and then call InitiateAuth again to restart sign-in.
An external IdP account for a user who doesn't exist yet in the user pool. This user must be a federated user (for example, a SAML or Facebook user), not another native user.
If the SourceUser is using a federated social IdP, such as Facebook, Google, or Login with Amazon, you must set the ProviderAttributeName to Cognito_Subject. For social IdPs, the ProviderName will be Facebook, Google, or LoginWithAmazon, and Amazon Cognito will automatically parse the Facebook, Google, and Login with Amazon tokens for id, sub, and user_id, respectively. The ProviderAttributeValue for the user must be the same value as the id, sub, or user_id value found in the social IdP token.
For OIDC, the ProviderAttributeName can be any value that matches a claim in the ID token, or that your app retrieves from the userInfo endpoint. You must map the claim to a user pool attribute in your IdP configuration, and set the user pool attribute name as the value of ProviderAttributeName in your AdminLinkProviderForUser request.
For SAML, the ProviderAttributeName can be any value that matches a claim in the SAML assertion. To link SAML users based on the subject of the SAML assertion, map the subject to a claim through the SAML IdP and set that claim name as the value of ProviderAttributeName in your AdminLinkProviderForUser request.
For both OIDC and SAML users, when you set ProviderAttributeName to Cognito_Subject, Amazon Cognito will automatically parse the default unique identifier found in the subject from the IdP token.
An external IdP account for a user who doesn't exist yet in the user pool. This user must be a federated user (for example, a SAML or Facebook user), not another native user.
If the SourceUser is using a federated social IdP, such as Facebook, Google, or Login with Amazon, you must set the ProviderAttributeName to Cognito_Subject. For social IdPs, the ProviderName will be Facebook, Google, or LoginWithAmazon, and Amazon Cognito will automatically parse the Facebook, Google, and Login with Amazon tokens for id, sub, and user_id, respectively. The ProviderAttributeValue for the user must be the same value as the id, sub, or user_id value found in the social IdP token.
For OIDC, the ProviderAttributeName can be any mapped value from a claim in the ID token, or that your app retrieves from the userInfo endpoint. For SAML, the ProviderAttributeName can be any mapped value from a claim in the SAML assertion.
The following additional considerations apply to SourceUser for OIDC and SAML providers.
You must map the claim to a user pool attribute in your IdP configuration, and set the user pool attribute name as the value of ProviderAttributeName in your AdminLinkProviderForUser request. For example, email.
When you set ProviderAttributeName to Cognito_Subject, Amazon Cognito will automatically parse the default unique identifier found in the subject from the IdP token.
The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret.
\"ChallengeName\": \"SMS_MFA\", \"ChallengeResponses\": {\"SMS_MFA_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"EMAIL_OTP\", \"ChallengeResponses\": {\"EMAIL_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
\"ChallengeName\": \"PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"CUSTOM_CHALLENGE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[challenge_answer]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"NEW_PASSWORD_REQUIRED\", \"ChallengeResponses\": {\"NEW_PASSWORD\": \"[new_password]\", \"USERNAME\": \"[username]\"}
To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add \"userAttributes.[attribute_name]\": \"[attribute_value]\". This parameter can also set values for writable attributes that aren't required by your user pool.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
\"ChallengeName\": \"SOFTWARE_TOKEN_MFA\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"SOFTWARE_TOKEN_MFA_CODE\": [authenticator_code]}
\"ChallengeName\": \"DEVICE_SRP_AUTH\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"DEVICE_KEY\": \"[device_key]\", \"SRP_A\": \"[srp_a]\"}
\"ChallengeName\": \"DEVICE_PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"DEVICE_KEY\": \"[device_key]\", \"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"MFA_SETUP\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\"}, \"SESSION\": \"[Session ID from VerifySoftwareToken]\"
\"ChallengeName\": \"SELECT_MFA_TYPE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[SMS_MFA or SOFTWARE_TOKEN_MFA]\"}
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret. Include a DEVICE_KEY for device authentication.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"USERNAME\": \"[username]\", \"ANSWER\": \"[Challenge name]\"}
Available challenges are PASSWORD, PASSWORD_SRP, EMAIL_OTP, SMS_OTP, and WEB_AUTHN.
Complete authentication in the SELECT_CHALLENGE response for PASSWORD, PASSWORD_SRP, and WEB_AUTHN:
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"WEB_AUTHN\", \"USERNAME\": \"[username]\", \"CREDENTIAL\": \"[AuthenticationResponseJSON]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD\", \"USERNAME\": \"[username]\", \"PASSWORD\": \"[password]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD_SRP\", \"USERNAME\": \"[username]\", \"SRP_A\": \"[SRP_A]\"}
For SMS_OTP and EMAIL_OTP, respond with the username and answer. Your user pool will send a code for the user to submit in the next challenge response.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"SMS_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"EMAIL_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_OTP\", \"ChallengeResponses\": {\"SMS_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"EMAIL_OTP\", \"ChallengeResponses\": {\"EMAIL_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_MFA\", \"ChallengeResponses\": {\"SMS_MFA_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
\"ChallengeName\": \"PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"CUSTOM_CHALLENGE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[challenge_answer]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"NEW_PASSWORD_REQUIRED\", \"ChallengeResponses\": {\"NEW_PASSWORD\": \"[new_password]\", \"USERNAME\": \"[username]\"}
To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add \"userAttributes.[attribute_name]\": \"[attribute_value]\". This parameter can also set values for writable attributes that aren't required by your user pool.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
\"ChallengeName\": \"SOFTWARE_TOKEN_MFA\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"SOFTWARE_TOKEN_MFA_CODE\": [authenticator_code]}
\"ChallengeName\": \"DEVICE_SRP_AUTH\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"DEVICE_KEY\": \"[device_key]\", \"SRP_A\": \"[srp_a]\"}
\"ChallengeName\": \"DEVICE_PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"DEVICE_KEY\": \"[device_key]\", \"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"MFA_SETUP\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\"}, \"SESSION\": \"[Session ID from VerifySoftwareToken]\"
\"ChallengeName\": \"SELECT_MFA_TYPE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[SMS_MFA or SOFTWARE_TOKEN_MFA]\"}
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
An array of name-value pairs representing user attributes.
For custom attributes, you must prepend the custom: prefix to the attribute name.
If your user pool requires verification before Amazon Cognito updates an attribute value that you specify in this request, Amazon Cognito doesn’t immediately update the value of that attribute. After your user receives and responds to a verification message to verify the new value, Amazon Cognito updates the attribute value. Your user can sign in and receive messages with the original attribute value until they verify the new value.
To update the value of an attribute that requires verification in the same API request, include the email_verified or phone_number_verified attribute, with a value of true. If you set the email_verified or phone_number_verified value for an email or phone_number attribute that requires verification to true, Amazon Cognito doesn’t send a verification message to your user.
An array of name-value pairs representing user attributes.
For custom attributes, you must prepend the custom: prefix to the attribute name.
If your user pool requires verification before Amazon Cognito updates an attribute value that you specify in this request, Amazon Cognito doesn’t immediately update the value of that attribute. After your user receives and responds to a verification message to verify the new value, Amazon Cognito updates the attribute value. Your user can sign in and receive messages with the original attribute value until they verify the new value.
To skip the verification message and update the value of an attribute that requires verification in the same API request, include the email_verified or phone_number_verified attribute, with a value of true. If you set the email_verified or phone_number_verified value for an email or phone_number attribute that requires verification to true, Amazon Cognito doesn’t send a verification message to your user.
This exception is thrown when a user tries to confirm the account with an email address or phone number that has already been supplied as an alias for a different user profile. This exception indicates that an account with this email address or phone already exists in a user pool that you've configured to use email address or phone number as a sign-in alias.
", "exception":true }, + "AllowedFirstAuthFactorsListType":{ + "type":"list", + "member":{"shape":"AuthFactorType"}, + "max":4, + "min":1 + }, "AnalyticsConfigurationType":{ "type":"structure", "members":{ "ApplicationId":{ "shape":"HexStringType", - "documentation":"The application ID for an Amazon Pinpoint application.
" + "documentation":"Your Amazon Pinpoint project ID.
" }, "ApplicationArn":{ "shape":"ArnType", - "documentation":"The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project to integrate with the chosen user pool Client. Amazon Cognito publishes events to the Amazon Pinpoint project that the app ARN declares.
" + "documentation":"The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that ApplicationArn declares. You can also configure your application to pass an endpoint ID in the AnalyticsMetadata parameter of sign-in operations. The endpoint ID is information about the destination for push notifications
The ARN of an Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.
" + "documentation":"The ARN of an Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics.
" }, "ExternalId":{ "shape":"StringType", - "documentation":"The external ID.
" + "documentation":"The external ID of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint.
" }, "UserDataShared":{ "shape":"BooleanType", "documentation":"If UserDataShared is true, Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.
The Amazon Pinpoint analytics configuration necessary to collect metrics for a user pool.
In Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.
The settings for Amazon Pinpoint analytics configuration. With an analytics configuration, your application can collect user-activity metrics for user notifications with a Amazon Pinpoint campaign.
Amazon Pinpoint isn't available in all Amazon Web Services Regions. For a list of available Regions, see Amazon Cognito and Amazon Pinpoint Region availability.
This data type is a request parameter of CreateUserPoolClient and UpdateUserPoolClient, and a response parameter of DescribeUserPoolClient.
" }, "AnalyticsMetadataType":{ "type":"structure", "members":{ "AnalyticsEndpointId":{ "shape":"StringType", - "documentation":"The endpoint ID.
" + "documentation":"The endpoint ID. Information that you want to pass to Amazon Pinpoint about where to send notifications.
" } }, - "documentation":"An Amazon Pinpoint analytics endpoint.
An endpoint uniquely identifies a mobile device, email address, or phone number that can receive messages from Amazon Pinpoint analytics. For more information about Amazon Web Services Regions that can contain Amazon Pinpoint resources for use with Amazon Cognito user pools, see Using Amazon Pinpoint analytics with Amazon Cognito user pools.
" + "documentation":"Information that your application adds to authentication requests. Applies an endpoint ID to the analytics data that your user pool sends to Amazon Pinpoint.
An endpoint ID uniquely identifies a mobile device, email address or phone number that can receive messages from Amazon Pinpoint analytics. For more information about Amazon Web Services Regions that can contain Amazon Pinpoint resources for use with Amazon Cognito user pools, see Using Amazon Pinpoint analytics with Amazon Cognito user pools.
This data type is a request parameter of authentication operations like InitiateAuth, AdminInitiateAuth, RespondToAuthChallenge, and AdminRespondToAuthChallenge.
" }, "ArnType":{ "type":"string", @@ -3214,6 +3429,77 @@ "min":20, "pattern":"arn:[\\w+=/,.@-]+:[\\w+=/,.@-]+:([\\w+=/,.@-]*)?:[0-9]+:[\\w+=/,.@-]+(:[\\w+=/,.@-]+)?(:[\\w+=/,.@-]+)?" }, + "AssetBytesType":{ + "type":"blob", + "max":1000000 + }, + "AssetCategoryType":{ + "type":"string", + "enum":[ + "FAVICON_ICO", + "FAVICON_SVG", + "EMAIL_GRAPHIC", + "SMS_GRAPHIC", + "AUTH_APP_GRAPHIC", + "PASSWORD_GRAPHIC", + "PASSKEY_GRAPHIC", + "PAGE_HEADER_LOGO", + "PAGE_HEADER_BACKGROUND", + "PAGE_FOOTER_LOGO", + "PAGE_FOOTER_BACKGROUND", + "PAGE_BACKGROUND", + "FORM_BACKGROUND", + "FORM_LOGO", + "IDP_BUTTON_ICON" + ] + }, + "AssetExtensionType":{ + "type":"string", + "enum":[ + "ICO", + "JPEG", + "PNG", + "SVG", + "WEBP" + ] + }, + "AssetListType":{ + "type":"list", + "member":{"shape":"AssetType"}, + "max":40, + "min":0 + }, + "AssetType":{ + "type":"structure", + "required":[ + "Category", + "ColorMode", + "Extension" + ], + "members":{ + "Category":{ + "shape":"AssetCategoryType", + "documentation":"The category that the image corresponds to in your managed login configuration. Managed login has asset categories for different types of logos, backgrounds, and icons.
" + }, + "ColorMode":{ + "shape":"ColorSchemeModeType", + "documentation":"The display-mode target of the asset: light, dark, or browser-adaptive. For example, Amazon Cognito displays a dark-mode image only when the browser or application is in dark mode, but displays a browser-adaptive file in all contexts.
" + }, + "Extension":{ + "shape":"AssetExtensionType", + "documentation":"The file type of the image file.
" + }, + "Bytes":{ + "shape":"AssetBytesType", + "documentation":"The image file, in Base64-encoded binary.
" + }, + "ResourceId":{ + "shape":"ResourceIdType", + "documentation":"The ID of the asset.
" + } + }, + "documentation":"An image file from a managed login branding style in a user pool.
This data type is a request parameter of CreateManagedLoginBranding and UpdateManagedLoginBranding, and a response parameter of DescribeManagedLoginBranding.
" + }, "AssociateSoftwareTokenRequest":{ "type":"structure", "members":{ @@ -3286,7 +3572,7 @@ "documentation":"The value of the attribute.
" } }, - "documentation":"Specifies whether the attribute is standard or custom.
" + "documentation":"The name and value of a user attribute.
This data type is a request parameter of AdminUpdateUserAttributes and UpdateUserAttributes.
" }, "AttributeValueType":{ "type":"string", @@ -3306,7 +3592,7 @@ }, "EventType":{ "shape":"EventType", - "documentation":"The event type.
" + "documentation":"The type of authentication event.
" }, "CreationDate":{ "shape":"DateType", @@ -3318,11 +3604,11 @@ }, "EventRisk":{ "shape":"EventRiskType", - "documentation":"The event risk.
" + "documentation":"The threat evaluation from your user pool about an event. Contains information about whether your user pool detected compromised credentials, whether the event triggered an automated response, and the level of risk.
" }, "ChallengeResponses":{ "shape":"ChallengeResponseListType", - "documentation":"The challenge responses.
" + "documentation":"A list of the challenges that the user was requested to answer, for example Password, and the result, for example Success.
A flag specifying the user feedback captured at the time of an event request is good or bad.
" + "documentation":"The UpdateAuthEventFeedback or AdminUpdateAuthEventFeedback feedback that you or your user provided in response to the event. A value of Valid indicates that you disagreed with the level of risk that your user pool assigned, and evaluated a session to be valid, or likely safe. A value of Invalid indicates that you agreed with the user pool risk level and evaluated a session to be invalid, or likely malicious.
The authentication event type.
" + "documentation":"One authentication event that Amazon Cognito logged in a user pool with advanced security features active. Contains user and device metadata and a risk assessment from your user pool.
This data type is a request parameter of AdminListUserAuthEvents.
" }, "AuthEventsType":{ "type":"list", "member":{"shape":"AuthEventType"} }, + "AuthFactorType":{ + "type":"string", + "enum":[ + "PASSWORD", + "EMAIL_OTP", + "SMS_OTP", + "WEB_AUTHN" + ] + }, "AuthFlowType":{ "type":"string", "enum":[ @@ -3348,7 +3643,8 @@ "CUSTOM_AUTH", "ADMIN_NO_SRP_AUTH", "USER_PASSWORD_AUTH", - "ADMIN_USER_PASSWORD_AUTH" + "ADMIN_USER_PASSWORD_AUTH", + "USER_AUTH" ] }, "AuthParametersType":{ @@ -3367,7 +3663,7 @@ "members":{ "AccessToken":{ "shape":"TokenModelType", - "documentation":"A valid access token that Amazon Cognito issued to the user who you want to authenticate.
" + "documentation":"Your user's access token.
" }, "ExpiresIn":{ "shape":"IntegerType", @@ -3375,22 +3671,26 @@ }, "TokenType":{ "shape":"StringType", - "documentation":"The token type.
" + "documentation":"The intended use of the token, for example Bearer.
The refresh token.
" + "documentation":"Your user's refresh token.
" }, "IdToken":{ "shape":"TokenModelType", - "documentation":"The ID token.
" + "documentation":"Your user's ID token.
" }, "NewDeviceMetadata":{ "shape":"NewDeviceMetadataType", "documentation":"The new device metadata from an authentication result.
" } }, - "documentation":"The authentication result.
" + "documentation":"The object that your application receives after authentication. Contains tokens and information for device authentication.
This data type is a response parameter of authentication operations like InitiateAuth, AdminInitiateAuth, RespondToAuthChallenge, and AdminRespondToAuthChallenge.
" + }, + "AvailableChallengeListType":{ + "type":"list", + "member":{"shape":"ChallengeNameType"} }, "BlockedIPRangeListType":{ "type":"list", @@ -3427,10 +3727,15 @@ "MFA_SETUP", "PASSWORD_VERIFIER", "CUSTOM_CHALLENGE", + "SELECT_CHALLENGE", "DEVICE_SRP_AUTH", "DEVICE_PASSWORD_VERIFIER", "ADMIN_NO_SRP_AUTH", - "NEW_PASSWORD_REQUIRED" + "NEW_PASSWORD_REQUIRED", + "SMS_OTP", + "PASSWORD", + "WEB_AUTHN", + "PASSWORD_SRP" ] }, "ChallengeParametersType":{ @@ -3454,14 +3759,14 @@ "members":{ "ChallengeName":{ "shape":"ChallengeName", - "documentation":"The challenge name.
" + "documentation":"The type of challenge that your previous authentication request returned in the parameter ChallengeName, for example SMS_MFA.
The challenge response.
" + "documentation":"The set of key-value pairs that provides a response to the requested challenge.
" } }, - "documentation":"The challenge response type.
" + "documentation":"The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret. Include a DEVICE_KEY for device authentication.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"USERNAME\": \"[username]\", \"ANSWER\": \"[Challenge name]\"}
Available challenges are PASSWORD, PASSWORD_SRP, EMAIL_OTP, SMS_OTP, and WEB_AUTHN.
Complete authentication in the SELECT_CHALLENGE response for PASSWORD, PASSWORD_SRP, and WEB_AUTHN:
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"WEB_AUTHN\", \"USERNAME\": \"[username]\", \"CREDENTIAL\": \"[AuthenticationResponseJSON]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD\", \"USERNAME\": \"[username]\", \"PASSWORD\": \"[password]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD_SRP\", \"USERNAME\": \"[username]\", \"SRP_A\": \"[SRP_A]\"}
For SMS_OTP and EMAIL_OTP, respond with the username and answer. Your user pool will send a code for the user to submit in the next challenge response.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"SMS_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"EMAIL_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_OTP\", \"ChallengeResponses\": {\"SMS_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"EMAIL_OTP\", \"ChallengeResponses\": {\"EMAIL_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_MFA\", \"ChallengeResponses\": {\"SMS_MFA_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
\"ChallengeName\": \"PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"CUSTOM_CHALLENGE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[challenge_answer]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"NEW_PASSWORD_REQUIRED\", \"ChallengeResponses\": {\"NEW_PASSWORD\": \"[new_password]\", \"USERNAME\": \"[username]\"}
To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add \"userAttributes.[attribute_name]\": \"[attribute_value]\". This parameter can also set values for writable attributes that aren't required by your user pool.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
\"ChallengeName\": \"SOFTWARE_TOKEN_MFA\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"SOFTWARE_TOKEN_MFA_CODE\": [authenticator_code]}
\"ChallengeName\": \"DEVICE_SRP_AUTH\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"DEVICE_KEY\": \"[device_key]\", \"SRP_A\": \"[srp_a]\"}
\"ChallengeName\": \"DEVICE_PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"DEVICE_KEY\": \"[device_key]\", \"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"MFA_SETUP\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\"}, \"SESSION\": \"[Session ID from VerifySoftwareToken]\"
\"ChallengeName\": \"SELECT_MFA_TYPE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[SMS_MFA or SOFTWARE_TOKEN_MFA]\"}
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
This data type is a request parameter of RespondToAuthChallenge and AdminRespondToAuthChallenge.
" }, "ChallengeResponsesType":{ "type":"map", @@ -3472,14 +3777,13 @@ "ChangePasswordRequest":{ "type":"structure", "required":[ - "PreviousPassword", "ProposedPassword", "AccessToken" ], "members":{ "PreviousPassword":{ "shape":"PasswordType", - "documentation":"The old password.
" + "documentation":"The user's previous password. Required if the user has a password. If the user has no password and only signs in with passwordless authentication options, you can omit this parameter.
" }, "ProposedPassword":{ "shape":"PasswordType", @@ -3540,7 +3844,7 @@ "documentation":"The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with Key Management Service and must be in the same Amazon Web Services account as your user pool.
To send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.
Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.
" + "documentation":"Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.
This data type is a request parameter of SetLogDeliveryConfiguration and a response parameter of GetLogDeliveryConfiguration.
" }, "CodeDeliveryDetailsListType":{ "type":"list", @@ -3562,7 +3866,7 @@ "documentation":"The name of the attribute that Amazon Cognito verifies with the code.
" } }, - "documentation":"The delivery details for an email or SMS message that Amazon Cognito sent for authentication or verification.
" + "documentation":"The delivery details for an email or SMS message that Amazon Cognito sent for authentication or verification.
This data type is a response parameter of operations that send a code for user profile confirmation, verification, or management, for example ForgotPassword and SignUp.
" }, "CodeDeliveryFailureException":{ "type":"structure", @@ -3586,6 +3890,36 @@ "documentation":"This exception is thrown if the provided code doesn't match what the server was expecting.
", "exception":true }, + "ColorSchemeModeType":{ + "type":"string", + "enum":[ + "LIGHT", + "DARK", + "DYNAMIC" + ] + }, + "CompleteWebAuthnRegistrationRequest":{ + "type":"structure", + "required":[ + "AccessToken", + "Credential" + ], + "members":{ + "AccessToken":{ + "shape":"TokenModelType", + "documentation":"A valid access token that Amazon Cognito issued to the user whose passkey registration you want to verify.
" + }, + "Credential":{ + "shape":"Document", + "documentation":"A RegistrationResponseJSON public-key credential response from the user's passkey provider.
" + } + } + }, + "CompleteWebAuthnRegistrationResponse":{ + "type":"structure", + "members":{ + } + }, "CompletionMessageType":{ "type":"string", "max":128, @@ -3598,10 +3932,10 @@ "members":{ "EventAction":{ "shape":"CompromisedCredentialsEventActionType", - "documentation":"The event action.
" + "documentation":"The action that Amazon Cognito takes when it detects compromised credentials.
" } }, - "documentation":"The compromised credentials actions type.
" + "documentation":"Settings for user pool actions when Amazon Cognito detects compromised credentials with advanced security features in full-function ENFORCED mode.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "CompromisedCredentialsEventActionType":{ "type":"string", @@ -3616,14 +3950,14 @@ "members":{ "EventFilter":{ "shape":"EventFiltersType", - "documentation":"Perform the action for these events. The default is to perform all events if no event filter is specified.
" + "documentation":"Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
" }, "Actions":{ "shape":"CompromisedCredentialsActionsType", - "documentation":"The compromised credentials risk configuration actions.
" + "documentation":"Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
" } }, - "documentation":"The compromised credentials risk configuration type.
" + "documentation":"Settings for compromised-credentials actions and authentication-event sources with advanced security features in full-function ENFORCED mode.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "ConcurrentModificationException":{ "type":"structure", @@ -3636,6 +3970,12 @@ "documentation":"This exception is thrown if two or more modifications are happening concurrently.
", "exception":true }, + "ConfiguredUserAuthFactorsListType":{ + "type":"list", + "member":{"shape":"AuthFactorType"}, + "max":8, + "min":0 + }, "ConfirmDeviceRequest":{ "type":"structure", "required":[ @@ -3761,6 +4101,10 @@ "ClientMetadata":{ "shape":"ClientMetadataType", "documentation":"A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ConfirmSignUp API action, Amazon Cognito invokes the function that is assigned to the post confirmation trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your ConfirmSignUp request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
The optional session ID from a SignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow.
Represents the request to confirm registration of a user.
" @@ -3768,6 +4112,10 @@ "ConfirmSignUpResponse":{ "type":"structure", "members":{ + "Session":{ + "shape":"SessionType", + "documentation":"You can automatically sign users in with the one-time password that they provided in a successful ConfirmSignUp request. To do this, pass the Session parameter from the ConfirmSignUp response in the Session parameter of an InitiateAuth or AdminInitiateAuth request.
Represents the response from the server for the registration confirmation.
" }, @@ -3792,22 +4140,22 @@ }, "ServerName":{ "shape":"StringType", - "documentation":"Your server endpoint where this API is invoked.
" + "documentation":"The name of your application's service endpoint.
" }, "ServerPath":{ "shape":"StringType", - "documentation":"Your server path where this API is invoked.
" + "documentation":"The path of your application's service endpoint.
" }, "HttpHeaders":{ "shape":"HttpHeaderList", - "documentation":"HttpHeaders received on your server in same order.
" + "documentation":"The HTTP headers from your user's authentication request.
" }, "EncodedData":{ "shape":"StringType", "documentation":"Encoded device-fingerprint details that your app collected with the Amazon Cognito context data collection library. For more information, see Adding user device and session data to API requests.
" } }, - "documentation":"Contextual user data type used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" + "documentation":"Contextual user data used for evaluating the risk of an authentication event by user pool threat protection.
This data type is a request parameter of server-side authentication operations like AdminInitiateAuth and AdminRespondToAuthChallenge.
" }, "CreateGroupRequest":{ "type":"structure", @@ -3892,6 +4240,44 @@ } } }, + "CreateManagedLoginBrandingRequest":{ + "type":"structure", + "required":[ + "UserPoolId", + "ClientId" + ], + "members":{ + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The ID of the user pool where you want to create a new branding style.
" + }, + "ClientId":{ + "shape":"ClientIdType", + "documentation":"The app client that you want to create the branding style for. Each style is permanently linked to an app client. To change the style for an app client, delete the existing style with DeleteManagedLoginBranding and create a new one.
" + }, + "UseCognitoProvidedValues":{ + "shape":"BooleanType", + "documentation":"When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding designer.
When you specify true for this option, you must also omit values for Settings and Assets in the request.
A JSON file, encoded as a Document type, with the the settings that you want to apply to your style.
An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.
" + } + } + }, + "CreateManagedLoginBrandingResponse":{ + "type":"structure", + "members":{ + "ManagedLoginBranding":{ + "shape":"ManagedLoginBrandingType", + "documentation":"The details of the branding style that you created.
" + } + } + }, "CreateResourceServerRequest":{ "type":"structure", "required":[ @@ -4006,11 +4392,11 @@ }, "ExplicitAuthFlows":{ "shape":"ExplicitAuthFlowsListType", - "documentation":"The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other ExplicitAuthFlows permitting them. For example users can complete an SRP challenge through USER_AUTH without the flow USER_SRP_AUTH being active for the app client. This flow doesn't include CUSTOM_AUTH.
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
This setting applies to providers that you can access with the hosted UI and OAuth 2.0 authorization server. The removal of COGNITO from this list doesn't prevent authentication operations for local users with the user pools API in an Amazon Web Services SDK. The only way to prevent API-based authentication is to block access with a WAF rule.
Activates the propagation of additional user context data. For more information about propagation of user context data, see Adding advanced security to a user pool. If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate EnablePropagateAdditionalUserContextData in an app client that has a client secret.
Activates the propagation of additional user context data. For more information about propagation of user context data, see Adding advanced security to a user pool. If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate EnablePropagateAdditionalUserContextData in an app client that has a client secret.
The user pool ID.
" + "documentation":"The ID of the user pool where you want to add a domain.
" + }, + "ManagedLoginVersion":{ + "shape":"WrappedIntegerType", + "documentation":"The version of managed login branding that you want to apply to your domain. A value of 1 indicates hosted UI (classic) branding and a version of 2 indicates managed login branding.
Managed login requires that your user pool be configured for any feature plan other than Lite.
The version of managed login branding applied your domain. A value of 1 indicates hosted UI (classic) branding and a version of 2 indicates managed login branding.
The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. Amazon Cognito returns this value if you set a custom domain with CustomDomainConfig. If you set an Amazon Cognito prefix domain, this operation returns a blank response.
The Lambda trigger configuration information for the new user pool.
In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.
For more information on using the Lambda API to add permission, see AddPermission .
For adding permission using the CLI, see add-permission .
A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.
" }, "AutoVerifiedAttributes":{ "shape":"VerifiedAttributesListType", @@ -4145,7 +4539,7 @@ }, "VerificationMessageTemplate":{ "shape":"VerificationMessageTemplateType", - "documentation":"The template for the verification message that the user sees when the app requests permission to access the user's information.
" + "documentation":"The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
Set the email message type that corresponds to your DefaultEmailOption selection. For CONFIRM_WITH_LINK, specify an EmailMessageByLink and leave EmailMessage blank. For CONFIRM_WITH_CODE, specify an EmailMessage and leave EmailMessageByLink blank. When you supply both parameters with either choice, Amazon Cognito returns an error.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.
The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.
Represents the request to create a user pool.
" @@ -4229,7 +4627,7 @@ "documentation":"The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
" } }, - "documentation":"The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
" + "documentation":"The configuration for a hosted UI custom domain.
This data type is a request parameter of CreateUserPoolDomain and UpdateUserPoolDomain.
" }, "CustomEmailLambdaVersionConfigType":{ "type":"structure", @@ -4247,7 +4645,7 @@ "documentation":"The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
" } }, - "documentation":"The properties of a custom email sender Lambda trigger.
" + "documentation":"The properties of a custom email sender Lambda trigger.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "CustomEmailSenderLambdaVersionType":{ "type":"string", @@ -4269,7 +4667,7 @@ "documentation":"The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
" } }, - "documentation":"The properties of a custom SMS sender Lambda trigger.
" + "documentation":"The properties of a custom SMS sender Lambda trigger.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "CustomSMSSenderLambdaVersionType":{ "type":"string", @@ -4317,6 +4715,23 @@ } } }, + "DeleteManagedLoginBrandingRequest":{ + "type":"structure", + "required":[ + "ManagedLoginBrandingId", + "UserPoolId" + ], + "members":{ + "ManagedLoginBrandingId":{ + "shape":"ManagedLoginBrandingIdType", + "documentation":"The ID of the managed login branding style that you want to delete.
" + }, + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The ID of the user pool that contains the managed login branding style that you want to delete.
" + } + } + }, "DeleteResourceServerRequest":{ "type":"structure", "required":[ @@ -4420,13 +4835,35 @@ }, "documentation":"Represents the request to delete a user.
" }, - "DeletionProtectionType":{ - "type":"string", - "enum":[ - "ACTIVE", - "INACTIVE" - ] - }, + "DeleteWebAuthnCredentialRequest":{ + "type":"structure", + "required":[ + "AccessToken", + "CredentialId" + ], + "members":{ + "AccessToken":{ + "shape":"TokenModelType", + "documentation":"A valid access token that Amazon Cognito issued to the user whose passkey you want to delete.
" + }, + "CredentialId":{ + "shape":"StringType", + "documentation":"The unique identifier of the passkey that you want to delete. Look up registered devices with ListWebAuthnCredentials.
" + } + } + }, + "DeleteWebAuthnCredentialResponse":{ + "type":"structure", + "members":{ + } + }, + "DeletionProtectionType":{ + "type":"string", + "enum":[ + "ACTIVE", + "INACTIVE" + ] + }, "DeliveryMediumListType":{ "type":"list", "member":{"shape":"DeliveryMediumType"} @@ -4465,6 +4902,66 @@ } } }, + "DescribeManagedLoginBrandingByClientRequest":{ + "type":"structure", + "required":[ + "UserPoolId", + "ClientId" + ], + "members":{ + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The ID of the user pool that contains the app client where you want more information about the managed login branding style.
" + }, + "ClientId":{ + "shape":"ClientIdType", + "documentation":"The app client that's assigned to the branding style that you want more information about.
" + }, + "ReturnMergedResources":{ + "shape":"BooleanType", + "documentation":"When true, returns values for branding options that are unchanged from Amazon Cognito defaults. When false or when you omit this parameter, returns only values that you customized in your branding style.
The details of the requested branding style.
" + } + } + }, + "DescribeManagedLoginBrandingRequest":{ + "type":"structure", + "required":[ + "UserPoolId", + "ManagedLoginBrandingId" + ], + "members":{ + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The ID of the user pool that contains the managed login branding style that you want to get information about.
" + }, + "ManagedLoginBrandingId":{ + "shape":"ManagedLoginBrandingIdType", + "documentation":"The ID of the managed login branding style that you want to get more information about.
" + }, + "ReturnMergedResources":{ + "shape":"BooleanType", + "documentation":"When true, returns values for branding options that are unchanged from Amazon Cognito defaults. When false or when you omit this parameter, returns only values that you customized in your branding style.
The details of the requested branding style.
" + } + } + }, "DescribeResourceServerRequest":{ "type":"structure", "required":[ @@ -4628,7 +5125,7 @@ "documentation":"When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a ConfirmDevice API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an UpdateDeviceStatus API request.
When DeviceOnlyRememberedOnUserPrompt is false, Amazon Cognito immediately remembers devices that you register in a ConfirmDevice API request.
The device-remembering configuration for a user pool. A DescribeUserPool request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a ConfirmDevice API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt is true, you must follow ConfirmDevice with an UpdateDeviceStatus API request that sets the user's device to remembered or not_remembered.
To sign in with a remembered device, include DEVICE_KEY in the authentication parameters in your user's InitiateAuth request. If your app doesn't include a DEVICE_KEY parameter, the response from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY values under NewDeviceMetadata. Store these values to use in future device-authentication requests.
When you provide a value for any property of DeviceConfiguration, you activate the device remembering for the user pool.
The device-remembering configuration for a user pool. A DescribeUserPool request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a ConfirmDevice API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt is true, you must follow ConfirmDevice with an UpdateDeviceStatus API request that sets the user's device to remembered or not_remembered.
To sign in with a remembered device, include DEVICE_KEY in the authentication parameters in your user's InitiateAuth request. If your app doesn't include a DEVICE_KEY parameter, the response from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY values under NewDeviceMetadata. Store these values to use in future device-authentication requests.
When you provide a value for any property of DeviceConfiguration, you activate the device remembering for the user pool.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
The password verifier.
" + "documentation":"A password verifier for a user's device. Used in SRP authentication.
" }, "Salt":{ "shape":"StringType", - "documentation":"The salt
" + "documentation":"The salt that you want to use in SRP authentication with the user's device.
" } }, - "documentation":"The device verifier against which it is authenticated.
" + "documentation":"A Secure Remote Password (SRP) value that your application generates when you register a user's device. For more information, see Getting a device key.
This data type is a request parameter of ConfirmDevice.
" }, "DeviceType":{ "type":"structure", "members":{ "DeviceKey":{ "shape":"DeviceKeyType", - "documentation":"The device key.
" + "documentation":"The device key, for example us-west-2_EXAMPLE-a1b2c3d4-5678-90ab-cdef-EXAMPLE22222.
The device attributes.
" + "documentation":"Metadata about a user's device, like name and last-access source IP.
" }, "DeviceCreateDate":{ "shape":"DateType", - "documentation":"The creation date of the device.
" + "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The date when the device was last authenticated.
" + "documentation":"The date when the user last signed in with the device.
" } }, - "documentation":"The device type.
" + "documentation":"Information about a user's device that they've registered for device SRP authentication in your application. For more information, see Working with user devices in your user pool.
The data type is a response parameter of AdminGetDevice, AdminListDevices, and GetDevice.
" + }, + "Document":{ + "type":"structure", + "members":{ + }, + "document":true }, "DomainDescriptionType":{ "type":"structure", "members":{ "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID.
" + "documentation":"The ID of the user pool that the domain is attached to.
" }, "AWSAccountId":{ "shape":"AWSAccountIdType", - "documentation":"The Amazon Web Services ID for the user pool owner.
" + "documentation":"The Amazon Web Services account that you created the user pool in.
" }, "Domain":{ "shape":"DomainType", @@ -4713,7 +5216,7 @@ }, "CloudFrontDistribution":{ "shape":"StringType", - "documentation":"The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.
" + "documentation":"The Amazon CloudFront endpoint that hosts your custom domain.
" }, "Version":{ "shape":"DomainVersionType", @@ -4726,9 +5229,13 @@ "CustomDomainConfig":{ "shape":"CustomDomainConfigType", "documentation":"The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
" + }, + "ManagedLoginVersion":{ + "shape":"WrappedIntegerType", + "documentation":"The version of managed login branding that you want to apply to your domain. A value of 1 indicates hosted UI (classic) branding and a version of 2 indicates managed login branding.
Managed login requires that your user pool be configured for any feature plan other than Lite.
A container for information about a domain.
" + "documentation":"A container for information about the user pool domain associated with the hosted UI and OAuth endpoints.
This data type is a response parameter of DescribeUserPoolDomain.
" }, "DomainStatusType":{ "type":"string", @@ -4787,7 +5294,13 @@ "documentation":"The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:
Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other Amazon Web Services services such as and Amazon CloudWatch
When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.
The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.
Amazon Cognito can send email messages with Amazon Simple Email Service resources in the Amazon Web Services Region where you created your user pool, and in alternate Regions in some cases. For more information on the supported Regions, see Email settings for Amazon Cognito user pools.
The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.
Amazon Cognito can send email messages with Amazon Simple Email Service resources in the Amazon Web Services Region where you created your user pool, and in alternate Regions in some cases. For more information on the supported Regions, see Email settings for Amazon Cognito user pools.
This data type is a request parameter of CreateUserPool, UpdateUserPool, and SetUserPoolMfaConfig, and a response parameter of CreateUserPool, UpdateUserPool, and GetUserPoolMfaConfig.
" + }, + "EmailInviteMessageType":{ + "type":"string", + "max":20000, + "min":6, + "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}\\s*]*" }, "EmailMfaConfigType":{ "type":"structure", @@ -4801,7 +5314,7 @@ "documentation":"The subject of the email message that your user pool sends to users with an MFA code.
" } }, - "documentation":"Sets or shows user pool email message configuration for MFA. Includes the subject and body of the email message template for MFA messages. To activate this setting, advanced security features must be active in your user pool.
" + "documentation":"Sets or shows user pool email message configuration for MFA. Includes the subject and body of the email message template for MFA messages. To activate this setting, advanced security features must be active in your user pool.
This data type is a request parameter of SetUserPoolMfaConfig and a response parameter of GetUserPoolMfaConfig.
" }, "EmailMfaMessageType":{ "type":"string", @@ -4821,7 +5334,7 @@ "documentation":"Specifies whether email message MFA is the user's preferred method.
" } }, - "documentation":"User preferences for multi-factor authentication with email messages. Activates or deactivates email MFA and sets it as the preferred MFA method when multiple methods are available. To activate this setting, advanced security features must be active in your user pool.
" + "documentation":"User preferences for multi-factor authentication with email messages. Activates or deactivates email MFA and sets it as the preferred MFA method when multiple methods are available. To activate this setting, advanced security features must be active in your user pool.
This data type is a request parameter of SetUserMFAPreference and AdminSetUserMFAPreference.
" }, "EmailMfaSubjectType":{ "type":"string", @@ -4902,7 +5415,7 @@ "documentation":"The user's country.
" } }, - "documentation":"Specifies the user context data captured at the time of an event request.
" + "documentation":"The context data that your application submitted in an authentication request with advanced security features, as displayed in an AdminListUserAuthEvents response.
" }, "EventFeedbackType":{ "type":"structure", @@ -4917,14 +5430,14 @@ }, "Provider":{ "shape":"StringType", - "documentation":"The provider.
" + "documentation":"The submitter of the event feedback. For example, if you submit event feedback in the Amazon Cognito console, this value is Admin.
The event feedback date.
" + "documentation":"The date that you or your user submitted the feedback.
" } }, - "documentation":"Specifies the event feedback type.
" + "documentation":"The feedback that your application submitted to an advanced security features event log, as displayed in an AdminListUserAuthEvents response.
" }, "EventFilterType":{ "type":"string", @@ -4957,18 +5470,18 @@ "members":{ "RiskDecision":{ "shape":"RiskDecisionType", - "documentation":"The risk decision.
" + "documentation":"The action taken by adaptive authentication. If NoRisk, your user pool took no action. If AccountTakeover, your user pool applied the adaptive authentication automated response that you configured. If Block, your user pool prevented the attempt.
The risk level.
" + "documentation":"The risk level that adaptive authentication assessed for the authentication event.
" }, "CompromisedCredentialsDetected":{ "shape":"WrappedBooleanType", "documentation":"Indicates whether compromised credentials were detected during an authentication event.
" } }, - "documentation":"The event risk type.
" + "documentation":"The risk evaluation by adaptive authentication, as displayed in an AdminListUserAuthEvents response. Contains evaluations of compromised-credentials detection and assessed risk level and action taken by adaptive authentication.
" }, "EventSourceName":{ "type":"string", @@ -5012,9 +5525,18 @@ "ALLOW_CUSTOM_AUTH", "ALLOW_USER_PASSWORD_AUTH", "ALLOW_USER_SRP_AUTH", - "ALLOW_REFRESH_TOKEN_AUTH" + "ALLOW_REFRESH_TOKEN_AUTH", + "ALLOW_USER_AUTH" ] }, + "FeatureUnavailableInTierException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when a feature you attempted to configure isn't available in your current feature plan.
", + "exception":true + }, "FeedbackValueType":{ "type":"string", "enum":[ @@ -5304,6 +5826,38 @@ }, "documentation":"The verification code response returned by the server response to get the user attribute verification code.
" }, + "GetUserAuthFactorsRequest":{ + "type":"structure", + "required":["AccessToken"], + "members":{ + "AccessToken":{ + "shape":"TokenModelType", + "documentation":"A valid access token that Amazon Cognito issued to the user whose authentication factors you want to view.
" + } + } + }, + "GetUserAuthFactorsResponse":{ + "type":"structure", + "required":["Username"], + "members":{ + "Username":{ + "shape":"UsernameType", + "documentation":"The username of the currently sign-in user.
" + }, + "PreferredMfaSetting":{ + "shape":"StringType", + "documentation":"The user's preferred MFA setting.
" + }, + "UserMFASettingList":{ + "shape":"UserMFASettingListType", + "documentation":"The MFA options that are activated for the user. The possible values in this list are SMS_MFA, EMAIL_OTP, and SOFTWARE_TOKEN_MFA.
The authentication types that are available to the user with USER_AUTH sign-in.
The multi-factor authentication (MFA) configuration. Valid values include:
OFF MFA won't be used for any users.
ON MFA is required for all users to sign in.
OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
Shows user pool configuration for MFA with passkeys from biometric devices and security keys.
" } } }, @@ -5420,19 +5978,19 @@ }, "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool.
" + "documentation":"The ID of the user pool that contains the group.
" }, "Description":{ "shape":"DescriptionType", - "documentation":"A string containing the description of the group.
" + "documentation":"A friendly description of the group.
" }, "RoleArn":{ "shape":"ArnType", - "documentation":"The role Amazon Resource Name (ARN) for the group.
" + "documentation":"The ARN of the IAM role associated with the group. If a group has the highest priority of a user's groups, users who authenticate with an identity pool get credentials for the RoleArn that's associated with the group.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher ornull Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
The default Precedence value is null.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher ornull Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
The default Precedence value is null.
The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The group type.
" + "documentation":"A user pool group. Contains details about the group and the way that it contributes to IAM role decisions with identity pools. Identity pools can make decisions about the IAM role to assign based on groups: users get credentials for the role associated with their highest-priority group.
This data type is a response parameter of AdminListGroupsForUser, CreateGroup, GetGroup, ListGroups, and UpdateGroup.
" }, "HexStringType":{ "type":"string", @@ -5461,7 +6019,7 @@ "documentation":"The header value.
" } }, - "documentation":"The HTTP header.
" + "documentation":"The HTTP header in the ContextData parameter.
This data type is a request parameter of server-side authentication operations like AdminInitiateAuth and AdminRespondToAuthChallenge.
" }, "HttpHeaderList":{ "type":"list", @@ -5477,15 +6035,15 @@ "members":{ "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID.
" + "documentation":"The ID of the user pool associated with the IdP.
" }, "ProviderName":{ "shape":"ProviderNameType", - "documentation":"The IdP name.
" + "documentation":"A friendly name for the IdP.
" }, "ProviderType":{ "shape":"IdentityProviderTypeType", - "documentation":"The IdP type.
" + "documentation":"The type of IdP. Either SAML, OIDC, or a named social identity provider.
" }, "ProviderDetails":{ "shape":"ProviderDetailsType", @@ -5497,7 +6055,7 @@ }, "IdpIdentifiers":{ "shape":"IdpIdentifiersListType", - "documentation":"A list of IdP identifiers.
" + "documentation":"A list of IdP identifiers. IdP identifiers are strings that represent friendly names or domain names of IdPs, for example MyIdP or auth.example.com. You can choose to route user authorization requests to the right IdP with either IdP identifiers or IdP names. For more information, see identity_provider and idp_identifier at Authorize endpoint.
The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
A container for information about an IdP.
" + "documentation":"A user pool identity provider (IdP). Contains information about a third-party IdP to a user pool, the attributes that it populates to user profiles, and the trust relationship between the IdP and your user pool.
This data type is a response parameter of CreateIdentityProvider, DescribeIdentityProvider, GetIdentityProviderByIdentifier, and UpdateIdentityProvider.
" }, "IdentityProviderTypeType":{ "type":"string", @@ -5548,15 +6106,15 @@ "members":{ "AuthFlow":{ "shape":"AuthFlowType", - "documentation":"The authentication flow for this call to run. The API action will depend on this value. For example:
REFRESH_TOKEN_AUTH takes in a valid refresh token and returns new tokens.
USER_SRP_AUTH takes in USERNAME and SRP_A and returns the SRP variables to be used for next challenge execution.
USER_PASSWORD_AUTH takes in USERNAME and PASSWORD and returns the next challenge or tokens.
Valid values include:
USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
CUSTOM_AUTH: Custom authentication flow.
USER_PASSWORD_AUTH: Non-SRP authentication flow; user name and password are passed directly. If a user migration Lambda trigger is set, this flow will invoke the user migration Lambda if it doesn't find the user name in the user pool.
ADMIN_NO_SRP_AUTH isn't a valid value.
The authentication flow that you want to initiate. The AuthParameters that you must submit are linked to the flow that you submit. For example:
USER_AUTH: Request a preferred authentication type or review available authentication types. From the offered authentication types, select one in a challenge response and then authenticate with that method in an additional challenge response.
REFRESH_TOKEN_AUTH: Receive new ID and access tokens when you pass a REFRESH_TOKEN parameter with a valid refresh token as the value.
USER_SRP_AUTH: Receive secure remote password (SRP) variables for the next challenge, PASSWORD_VERIFIER, when you pass USERNAME and SRP_A parameters.
USER_PASSWORD_AUTH: Receive new tokens or the next challenge, for example SOFTWARE_TOKEN_MFA, when you pass USERNAME and PASSWORD parameters.
Valid values include the following:
The entry point for sign-in with passwords, one-time passwords, biometric devices, and security keys.
Username-password authentication with the Secure Remote Password (SRP) protocol. For more information, see Use SRP password verification in custom authentication flow.
Provide a valid refresh token and receive new ID and access tokens. For more information, see Using the refresh token.
Custom authentication with Lambda triggers. For more information, see Custom authentication challenge Lambda triggers.
Username-password authentication with the password sent directly in the request. For more information, see Admin authentication flow.
ADMIN_USER_PASSWORD_AUTH is a flow type of AdminInitiateAuth and isn't valid for InitiateAuth. ADMIN_NO_SRP_AUTH is a legacy server-side username-password flow and isn't valid for InitiateAuth.
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_AUTH: USERNAME (required), PREFERRED_CHALLENGE. If you don't provide a value for PREFERRED_CHALLENGE, Amazon Cognito responds with the AvailableChallenges parameter that specifies the available sign-in methods.
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
Pre signup
Pre authentication
User migration
When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
When you use the InitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
Post authentication
Custom message
Pre token generation
Create auth challenge
Define auth challenge
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
You create custom workflows by assigning Lambda functions to user pool triggers. When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
Pre signup
Pre authentication
User migration
When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
When you use the InitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
Post authentication
Custom message
Pre token generation
Create auth challenge
Define auth challenge
Custom email sender
Custom SMS sender
For more information, see Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
Validate the ClientMetadata value.
Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
Contextual data about your user session, such as the device fingerprint, IP address, or location. Amazon Cognito advanced security evaluates the risk of an authentication event based on the context that your app generates and passes to Amazon Cognito when it makes API requests.
" + }, + "Session":{ + "shape":"SessionType", + "documentation":"The optional session ID from a ConfirmSignUp API request. You can sign in a user directly from the sign-up process with the USER_AUTH authentication flow.
Initiates the authentication request.
" @@ -5578,19 +6140,23 @@ "members":{ "ChallengeName":{ "shape":"ChallengeNameType", - "documentation":"The name of the challenge that you're responding to with this call. This name is returned in the InitiateAuth response if you must pass another challenge.
Valid values include the following:
All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the parameters.
SMS_MFA: Next challenge is to supply an SMS_MFA_CODEthat your user pool delivered in an SMS message.
EMAIL_OTP: Next challenge is to supply an EMAIL_OTP_CODE that your user pool delivered in an email message.
PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login.
Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account, and then the user should call InitiateAuth again to restart sign-in.
The name of the challenge that you're responding to with this call. This name is returned in the InitiateAuth response if you must pass another challenge.
Valid values include the following:
All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the parameters.
WEB_AUTHN: Respond to the challenge with the results of a successful authentication with a passkey, or webauthN, factor. These are typically biometric devices or security keys.
PASSWORD: Respond with USER_PASSWORD_AUTH parameters: USERNAME (required), PASSWORD (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
PASSWORD_SRP: Respond with USER_SRP_AUTH parameters: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), DEVICE_KEY.
SELECT_CHALLENGE: Respond to the challenge with USERNAME and an ANSWER that matches one of the challenge types in the AvailableChallenges response parameter.
SMS_MFA: Next challenge is to supply an SMS_MFA_CODEthat your user pool delivered in an SMS message.
EMAIL_OTP: Next challenge is to supply an EMAIL_OTP_CODE that your user pool delivered in an email message.
PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login.
Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned in the requiredAttributes parameter. You can also set values for attributes that aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
Amazon Cognito only returns this challenge for users who have temporary passwords. Because of this, and because in some cases you can create users who don't have values for required attributes, take care to collect and submit required-attribute values for all users who don't have passwords. You can create a user in the Amazon Cognito console without, for example, a required birthdate attribute. The API response from Amazon Cognito won't prompt you to submit a birthdate for the user if they don't have a password.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account, and then the user should call InitiateAuth again to restart sign-in.
The session that should pass both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.
The session that should pass both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. Include this session identifier in a RespondToAuthChallenge API request.
The challenge parameters. These are returned in the InitiateAuth response if you must pass another challenge. The responses in this parameter should be used to compute inputs to the next call (RespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if applicable).
The challenge parameters. These are returned in the InitiateAuth response if you must pass another challenge. The responses in this parameter should be used to compute inputs to the next call (RespondToAuthChallenge).
All challenges require USERNAME. They also require SECRET_HASH if your app client has a client secret.
The result of the authentication response. This result is only returned if the caller doesn't need to pass another challenge. If the caller does need to pass another challenge before it gets tokens, ChallengeName, ChallengeParameters, and Session are returned.
This response parameter prompts a user to select from multiple available challenges that they can complete authentication with. For example, they might be able to continue with passwordless authentication or with a one-time password from an SMS message.
" } }, "documentation":"Initiates the authentication response.
" @@ -5644,11 +6210,16 @@ "message":{ "shape":"MessageType", "documentation":"The message returned when the Amazon Cognito service throws an invalid parameter exception.
" + }, + "reasonCode":{ + "shape":"InvalidParameterExceptionReasonCodeType", + "documentation":"The reason code of the exception.
" } }, "documentation":"This exception is thrown when the Amazon Cognito service encounters an invalid parameter.
", "exception":true }, + "InvalidParameterExceptionReasonCodeType":{"type":"string"}, "InvalidPasswordException":{ "type":"structure", "members":{ @@ -5698,62 +6269,62 @@ "members":{ "PreSignUp":{ "shape":"ArnType", - "documentation":"A pre-registration Lambda trigger.
" + "documentation":"The configuration of a pre sign-up Lambda trigger in a user pool. This trigger evaluates new users and can bypass confirmation, link a federated user profile, or block sign-up requests.
" }, "CustomMessage":{ "shape":"ArnType", - "documentation":"A custom Message Lambda trigger.
" + "documentation":"A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user.
" }, "PostConfirmation":{ "shape":"ArnType", - "documentation":"A post-confirmation Lambda trigger.
" + "documentation":"The configuration of a post confirmation Lambda trigger in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number.
" }, "PreAuthentication":{ "shape":"ArnType", - "documentation":"A pre-authentication Lambda trigger.
" + "documentation":"The configuration of a pre authentication trigger in a user pool. This trigger can evaluate and modify user sign-in events.
" }, "PostAuthentication":{ "shape":"ArnType", - "documentation":"A post-authentication Lambda trigger.
" + "documentation":"The configuration of a post authentication Lambda trigger in a user pool. This trigger can take custom actions after a user signs in.
" }, "DefineAuthChallenge":{ "shape":"ArnType", - "documentation":"Defines the authentication challenge.
" + "documentation":"The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the custom authentication challenge triggers.
" }, "CreateAuthChallenge":{ "shape":"ArnType", - "documentation":"Creates an authentication challenge.
" + "documentation":"The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the custom authentication challenge triggers.
" }, "VerifyAuthChallengeResponse":{ "shape":"ArnType", - "documentation":"Verifies the authentication challenge response.
" + "documentation":"The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the custom authentication challenge triggers.
" }, "PreTokenGeneration":{ "shape":"ArnType", - "documentation":"The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
Set this parameter for legacy purposes. If you also set an ARN in PreTokenGenerationConfig, its value must be identical to PreTokenGeneration. For new instances of pre token generation triggers, set the LambdaArn of PreTokenGenerationConfig.
You can set
The legacy configuration of a pre token generation Lambda trigger in a user pool.
Set this parameter for legacy purposes. If you also set an ARN in PreTokenGenerationConfig, its value must be identical to PreTokenGeneration. For new instances of pre token generation triggers, set the LambdaArn of PreTokenGenerationConfig.
The user migration Lambda config type.
" + "documentation":"The configuration of a migrate user Lambda trigger in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet.
" }, "PreTokenGenerationConfig":{ "shape":"PreTokenGenerationVersionConfigType", - "documentation":"The detailed configuration of a pre token generation trigger. If you also set an ARN in PreTokenGeneration, its value must be identical to PreTokenGenerationConfig.
The detailed configuration of a pre token generation Lambda trigger in a user pool. If you also set an ARN in PreTokenGeneration, its value must be identical to PreTokenGenerationConfig.
A custom SMS sender Lambda trigger.
" + "documentation":"The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic.
" }, "CustomEmailSender":{ "shape":"CustomEmailLambdaVersionConfigType", - "documentation":"A custom email sender Lambda trigger.
" + "documentation":"The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic.
" }, "KMSKeyID":{ "shape":"ArnType", - "documentation":"The Amazon Resource Name (ARN) of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender.
The ARN of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers.
" } }, - "documentation":"Specifies the configuration for Lambda triggers.
" + "documentation":"A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "LimitExceededException":{ "type":"structure", @@ -6085,7 +6656,7 @@ }, "Filter":{ "shape":"UserFilterType", - "documentation":"A filter string of the form \"AttributeName Filter-Type \"AttributeValue\"\". Quotation marks within the filter string must be escaped using the backslash (\\) character. For example, \"family_name = \\\"Reddy\\\"\".
AttributeName: The name of the attribute to search for. You can only search for one attribute at a time.
Filter-Type: For an exact match, use =, for example, \"given_name = \\\"Jon\\\"\". For a prefix (\"starts with\") match, use ^=, for example, \"given_name ^= \\\"Jon\\\"\".
AttributeValue: The attribute value that must be matched for each user.
If the filter string is empty, ListUsers returns all users in the user pool.
You can only search for the following standard attributes:
username (case-sensitive)
email
phone_number
name
given_name
family_name
preferred_username
cognito:user_status (called Status in the Console) (case-insensitive)
status (called Enabled in the Console) (case-sensitive)
sub
Custom attributes aren't searchable.
You can also list users with a client-side filter. The server-side filter matches no more than one attribute. For an advanced search, use a client-side filter with the --query parameter of the list-users action in the CLI. When you use a client-side filter, ListUsers returns a paginated list of zero or more users. You can receive multiple pages in a row with zero results. Repeat the query with each pagination token that is returned until you receive a null pagination token value, and then review the combined result.
For more information about server-side and client-side filtering, see FilteringCLI output in the Command Line Interface User Guide.
For more information, see Searching for Users Using the ListUsers API and Examples of Using the ListUsers API in the Amazon Cognito Developer Guide.
" + "documentation":"A filter string of the form \"AttributeName Filter-Type \"AttributeValue\". Quotation marks within the filter string must be escaped using the backslash (\\) character. For example, \"family_name = \\\"Reddy\\\"\".
AttributeName: The name of the attribute to search for. You can only search for one attribute at a time.
Filter-Type: For an exact match, use =, for example, \"given_name = \\\"Jon\\\"\". For a prefix (\"starts with\") match, use ^=, for example, \"given_name ^= \\\"Jon\\\"\".
AttributeValue: The attribute value that must be matched for each user.
If the filter string is empty, ListUsers returns all users in the user pool.
You can only search for the following standard attributes:
username (case-sensitive)
email
phone_number
name
given_name
family_name
preferred_username
cognito:user_status (called Status in the Console) (case-insensitive)
status (called Enabled in the Console) (case-sensitive)
sub
Custom attributes aren't searchable.
You can also list users with a client-side filter. The server-side filter matches no more than one attribute. For an advanced search, use a client-side filter with the --query parameter of the list-users action in the CLI. When you use a client-side filter, ListUsers returns a paginated list of zero or more users. You can receive multiple pages in a row with zero results. Repeat the query with each pagination token that is returned until you receive a null pagination token value, and then review the combined result.
For more information about server-side and client-side filtering, see FilteringCLI output in the Command Line Interface User Guide.
For more information, see Searching for Users Using the ListUsers API and Examples of Using the ListUsers API in the Amazon Cognito Developer Guide.
" } }, "documentation":"Represents the request to list users.
" @@ -6104,6 +6675,38 @@ }, "documentation":"The response from the request to list users.
" }, + "ListWebAuthnCredentialsRequest":{ + "type":"structure", + "required":["AccessToken"], + "members":{ + "AccessToken":{ + "shape":"TokenModelType", + "documentation":"A valid access token that Amazon Cognito issued to the user whose registered passkeys you want to list.
" + }, + "NextToken":{ + "shape":"PaginationKey", + "documentation":"An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" + }, + "MaxResults":{ + "shape":"WebAuthnCredentialsQueryLimitType", + "documentation":"The maximum number of the user's passkey credentials that you want to return.
" + } + } + }, + "ListWebAuthnCredentialsResponse":{ + "type":"structure", + "required":["Credentials"], + "members":{ + "Credentials":{ + "shape":"WebAuthnCredentialDescriptionListType", + "documentation":"A list of registered passkeys for a user.
" + }, + "NextToken":{ + "shape":"PaginationKey", + "documentation":"An identifier that you can use in a later request to return the next set of items in the list.
" + } + } + }, "LogConfigurationListType":{ "type":"list", "member":{"shape":"LogConfigurationType"}, @@ -6138,7 +6741,7 @@ "documentation":"The Amazon Data Firehose stream destination of user activity log export with advanced security features. To activate this setting, advanced security features must be active in your user pool.
" } }, - "documentation":"The logging parameters of a user pool.
" + "documentation":"The configuration of user event logs to an external Amazon Web Services service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs.
This data type is a request parameter of SetLogDeliveryConfiguration and a response parameter of GetLogDeliveryConfiguration.
" }, "LogDeliveryConfigurationType":{ "type":"structure", @@ -6156,7 +6759,7 @@ "documentation":"A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs.
" } }, - "documentation":"The logging parameters of a user pool returned in response to GetLogDeliveryConfiguration.
The logging parameters of a user pool, as returned in the response to a GetLogDeliveryConfiguration request.
" }, "LogLevel":{ "type":"string", @@ -6201,6 +6804,52 @@ }, "documentation":"This data type is no longer supported. Applies only to SMS multi-factor authentication (MFA) configurations. Does not apply to time-based one-time password (TOTP) software token MFA configurations.
" }, + "ManagedLoginBrandingExistsException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when you attempt to apply a managed login branding style to an app client that already has an assigned style.
", + "exception":true + }, + "ManagedLoginBrandingIdType":{ + "type":"string", + "pattern":"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[4][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + "ManagedLoginBrandingType":{ + "type":"structure", + "members":{ + "ManagedLoginBrandingId":{ + "shape":"ManagedLoginBrandingIdType", + "documentation":"The ID of the managed login branding style.
" + }, + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The user pool where the branding style is assigned.
" + }, + "UseCognitoProvidedValues":{ + "shape":"BooleanType", + "documentation":"When true, applies the default branding style options. This option reverts to a \"blank\" style that you can modify later in the branding designer.
" + }, + "Settings":{ + "shape":"Document", + "documentation":"A JSON file, encoded as a Document type, with the the settings that you want to apply to your style.
An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.
" + }, + "CreationDate":{ + "shape":"DateType", + "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
A managed login branding style that's assigned to a user pool app client.
This data type is a response parameter of CreateManagedLoginBranding, UpdateManagedLoginBranding, DescribeManagedLoginBranding, and DescribeManagedLoginBrandingByClient.
" + }, "MessageActionType":{ "type":"string", "enum":[ @@ -6212,11 +6861,11 @@ "type":"structure", "members":{ "SMSMessage":{ - "shape":"SmsVerificationMessageType", + "shape":"SmsInviteMessageType", "documentation":"The message template for SMS messages.
" }, "EmailMessage":{ - "shape":"EmailVerificationMessageType", + "shape":"EmailInviteMessageType", "documentation":"The message template for email messages. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
" }, "EmailSubject":{ @@ -6232,14 +6881,14 @@ "members":{ "DeviceKey":{ "shape":"DeviceKeyType", - "documentation":"The device key.
" + "documentation":"The device key, an identifier used in generating the DEVICE_PASSWORD_VERIFIER for device SRP authentication.
The device group key.
" + "documentation":"The device group key, an identifier used in generating the DEVICE_PASSWORD_VERIFIER for device SRP authentication.
The new device metadata type.
" + "documentation":"Information that your user pool responds with in AuthenticationResultwhen you configure it to remember devices and a user signs in with an unrecognized device. Amazon Cognito presents a new device key that you can use to set up device authentication in a \"Remember me on this device\" authentication model.
This data type is a response parameter of authentication operations like InitiateAuth, AdminInitiateAuth, RespondToAuthChallenge, and AdminRespondToAuthChallenge.
" }, "NotAuthorizedException":{ "type":"structure", @@ -6258,11 +6907,11 @@ "members":{ "From":{ "shape":"StringType", - "documentation":"The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
" + "documentation":"The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
" }, "ReplyTo":{ "shape":"StringType", - "documentation":"The destination to which the receiver of an email should reply to.
" + "documentation":"The reply-to email address of an email template.
" }, "SourceArn":{ "shape":"ArnType", @@ -6270,18 +6919,18 @@ }, "BlockEmail":{ "shape":"NotifyEmailType", - "documentation":"Email template used when a detected risk event is blocked.
" + "documentation":"The template for the email message that your user pool sends when a detected risk event is blocked.
" }, "NoActionEmail":{ "shape":"NotifyEmailType", - "documentation":"The email template used when a detected risk event is allowed.
" + "documentation":"The template for the email message that your user pool sends when no action is taken in response to a detected risk.
" }, "MfaEmail":{ "shape":"NotifyEmailType", - "documentation":"The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
" + "documentation":"The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
" } }, - "documentation":"The notify configuration type.
" + "documentation":"The configuration for Amazon SES email messages that advanced security features sends to a user when your adaptive authentication automated response has a Notify action.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "NotifyEmailType":{ "type":"structure", @@ -6289,18 +6938,18 @@ "members":{ "Subject":{ "shape":"EmailNotificationSubjectType", - "documentation":"The email subject.
" + "documentation":"The subject of the threat protection email notification.
" }, "HtmlBody":{ "shape":"EmailNotificationBodyType", - "documentation":"The email HTML body.
" + "documentation":"The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
The email text body.
" + "documentation":"The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
The notify email type.
" + "documentation":"The template for email messages that advanced security features sends to a user when your threat protection automated response has a Notify action.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "NumberAttributeConstraintsType":{ "type":"structure", @@ -6314,7 +6963,7 @@ "documentation":"The maximum length of a number attribute value. Must be a number less than or equal to 2^1023, represented as a string with a length of 131072 characters or fewer.
The minimum and maximum values of an attribute that is of the number data type.
" + "documentation":"The minimum and maximum values of an attribute that is of the number type, for example custom:age.
This data type is part of SchemaAttributeType. It defines the length constraints on number-type attributes that you configure in CreateUserPool and UpdateUserPool, and displays the length constraints of all number-type attributes in the response to DescribeUserPool
" }, "OAuthFlowType":{ "type":"string", @@ -6368,19 +7017,19 @@ }, "RequireUppercase":{ "shape":"BooleanType", - "documentation":"In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
" + "documentation":"The requirement in a password policy that users must include at least one uppercase letter in their password.
" }, "RequireLowercase":{ "shape":"BooleanType", - "documentation":"In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
" + "documentation":"The requirement in a password policy that users must include at least one lowercase letter in their password.
" }, "RequireNumbers":{ "shape":"BooleanType", - "documentation":"In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
" + "documentation":"The requirement in a password policy that users must include at least one number in their password.
" }, "RequireSymbols":{ "shape":"BooleanType", - "documentation":"In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
" + "documentation":"The requirement in a password policy that users must include at least one symbol in their password.
" }, "PasswordHistorySize":{ "shape":"PasswordHistorySizeType", @@ -6391,7 +7040,7 @@ "documentation":"The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to 7. If you submit a value of 0, Amazon Cognito treats it as a null value and sets TemporaryPasswordValidityDays to its default value.
When you set TemporaryPasswordValidityDays for a user pool, you can no longer set a value for the legacy UnusedAccountValidityDays parameter in that user pool.
The password policy type.
" + "documentation":"The password policy settings for a user pool, including complexity, history, and length requirements.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "PasswordResetRequiredException":{ "type":"structure", @@ -6443,7 +7092,7 @@ "documentation":"The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.
This parameter and the PreTokenGeneration property of LambdaConfig have the same value. For new instances of pre token generation triggers, set LambdaArn.
The properties of a pre token generation Lambda trigger.
" + "documentation":"The properties of a pre token generation Lambda trigger.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "PrecedenceType":{ "type":"integer", @@ -6477,22 +7126,22 @@ "members":{ "ProviderName":{ "shape":"ProviderNameType", - "documentation":"The IdP name.
" + "documentation":"The name of the IdP, for example MySAMLProvider.
The IdP type.
" + "documentation":"The type of the provider, for example SAML. Amazon Cognito supports SAML 2.0, OIDC, and social IdPs. User pools list supported social IdPs by name in this response parameter: Facebook, Google, Login with Amazon, and Sign in with Apple.
The date the provider was last modified.
" + "documentation":"The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
A container for IdP details.
" + "documentation":"The details of a user pool identity provider (IdP), including name and type.
This data type is a response parameter of ListIdentityProviders.
" }, "ProviderDetailsType":{ "type":"map", @@ -6527,7 +7176,7 @@ "documentation":"The value of the provider attribute to link to, such as xxxxx_account.
A container for information about an IdP for a user pool.
" + "documentation":"The characteristics of a source or destination user for linking a federated user profile to a local user profile.
This data type is a request parameter of AdminLinkProviderForUser and AdminDisableProviderForUser.
" }, "ProvidersListType":{ "type":"list", @@ -6568,14 +7217,14 @@ "members":{ "Priority":{ "shape":"PriorityType", - "documentation":"A positive integer specifying priority of a method with 1 being the highest priority.
" + "documentation":"Your priority preference for using the specified attribute in account recovery. The highest priority is 1.
The recovery method for a user.
" + "documentation":"The recovery method that this object sets a recovery option for.
" } }, - "documentation":"A map containing a priority as a key, and recovery method name as a value.
" + "documentation":"A recovery option for a user. The AccountRecoverySettingType data type is an array of this object. Each RecoveryOptionType has a priority property that determines whether it is a primary or secondary option.
For example, if verified_email has a priority of 1 and verified_phone_number has a priority of 2, your user pool sends account-recovery messages to a verified email address but falls back to an SMS message if the user has a verified phone number. The admin_only option prevents self-service account recovery.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "RedirectUrlType":{ "type":"string", @@ -6593,6 +7242,11 @@ "max":32, "min":5 }, + "RelyingPartyIdType":{ + "type":"string", + "max":127, + "min":1 + }, "ResendConfirmationCodeRequest":{ "type":"structure", "required":[ @@ -6637,6 +7291,12 @@ }, "documentation":"The response from the server when Amazon Cognito makes the request to resend a confirmation code.
" }, + "ResourceIdType":{ + "type":"string", + "max":40, + "min":1, + "pattern":"^[\\w\\- ]+$" + }, "ResourceNotFoundException":{ "type":"structure", "members":{ @@ -6685,21 +7345,21 @@ "members":{ "ScopeName":{ "shape":"ResourceServerScopeNameType", - "documentation":"The name of the scope.
" + "documentation":"The name of the scope. Amazon Cognito renders custom scopes in the format resourceServerIdentifier/ScopeName. For example, if this parameter is exampleScope in the resource server with the identifier exampleResourceServer, you request and receive the scope exampleResourceServer/exampleScope.
A description of the scope.
" + "documentation":"A friendly description of a custom scope.
" } }, - "documentation":"A resource server scope.
" + "documentation":"One custom scope associated with a user pool resource server. This data type is a member of ResourceServerScopeType. For more information, see Scopes, M2M, and API authorization with resource servers.
This data type is a request parameter of CreateResourceServer and a response parameter of DescribeResourceServer.
" }, "ResourceServerType":{ "type":"structure", "members":{ "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool that hosts the resource server.
" + "documentation":"The ID of the user pool that contains the resource server configuration.
" }, "Identifier":{ "shape":"ResourceServerIdentifierType", @@ -6714,7 +7374,7 @@ "documentation":"A list of scopes that are defined for the resource server.
" } }, - "documentation":"A container for information about a resource server for a user pool.
" + "documentation":"The details of a resource server configuration and associated custom scopes in a user pool.
This data type is a request parameter of CreateResourceServer and a response parameter of DescribeResourceServer.
" }, "ResourceServersListType":{ "type":"list", @@ -6741,7 +7401,7 @@ }, "ChallengeResponses":{ "shape":"ChallengeResponsesType", - "documentation":"The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret.
\"ChallengeName\": \"SMS_MFA\", \"ChallengeResponses\": {\"SMS_MFA_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"EMAIL_OTP\", \"ChallengeResponses\": {\"EMAIL_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
\"ChallengeName\": \"PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"CUSTOM_CHALLENGE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[challenge_answer]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"NEW_PASSWORD_REQUIRED\", \"ChallengeResponses\": {\"NEW_PASSWORD\": \"[new_password]\", \"USERNAME\": \"[username]\"}
To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add \"userAttributes.[attribute_name]\": \"[attribute_value]\". This parameter can also set values for writable attributes that aren't required by your user pool.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
\"ChallengeName\": \"SOFTWARE_TOKEN_MFA\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"SOFTWARE_TOKEN_MFA_CODE\": [authenticator_code]}
\"ChallengeName\": \"DEVICE_SRP_AUTH\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"DEVICE_KEY\": \"[device_key]\", \"SRP_A\": \"[srp_a]\"}
\"ChallengeName\": \"DEVICE_PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"DEVICE_KEY\": \"[device_key]\", \"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"MFA_SETUP\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\"}, \"SESSION\": \"[Session ID from VerifySoftwareToken]\"
\"ChallengeName\": \"SELECT_MFA_TYPE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[SMS_MFA or SOFTWARE_TOKEN_MFA]\"}
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
The responses to the challenge that you received in the previous request. Each challenge has its own required response parameters. The following examples are partial JSON request bodies that highlight challenge-response parameters.
You must provide a SECRET_HASH parameter in all challenge responses to an app client that has a client secret. Include a DEVICE_KEY for device authentication.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"USERNAME\": \"[username]\", \"ANSWER\": \"[Challenge name]\"}
Available challenges are PASSWORD, PASSWORD_SRP, EMAIL_OTP, SMS_OTP, and WEB_AUTHN.
Complete authentication in the SELECT_CHALLENGE response for PASSWORD, PASSWORD_SRP, and WEB_AUTHN:
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"WEB_AUTHN\", \"USERNAME\": \"[username]\", \"CREDENTIAL\": \"[AuthenticationResponseJSON]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD\", \"USERNAME\": \"[username]\", \"PASSWORD\": \"[password]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"PASSWORD_SRP\", \"USERNAME\": \"[username]\", \"SRP_A\": \"[SRP_A]\"}
For SMS_OTP and EMAIL_OTP, respond with the username and answer. Your user pool will send a code for the user to submit in the next challenge response.
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"SMS_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SELECT_CHALLENGE\", \"ChallengeResponses\": { \"ANSWER\": \"EMAIL_OTP\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_OTP\", \"ChallengeResponses\": {\"SMS_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"EMAIL_OTP\", \"ChallengeResponses\": {\"EMAIL_OTP_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"SMS_MFA\", \"ChallengeResponses\": {\"SMS_MFA_CODE\": \"[code]\", \"USERNAME\": \"[username]\"}
This challenge response is part of the SRP flow. Amazon Cognito requires that your application respond to this challenge within a few seconds. When the response time exceeds this period, your user pool returns a NotAuthorizedException error.
\"ChallengeName\": \"PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"CUSTOM_CHALLENGE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[challenge_answer]\"}
Add \"DEVICE_KEY\" when you sign in with a remembered device.
\"ChallengeName\": \"NEW_PASSWORD_REQUIRED\", \"ChallengeResponses\": {\"NEW_PASSWORD\": \"[new_password]\", \"USERNAME\": \"[username]\"}
To set any required attributes that InitiateAuth returned in an requiredAttributes parameter, add \"userAttributes.[attribute_name]\": \"[attribute_value]\". This parameter can also set values for writable attributes that aren't required by your user pool.
In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify the value of any additional attributes.
\"ChallengeName\": \"SOFTWARE_TOKEN_MFA\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"SOFTWARE_TOKEN_MFA_CODE\": [authenticator_code]}
\"ChallengeName\": \"DEVICE_SRP_AUTH\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"DEVICE_KEY\": \"[device_key]\", \"SRP_A\": \"[srp_a]\"}
\"ChallengeName\": \"DEVICE_PASSWORD_VERIFIER\", \"ChallengeResponses\": {\"DEVICE_KEY\": \"[device_key]\", \"PASSWORD_CLAIM_SIGNATURE\": \"[claim_signature]\", \"PASSWORD_CLAIM_SECRET_BLOCK\": \"[secret_block]\", \"TIMESTAMP\": [timestamp], \"USERNAME\": \"[username]\"}
\"ChallengeName\": \"MFA_SETUP\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\"}, \"SESSION\": \"[Session ID from VerifySoftwareToken]\"
\"ChallengeName\": \"SELECT_MFA_TYPE\", \"ChallengeResponses\": {\"USERNAME\": \"[username]\", \"ANSWER\": \"[SMS_MFA or SOFTWARE_TOKEN_MFA]\"}
For more information about SECRET_HASH, see Computing secret hash values. For information about DEVICE_KEY, see Working with user devices in your user pool.
The user pool ID.
" + "documentation":"The ID of the user pool that has the risk configuration applied.
" }, "ClientId":{ "shape":"ClientIdType", - "documentation":"The app client ID.
" + "documentation":"The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
" }, "CompromisedCredentialsRiskConfiguration":{ "shape":"CompromisedCredentialsRiskConfigurationType", - "documentation":"The compromised credentials risk configuration object, including the EventFilter and the EventAction.
Settings for compromised-credentials actions and authentication types with advanced security features in full-function ENFORCED mode.
The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
The settings for automated responses and notification templates for adaptive authentication with advanced security features.
" }, "RiskExceptionConfiguration":{ "shape":"RiskExceptionConfigurationType", - "documentation":"The configuration to override the risk decision.
" + "documentation":"Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
" }, "LastModifiedDate":{ "shape":"DateType", "documentation":"The date and time when the item was modified. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The risk configuration type.
" + "documentation":"The settings of risk configuration for threat protection with advanced security features in a user pool.
This data type is a response parameter of DescribeRiskConfiguration and SetRiskConfiguration.
" }, "RiskDecisionType":{ "type":"string", @@ -6849,14 +7509,14 @@ "members":{ "BlockedIPRangeList":{ "shape":"BlockedIPRangeListType", - "documentation":"Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
" + "documentation":"An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
" }, "SkippedIPRangeList":{ "shape":"SkippedIPRangeListType", - "documentation":"Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
" + "documentation":"An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
" } }, - "documentation":"The type of the configuration to override the risk decision.
" + "documentation":"Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
This data type is a request parameter of SetRiskConfiguration and a response parameter of DescribeRiskConfiguration.
" }, "RiskLevelType":{ "type":"string", @@ -6903,10 +7563,10 @@ }, "PreferredMfa":{ "shape":"BooleanType", - "documentation":"Specifies whether SMS is the preferred MFA method.
" + "documentation":"Specifies whether SMS is the preferred MFA method. If true, your user pool prompts the specified user for a code delivered by SMS message after username-password sign-in succeeds.
" } }, - "documentation":"The type used for enabling SMS multi-factor authentication (MFA) at the user level. Phone numbers don't need to be verified to be used for SMS MFA. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you would like MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
" + "documentation":"A user's preference for using SMS message multi-factor authentication (MFA). Turns SMS MFA on and off, and can set SMS as preferred when other MFA options are available. You can't turn off SMS MFA for any of your users when MFA is required in your user pool; you can only set the type that your user prefers.
This data type is a request parameter of SetUserMFAPreference and AdminSetUserMFAPreference.
" }, "SchemaAttributeType":{ "type":"structure", @@ -6943,7 +7603,7 @@ "documentation":"Specifies the constraints for an attribute of the string type.
" } }, - "documentation":"A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.
Developer-only attributes are a legacy feature of user pools, are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
" + "documentation":"A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.
Developer-only dev: attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "SchemaAttributesListType":{ "type":"list", @@ -7142,6 +7802,10 @@ "MfaConfiguration":{ "shape":"UserPoolMfaType", "documentation":"The MFA configuration. If you set the MfaConfiguration value to ‘ON’, only users who have set up an MFA factor can sign in. To learn more, see Adding Multi-Factor Authentication (MFA) to a user pool. Valid values include:
OFF MFA won't be used for any users.
ON MFA is required for all users to sign in.
OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
The configuration of your user pool for passkey, or webauthN, authentication and registration. You can set this configuration independent of the MFA configuration options in this operation.
" } } }, @@ -7163,6 +7827,10 @@ "MfaConfiguration":{ "shape":"UserPoolMfaType", "documentation":"The MFA configuration. Valid values include:
OFF MFA won't be used for any users.
ON MFA is required for all users to sign in.
OPTIONAL MFA will be required only for individual users who have an MFA factor enabled.
The configuration of your user pool for passkey, or webauthN, biometric and security-key devices.
" } } }, @@ -7190,12 +7858,21 @@ }, "documentation":"The response from the server for a set user settings request.
" }, + "SignInPolicyType":{ + "type":"structure", + "members":{ + "AllowedFirstAuthFactors":{ + "shape":"AllowedFirstAuthFactorsListType", + "documentation":"The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors.
" + } + }, + "documentation":"The policy for allowed types of authentication in a user pool.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" + }, "SignUpRequest":{ "type":"structure", "required":[ "ClientId", - "Username", - "Password" + "Username" ], "members":{ "ClientId":{ @@ -7212,7 +7889,7 @@ }, "Password":{ "shape":"PasswordType", - "documentation":"The password of the user you want to register.
" + "documentation":"The password of the user you want to register.
Users can sign up without a password when your user pool supports passwordless sign-in with email or SMS OTPs. To create a user with no password, omit this parameter or submit a blank value. You can only create a passwordless user when passwordless sign-in is available. See the SignInPolicyType property of CreateUserPool and UpdateUserPool.
" }, "UserAttributes":{ "shape":"AttributeListType", @@ -7255,6 +7932,10 @@ "UserSub":{ "shape":"StringType", "documentation":"The 128-bit ID of the authenticated user. This isn't the same as username.
A session Id that you can pass to ConfirmSignUp when you want to immediately sign in your user with the USER_AUTH flow after they complete sign-up.
The response from the server for a registration request.
" @@ -7274,28 +7955,34 @@ }, "ExternalId":{ "shape":"StringType", - "documentation":"The external ID provides additional security for your IAM role. You can use an ExternalId with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId.
For more information about the ExternalId of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party
The external ID provides additional security for your IAM role. You can use an ExternalId with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId.
For more information about the ExternalId of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party.
The Amazon Web Services Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region.
Amazon Cognito resources in the Asia Pacific (Seoul) Amazon Web Services Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see SMS message settings for Amazon Cognito user pools.
" } }, - "documentation":"The SMS configuration type is the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
" + "documentation":"User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
This data type is a request parameter of CreateUserPool, UpdateUserPool, and SetUserPoolMfaConfig, and a response parameter of CreateUserPool, UpdateUserPool, and GetUserPoolMfaConfig.
" + }, + "SmsInviteMessageType":{ + "type":"string", + "max":140, + "min":6, + "pattern":"(?s).*" }, "SmsMfaConfigType":{ "type":"structure", "members":{ "SmsAuthenticationMessage":{ "shape":"SmsVerificationMessageType", - "documentation":"The SMS message that your user pool sends to users with an MFA code. The message must contain the {####} placeholder. In the message, Amazon Cognito replaces this placeholder with the code. If you don't provide this parameter, Amazon Cognito sends messages in the default format.
The SMS authentication message that will be sent to users with the code they must sign in with. The message must contain the {####} placeholder. Your user pool replaces the placeholder with the MFA code. If this parameter isn't provided, your user pool sends a default message.
The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To request Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role that you provide for your Amazon Web Services account.
" + "documentation":"User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
You can set SmsConfiguration in CreateUserPool and UpdateUserPool, or in SetUserPoolMfaConfig.
Configures user pool SMS messages for multi-factor authentication (MFA). Sets the message template and the SMS message sending configuration for Amazon SNS.
" + "documentation":"The configuration of multi-factor authentication (MFA) with SMS messages in a user pool.
This data type is a request parameter of SetUserPoolMfaConfig and a response parameter of GetUserPoolMfaConfig.
" }, "SmsVerificationMessageType":{ "type":"string", @@ -7323,10 +8010,10 @@ "members":{ "Enabled":{ "shape":"BooleanType", - "documentation":"Specifies whether software token MFA is activated.
" + "documentation":"The activation state of TOTP MFA.
" } }, - "documentation":"Configures a user pool for time-based one-time password (TOTP) multi-factor authentication (MFA). Enables or disables TOTP.
" + "documentation":"Settings for time-based one-time password (TOTP) multi-factor authentication (MFA) in a user pool. Enables and disables availability of this feature.
This data type is a request parameter of SetUserPoolMfaConfig and a response parameter of GetUserPoolMfaConfig.
" }, "SoftwareTokenMfaSettingsType":{ "type":"structure", @@ -7340,7 +8027,7 @@ "documentation":"Specifies whether software token MFA is the preferred MFA method.
" } }, - "documentation":"The type used for enabling software token MFA at the user level. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
" + "documentation":"A user's preference for using time-based one-time password (TOTP) multi-factor authentication (MFA). Turns TOTP MFA on and off, and can set TOTP as preferred when other MFA options are available. You can't turn off TOTP MFA for any of your users when MFA is required in your user pool; you can only set the type that your user prefers.
This data type is a request parameter of SetUserMFAPreference and AdminSetUserMFAPreference.
" }, "StartUserImportJobRequest":{ "type":"structure", @@ -7370,6 +8057,26 @@ }, "documentation":"Represents the response from the server to the request to start the user import job.
" }, + "StartWebAuthnRegistrationRequest":{ + "type":"structure", + "required":["AccessToken"], + "members":{ + "AccessToken":{ + "shape":"TokenModelType", + "documentation":"A valid access token that Amazon Cognito issued to the user whose passkey metadata you want to generate.
" + } + } + }, + "StartWebAuthnRegistrationResponse":{ + "type":"structure", + "required":["CredentialCreationOptions"], + "members":{ + "CredentialCreationOptions":{ + "shape":"Document", + "documentation":"The information that a user can provide in their request to register with their passkey provider.
" + } + } + }, "StatusType":{ "type":"string", "enum":[ @@ -7410,14 +8117,14 @@ "members":{ "MinLength":{ "shape":"StringType", - "documentation":"The minimum length.
" + "documentation":"The minimum length of a string attribute value.
" }, "MaxLength":{ "shape":"StringType", "documentation":"The maximum length of a string attribute value. Must be a number less than or equal to 2^1023, represented as a string with a length of 131072 characters or fewer.
The constraints associated with a string attribute.
" + "documentation":"The minimum and maximum length values of an attribute that is of the string type, for example custom:department.
This data type is part of SchemaAttributeType. It defines the length constraints on string-type attributes that you configure in CreateUserPool and UpdateUserPool, and displays the length constraints of all string-type attributes in the response to DescribeUserPool
" }, "StringType":{ "type":"string", @@ -7465,6 +8172,14 @@ "max":365, "min":0 }, + "TierChangeNotAllowedException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when you've attempted to change your feature plan but the operation isn't permitted.
", + "exception":true + }, "TimeUnitsType":{ "type":"string", "enum":[ @@ -7484,18 +8199,18 @@ "members":{ "AccessToken":{ "shape":"TimeUnitsType", - "documentation":" A time unit of seconds, minutes, hours, or days for the value that you set in the AccessTokenValidity parameter. The default AccessTokenValidity time unit is hours. AccessTokenValidity duration can range from five minutes to one day.
A time unit for the value that you set in the AccessTokenValidity parameter. The default AccessTokenValidity time unit is hours. AccessTokenValidity duration can range from five minutes to one day.
A time unit of seconds, minutes, hours, or days for the value that you set in the IdTokenValidity parameter. The default IdTokenValidity time unit is hours. IdTokenValidity duration can range from five minutes to one day.
A time unit for the value that you set in the IdTokenValidity parameter. The default IdTokenValidity time unit is hours. IdTokenValidity duration can range from five minutes to one day.
A time unit of seconds, minutes, hours, or days for the value that you set in the RefreshTokenValidity parameter. The default RefreshTokenValidity time unit is days. RefreshTokenValidity duration can range from 60 minutes to 10 years.
A time unit for the value that you set in the RefreshTokenValidity parameter. The default RefreshTokenValidity time unit is days. RefreshTokenValidity duration can range from 60 minutes to 10 years.
The data type TokenValidityUnits specifies the time units you use when you set the duration of ID, access, and refresh tokens.
" + "documentation":"The time units that, with IdTokenValidity, AccessTokenValidity, and RefreshTokenValidity, set and display the duration of ID, access, and refresh tokens for an app client. You can assign a separate token validity unit to each type of token.
This data type is a request parameter of CreateUserPoolClient and UpdateUserPoolClient, and a response parameter of DescribeUserPoolClient.
" }, "TooManyFailedAttemptsException":{ "type":"structure", @@ -7524,19 +8239,19 @@ "members":{ "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool.
" + "documentation":"The ID of the user pool with hosted UI customizations.
" }, "ClientId":{ "shape":"ClientIdType", - "documentation":"The client ID for the client app.
" + "documentation":"The app client ID for your UI customization. When this value isn't present, the customization applies to all user pool app clients that don't have client-level settings..
" }, "ImageUrl":{ "shape":"ImageUrlType", - "documentation":"The logo image for the UI customization.
" + "documentation":"A URL path to the hosted logo image of your UI customization.
" }, "CSS":{ "shape":"CSSType", - "documentation":"The CSS values in the UI customization.
" + "documentation":"The CSS values in the UI customization. To get a template with your UI customization options, make a GetUiCustomization request.
" }, "CSSVersion":{ "shape":"CSSVersionType", @@ -7551,7 +8266,7 @@ "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
A container for the UI customization information for a user pool's built-in app UI.
" + "documentation":"A container for the UI customization information for the hosted UI in a user pool.
This data type is a response parameter of GetUICustomization.
" }, "UnauthorizedException":{ "type":"structure", @@ -7771,6 +8486,40 @@ } } }, + "UpdateManagedLoginBrandingRequest":{ + "type":"structure", + "members":{ + "UserPoolId":{ + "shape":"UserPoolIdType", + "documentation":"The ID of the user pool that contains the managed login branding style that you want to update.
" + }, + "ManagedLoginBrandingId":{ + "shape":"ManagedLoginBrandingIdType", + "documentation":"The ID of the managed login branding style that you want to update.
" + }, + "UseCognitoProvidedValues":{ + "shape":"BooleanType", + "documentation":"When true, applies the default branding style options. This option reverts to default style options that are managed by Amazon Cognito. You can modify them later in the branding designer.
When you specify true for this option, you must also omit values for Settings and Assets in the request.
A JSON file, encoded as a Document type, with the the settings that you want to apply to your style.
An array of image files that you want to apply to roles like backgrounds, logos, and icons. Each object must also indicate whether it is for dark mode, light mode, or browser-adaptive mode.
" + } + } + }, + "UpdateManagedLoginBrandingResponse":{ + "type":"structure", + "members":{ + "ManagedLoginBranding":{ + "shape":"ManagedLoginBrandingType", + "documentation":"The details of the branding style that you updated.
" + } + } + }, "UpdateResourceServerRequest":{ "type":"structure", "required":[ @@ -7884,11 +8633,11 @@ }, "ExplicitAuthFlows":{ "shape":"ExplicitAuthFlowsListType", - "documentation":"The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other ExplicitAuthFlows permitting them. For example users can complete an SRP challenge through USER_AUTH without the flow USER_SRP_AUTH being active for the app client. This flow doesn't include CUSTOM_AUTH.
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
A list of provider names for the IdPs that this client supports. The following are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon, and the names of your own SAML and OIDC providers.
A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
This setting applies to providers that you can access with the hosted UI and OAuth 2.0 authorization server. The removal of COGNITO from this list doesn't prevent authentication operations for local users with the user pools API in an Amazon Web Services SDK. The only way to prevent API-based authentication is to block access with a WAF rule.
Activates the propagation of additional user context data. For more information about propagation of user context data, see Adding advanced security to a user pool. If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate EnablePropagateAdditionalUserContextData in an app client that has a client secret.
Activates the propagation of additional user context data. For more information about propagation of user context data, see Adding advanced security to a user pool. If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate EnablePropagateAdditionalUserContextData in an app client that has a client secret.
The ID of the user pool that is associated with the custom domain whose certificate you're updating.
" }, + "ManagedLoginVersion":{ + "shape":"WrappedIntegerType", + "documentation":"A version number that indicates the state of managed login for your domain. Version 1 is hosted UI (classic). Version 2 is the newer managed login with the branding designer. For more information, see Managed login.
The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.
" + "documentation":"The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.
When you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain. Update the RP ID in a SetUserPoolMfaConfig request.
" } }, "documentation":"The UpdateUserPoolDomain request input.
" @@ -7973,6 +8726,10 @@ "UpdateUserPoolDomainResponse":{ "type":"structure", "members":{ + "ManagedLoginVersion":{ + "shape":"WrappedIntegerType", + "documentation":"A version number that indicates the state of managed login for your domain. Version 1 is hosted UI (classic). Version 2 is the newer managed login with the branding designer. For more information, see Managed login.
The Amazon CloudFront endpoint that Amazon Cognito set up when you added the custom domain to your user pool.
" @@ -8059,6 +8816,14 @@ "AccountRecoverySetting":{ "shape":"AccountRecoverySettingType", "documentation":"The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.
The updated name of your user pool.
" + }, + "UserPoolTier":{ + "shape":"UserPoolTierType", + "documentation":"The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.
Represents the request to update the user pool.
" @@ -8077,7 +8842,7 @@ "documentation":"Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn’t change the value of the attribute until your user responds to the verification message and confirms the new value.
You can verify an updated email address or phone number with a VerifyUserAttribute API request. You can also call the AdminUpdateUserAttributes API and set email_verified or phone_number_verified to true.
When AttributesRequireVerificationBeforeUpdate is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where AttributesRequireVerificationBeforeUpdate is false, API operations that change attribute values can immediately update a user’s email or phone_number attribute.
The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.
The settings for updates to user attributes. These settings include the property AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "UserContextDataType":{ "type":"structure", @@ -8091,7 +8856,7 @@ "documentation":"Encoded device-fingerprint details that your app collected with the Amazon Cognito context data collection library. For more information, see Adding user device and session data to API requests.
" } }, - "documentation":"Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
", + "documentation":"Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
This data type is a request parameter of public-client authentication operations like InitiateAuth and RespondToAuthChallenge.
", "sensitive":true }, "UserFilterType":{ @@ -8139,19 +8904,19 @@ "members":{ "JobName":{ "shape":"UserImportJobNameType", - "documentation":"The job name for the user import job.
" + "documentation":"The friendly name of the user import job.
" }, "JobId":{ "shape":"UserImportJobIdType", - "documentation":"The job ID for the user import job.
" + "documentation":"The ID of the user import job.
" }, "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool that the users are being imported into.
" + "documentation":"The ID of the user pool that the users are being imported into.
" }, "PreSignedUrl":{ "shape":"PreSignedUrlType", - "documentation":"The pre-signed URL to be used to upload the .csv file.
The pre-signed URL target for uploading the CSV file.
" }, "CreationDate":{ "shape":"DateType", @@ -8190,7 +8955,7 @@ "documentation":"The message returned when the user import job is completed.
" } }, - "documentation":"The user import job type.
" + "documentation":"A user import job in a user pool. Describes the status of user import with a CSV file. For more information, see Importing users into user pools from a CSV file.
This data type is a request parameter of CreateUserImportJob, DescribeUserImportJob, ListUserImportJobs, StartUserImportJob, and StopUserImportJob.
" }, "UserImportJobsListType":{ "type":"list", @@ -8256,25 +9021,25 @@ "documentation":"Advanced security configuration options for additional authentication types in your user pool, including custom authentication.
" } }, - "documentation":"User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to AUDIT. To configure automatic security responses to risky traffic to your user pool, set to ENFORCED.
For more information, see Adding advanced security to a user pool.
" + "documentation":"User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to AUDIT. To configure automatic security responses to risky traffic to your user pool, set to ENFORCED.
For more information, see Adding advanced security to a user pool.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "UserPoolClientDescription":{ "type":"structure", "members":{ "ClientId":{ "shape":"ClientIdType", - "documentation":"The ID of the client associated with the user pool.
" + "documentation":"The app client ID.
" }, "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool where you want to describe the user pool client.
" + "documentation":"The ID of the user pool that's associated with the app client.
" }, "ClientName":{ "shape":"ClientNameType", - "documentation":"The client name from the user pool client description.
" + "documentation":"The app client name.
" } }, - "documentation":"The description of the user pool client.
" + "documentation":"A short description of a user pool app client.
This data type is a response parameter of ListUserPoolClients.
" }, "UserPoolClientListType":{ "type":"list", @@ -8285,19 +9050,19 @@ "members":{ "UserPoolId":{ "shape":"UserPoolIdType", - "documentation":"The user pool ID for the user pool client.
" + "documentation":"The ID of the user pool associated with the app client.
" }, "ClientName":{ "shape":"ClientNameType", - "documentation":"The client name from the user pool request of the client type.
" + "documentation":"The name of the app client.
" }, "ClientId":{ "shape":"ClientIdType", - "documentation":"The ID of the client associated with the user pool.
" + "documentation":"The ID of the app client.
" }, "ClientSecret":{ "shape":"ClientSecretType", - "documentation":"The client secret from the user pool request of the client type.
" + "documentation":"The app client secret.
" }, "LastModifiedDate":{ "shape":"DateType", @@ -8321,7 +9086,7 @@ }, "TokenValidityUnits":{ "shape":"TokenValidityUnitsType", - "documentation":"The time units used to specify the token validity times of each token type: ID, access, and refresh.
" + "documentation":"The time units that, with IdTokenValidity, AccessTokenValidity, and RefreshTokenValidity, set and display the duration of ID, access, and refresh tokens for an app client. You can assign a separate token validity unit to each type of token.
The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.
If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
Valid values include:
ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers username-password, secure remote password (SRP), passwordless, and passkey authentication. This authentiation flow can do username-password and SRP authentication without other ExplicitAuthFlows permitting them. For example users can complete an SRP challenge through USER_AUTH without the flow USER_SRP_AUTH being active for the app client. This flow doesn't include CUSTOM_AUTH.
ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.
ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.
A list of provider names for the IdPs that this client supports. The following are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon, and the names of your own SAML and OIDC providers.
A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
This setting applies to providers that you can access with the hosted UI and OAuth 2.0 authorization server. The removal of COGNITO from this list doesn't prevent authentication operations for local users with the user pools API in an Amazon Web Services SDK. The only way to prevent API-based authentication is to block access with a WAF rule.
The allowed OAuth flows.
Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the /oauth2/token endpoint.
Issue the access token (and, optionally, ID token, based on scopes) directly to your user.
Issue the access token from the /oauth2/token endpoint directly to a non-person user using a combination of the client ID and client secret.
The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add client_credentials as the only allowed OAuth flow.
Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the /oauth2/token endpoint.
Issue the access token (and, optionally, ID token, based on scopes) directly to your user.
Issue the access token from the /oauth2/token endpoint directly to a non-person user using a combination of the client ID and client secret.
The OAuth scopes that your app client supports. Possible values that OAuth provides are phone, email, openid, and profile. Possible values that Amazon Web Services provides are aws.cognito.signin.user.admin. Amazon Cognito also supports custom scopes that you create in Resource Servers.
The OAuth 2.0 scopes that you want your app client to support. Can include standard OAuth scopes like phone, email, openid, and profile. Can also include the aws.cognito.signin.user.admin scope that authorizes user profile self-service operations and custom scopes from resource servers.
The Amazon Pinpoint analytics configuration for the user pool client.
Amazon Cognito user pools only support sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the Region where the user pool resides.
The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.
In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.
Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.
Contains information about a user pool client.
" + "documentation":"The configuration of a user pool client.
This data type is a request parameter of CreateUserPoolClient and UpdateUserPoolClient, and a response parameter of DescribeUserPoolClient.
" }, "UserPoolDescriptionType":{ "type":"structure", "members":{ "Id":{ "shape":"UserPoolIdType", - "documentation":"The ID in a user pool description.
" + "documentation":"The user pool ID.
" }, "Name":{ "shape":"UserPoolNameType", - "documentation":"The name in a user pool description.
" + "documentation":"The user pool name.
" }, "LambdaConfig":{ "shape":"LambdaConfigType", - "documentation":"The Lambda configuration information in a user pool description.
" + "documentation":"A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.
" }, "Status":{ "shape":"StatusType", - "documentation":"The user pool status in a user pool description.
", + "documentation":"The user pool status.
", "deprecated":true, "deprecatedMessage":"This property is no longer available." }, @@ -8417,7 +9182,7 @@ "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
A user pool description.
" + "documentation":"A short description of a user pool.
This data type is a response parameter of ListUserPools.
" }, "UserPoolIdType":{ "type":"string", @@ -8448,10 +9213,14 @@ "members":{ "PasswordPolicy":{ "shape":"PasswordPolicyType", - "documentation":"The password policy.
" + "documentation":"The password policy settings for a user pool, including complexity, history, and length requirements.
" + }, + "SignInPolicy":{ + "shape":"SignInPolicyType", + "documentation":"The policy for allowed types of authentication in a user pool.
" } }, - "documentation":"The policy associated with a user pool.
" + "documentation":"A list of user pool policies. Contains the policy that sets password-complexity requirements.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "UserPoolTaggingException":{ "type":"structure", @@ -8470,6 +9239,14 @@ "key":{"shape":"TagKeysType"}, "value":{"shape":"TagValueType"} }, + "UserPoolTierType":{ + "type":"string", + "enum":[ + "LITE", + "ESSENTIALS", + "PLUS" + ] + }, "UserPoolType":{ "type":"structure", "members":{ @@ -8483,7 +9260,7 @@ }, "Policies":{ "shape":"UserPoolPolicyType", - "documentation":"The policies associated with the user pool.
" + "documentation":"A list of user pool policies. Contains the policy that sets password-complexity requirements.
" }, "DeletionProtection":{ "shape":"DeletionProtectionType", @@ -8491,7 +9268,7 @@ }, "LambdaConfig":{ "shape":"LambdaConfigType", - "documentation":"The Lambda triggers associated with the user pool.
" + "documentation":"A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.
" }, "Status":{ "shape":"StatusType", @@ -8509,7 +9286,7 @@ }, "SchemaAttributes":{ "shape":"SchemaAttributesListType", - "documentation":"A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.
Developer-only attributes are a legacy feature of user pools, are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
" + "documentation":"A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.
Developer-only attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
" }, "AutoVerifiedAttributes":{ "shape":"VerifiedAttributesListType", @@ -8517,7 +9294,7 @@ }, "AliasAttributes":{ "shape":"AliasAttributesListType", - "documentation":"The attributes that are aliased in a user pool.
" + "documentation":"Attributes supported as an alias for this user pool. An alias is an attribute that users can enter as an alternative username. Possible values: phone_number, email, or preferred_username.
" }, "UsernameAttributes":{ "shape":"UsernameAttributesListType", @@ -8537,7 +9314,7 @@ }, "VerificationMessageTemplate":{ "shape":"VerificationMessageTemplateType", - "documentation":"The template for verification messages.
" + "documentation":"The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
" }, "SmsAuthenticationMessage":{ "shape":"SmsVerificationMessageType", @@ -8565,7 +9342,7 @@ }, "SmsConfiguration":{ "shape":"SmsConfigurationType", - "documentation":"The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
" + "documentation":"User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
" }, "UserPoolTags":{ "shape":"UserPoolTagsType", @@ -8597,18 +9374,22 @@ }, "UsernameConfiguration":{ "shape":"UsernameConfigurationType", - "documentation":"Case sensitivity of the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.
Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to False (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, username, USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.
This configuration is immutable after you set it. For more information, see UsernameConfigurationType.
" }, "Arn":{ "shape":"ArnType", - "documentation":"The Amazon Resource Name (ARN) for the user pool.
" + "documentation":"The Amazon Resource Name (ARN) of the user pool.
" }, "AccountRecoverySetting":{ "shape":"AccountRecoverySettingType", "documentation":"The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.
The user pool feature plan, or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS.
A container for information about the user pool.
" + "documentation":"The configuration of a user pool.
This data type is a response parameter of CreateUserPool, UpdateUserPool, and DescribeUserPool.
" }, "UserStatusType":{ "type":"string", @@ -8628,15 +9409,15 @@ "members":{ "Username":{ "shape":"UsernameType", - "documentation":"The user name of the user you want to describe.
" + "documentation":"The user's username.
" }, "Attributes":{ "shape":"AttributeListType", - "documentation":"A container with information about the user type attributes.
" + "documentation":"Names and values of a user's attributes, for example email.
The creation date of the user.
" + "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
Specifies whether the user is enabled.
" + "documentation":"Indicates whether the user's account is enabled or disabled.
" }, "UserStatus":{ "shape":"UserStatusType", @@ -8652,10 +9433,17 @@ }, "MFAOptions":{ "shape":"MFAOptionListType", - "documentation":"The MFA options for the user.
" + "documentation":"The user's MFA configuration.
" } }, - "documentation":"A user profile in a Amazon Cognito user pool.
" + "documentation":"A user profile in a Amazon Cognito user pool.
This data type is a response parameter to AdminCreateUser and ListUsers.
" + }, + "UserVerificationType":{ + "type":"string", + "enum":[ + "required", + "preferred" + ] }, "UsernameAttributeType":{ "type":"string", @@ -8674,10 +9462,10 @@ "members":{ "CaseSensitive":{ "shape":"WrappedBooleanType", - "documentation":"Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.
Valid values include:
Enables case sensitivity for all username input. When this option is set to True, users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
Enables case insensitivity for all username input. For example, when this option is set to False, users can sign in using username, USERNAME, or UserName. This option also enables both preferred_username and email alias to be case insensitive, in addition to the username attribute.
Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to False (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.
Valid values include:
Enables case sensitivity for all username input. When this option is set to true, users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
Enables case insensitivity for all username input. For example, when this option is set to false, users can sign in using username, USERNAME, or UserName. This option also enables both preferred_username and email alias to be case insensitive, in addition to the username attribute.
The username configuration type.
" + "documentation":"The configuration of a user pool for username case sensitivity.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "UsernameExistsException":{ "type":"structure", @@ -8726,10 +9514,10 @@ }, "DefaultEmailOption":{ "shape":"DefaultEmailOptionType", - "documentation":"The default email option.
" + "documentation":"The configuration of verification emails to contain a clickable link or a verification code.
For link, your template body must contain link text in the format {##Click here##}. \"Click here\" in the example is a customizable string. For code, your template body must contain a code placeholder in the format {####}.
The template for verification messages.
" + "documentation":"The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.
" }, "VerifiedAttributeType":{ "type":"string", @@ -8813,7 +9601,130 @@ }, "documentation":"A container representing the response from the server from the request to verify user attributes.
" }, - "WrappedBooleanType":{"type":"boolean"} + "WebAuthnAuthenticatorAttachmentType":{"type":"string"}, + "WebAuthnAuthenticatorTransportType":{"type":"string"}, + "WebAuthnAuthenticatorTransportsList":{ + "type":"list", + "member":{"shape":"WebAuthnAuthenticatorTransportType"} + }, + "WebAuthnChallengeNotFoundException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when the challenge from StartWebAuthn registration has expired.
This exception is thrown when the access token is for a different client than the one in the original StartWebAuthnRegistration request.
This exception is thrown when a user pool doesn't have a configured relying party id or a user pool domain.
", + "exception":true + }, + "WebAuthnConfigurationType":{ + "type":"structure", + "members":{ + "RelyingPartyId":{ + "shape":"RelyingPartyIdType", + "documentation":"Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.
Under the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:
The user pool is configured for passkey authentication.
The user pool has a custom domain, whether or not it also has a prefix domain.
Your application performs authentication with managed login or the classic hosted UI.
Sets or displays your user-pool treatment for MFA with a passkey. You can override other MFA options and require passkey MFA, or you can set it as preferred. When passkey MFA is preferred, the hosted UI encourages users to register a passkey at sign-in.
" + } + }, + "documentation":"Settings for multi-factor authentication (MFA) with passkey, or webauthN, biometric and security-key devices in a user pool. Configures the following:
Configuration at the user-pool level for whether you want to require passkey configuration as an MFA factor, or include it as a choice.
The user pool relying-party ID. This is the user pool domain that user's passkey providers should trust as a receiver of passkey authentication.
The providers that you want to allow as origins for passkey authentication.
This data type is a request parameter of SetUserPoolMfaConfig and a response parameter of GetUserPoolMfaConfig.
" + }, + "WebAuthnCredentialDescription":{ + "type":"structure", + "required":[ + "CredentialId", + "FriendlyCredentialName", + "RelyingPartyId", + "AuthenticatorTransports", + "CreatedAt" + ], + "members":{ + "CredentialId":{ + "shape":"StringType", + "documentation":"The unique identifier of the passkey credential.
" + }, + "FriendlyCredentialName":{ + "shape":"StringType", + "documentation":"An automatically-generated friendly name for the passkey credential.
" + }, + "RelyingPartyId":{ + "shape":"StringType", + "documentation":"The relying-party ID of the provider for the passkey credential.
" + }, + "AuthenticatorAttachment":{ + "shape":"WebAuthnAuthenticatorAttachmentType", + "documentation":"The general category of the passkey authenticator. Can be a platform, or on-device authenticator like a built-in fingerprint scanner, or a cross-platform device that's not attached to the device like a Bluetooth security key.
" + }, + "AuthenticatorTransports":{ + "shape":"WebAuthnAuthenticatorTransportsList", + "documentation":"Information about the transport methods of the passkey credential, for example USB or Bluetooth Low Energy.
" + }, + "CreatedAt":{ + "shape":"DateType", + "documentation":"The date and time when the item was created. Amazon Cognito returns this timestamp in UNIX epoch time format. Your SDK might render the output in a human-readable format like ISO 8601 or a Java Date object.
The details of a passkey, or webauthN, biometric or security-key authentication factor for a user.
This data type is a response parameter of ListWebAuthnCredentials.
" + }, + "WebAuthnCredentialDescriptionListType":{ + "type":"list", + "member":{"shape":"WebAuthnCredentialDescription"} + }, + "WebAuthnCredentialNotSupportedException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when a user presents passkey credentials from an unsupported device or provider.
", + "exception":true + }, + "WebAuthnCredentialsQueryLimitType":{ + "type":"integer", + "max":20, + "min":0 + }, + "WebAuthnNotEnabledException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when the passkey feature isn't enabled for the user pool.
", + "exception":true + }, + "WebAuthnOriginNotAllowedException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when the passkey credential's registration origin does not align with the user pool relying party id.
", + "exception":true + }, + "WebAuthnRelyingPartyMismatchException":{ + "type":"structure", + "members":{ + "message":{"shape":"MessageType"} + }, + "documentation":"This exception is thrown when the given passkey credential is associated with a different relying party ID than the user pool relying party ID.
", + "exception":true + }, + "WrappedBooleanType":{"type":"boolean"}, + "WrappedIntegerType":{"type":"integer"} }, "documentation":"With the Amazon Cognito user pools API, you can configure user pools and authenticate users. To authenticate users from third-party identity providers (IdPs) in this API, you can link IdP users to native user profiles. Learn more about the authentication and authorization of federated users at Adding user pool sign-in through a third party and in the User pool federation endpoints and hosted UI reference.
This API reference provides detailed information about API operations and object types in Amazon Cognito.
Along with resource management operations, the Amazon Cognito user pools API includes classes of operations and authorization models for client-side and server-side authentication of users. You can interact with operations in the Amazon Cognito user pools API as any of the following subjects.
An administrator who wants to configure user pools, app clients, users, groups, or other user pool functions.
A server-side app, like a web application, that wants to use its Amazon Web Services privileges to manage, authenticate, or authorize a user.
A client-side app, like a mobile app, that wants to make unauthenticated requests to manage, authenticate, or authorize a user.
For more information, see Using the Amazon Cognito user pools API and user pool endpoints in the Amazon Cognito Developer Guide.
With your Amazon Web Services SDK, you can build the logic to support operational flows in every use case for this API. You can also make direct REST API requests to Amazon Cognito user pools service endpoints. The following links can get you started with the CognitoIdentityProvider client in other supported Amazon Web Services SDKs.
To get started with an Amazon Web Services SDK, see Tools to Build on Amazon Web Services. For example actions and scenarios, see Code examples for Amazon Cognito Identity Provider using Amazon Web Services SDKs.
" } diff --git a/botocore/data/connect/2017-08-08/service-2.json b/botocore/data/connect/2017-08-08/service-2.json index 6177fd6df9..39a2b1528a 100644 --- a/botocore/data/connect/2017-08-08/service-2.json +++ b/botocore/data/connect/2017-08-08/service-2.json @@ -419,6 +419,27 @@ ], "documentation":"This API is in preview release for Amazon Connect and is subject to change.
Creates an agent status for the specified Amazon Connect instance.
" }, + "CreateContact":{ + "name":"CreateContact", + "http":{ + "method":"PUT", + "requestUri":"/contact/create-contact" + }, + "input":{"shape":"CreateContactRequest"}, + "output":{"shape":"CreateContactResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InternalServiceException"}, + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"IdempotencyException"}, + {"shape":"ConflictException"}, + {"shape":"ServiceQuotaExceededException"} + ], + "documentation":"" + }, "CreateContactFlow":{ "name":"CreateContactFlow", "http":{ @@ -480,6 +501,28 @@ ], "documentation":"Publishes a new version of the flow provided. Versions are immutable and monotonically increasing. If a version of the same flow content already exists, no new version is created and instead the existing version number is returned. If the FlowContentSha256 provided is different from the FlowContentSha256 of the $LATEST published flow content, then an error is returned. This API only supports creating versions for flows of type Campaign.
Deletes the specified flow module.
" }, + "DeleteEmailAddress":{ + "name":"DeleteEmailAddress", + "http":{ + "method":"DELETE", + "requestUri":"/email-addresses/{InstanceId}/{EmailAddressId}" + }, + "input":{"shape":"DeleteEmailAddressRequest"}, + "output":{"shape":"DeleteEmailAddressResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterException"}, + {"shape":"InvalidRequestException"}, + {"shape":"InternalServiceException"}, + {"shape":"ResourceConflictException"} + ], + "documentation":"" + }, "DeleteEvaluationForm":{ "name":"DeleteEvaluationForm", "http":{ @@ -1381,6 +1443,24 @@ ], "documentation":"Describes the specified flow module.
Use the $SAVED alias in the request to describe the SAVED content of a Flow. For example, arn:aws:.../contact-flow/{id}:$SAVED. Once a contact flow is published, $SAVED needs to be supplied to view saved content that has not been published.
This API is in preview release for Amazon Connect and is subject to change.
Returns a paginated list of all approved origins associated with the instance.
" }, + "ListAssociatedContacts":{ + "name":"ListAssociatedContacts", + "http":{ + "method":"GET", + "requestUri":"/contact/associated/{InstanceId}" + }, + "input":{"shape":"ListAssociatedContactsRequest"}, + "output":{"shape":"ListAssociatedContactsResponse"}, + "errors":[ + {"shape":"InternalServiceException"}, + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"} + ], + "documentation":"" + }, "ListAuthenticationProfiles":{ "name":"ListAuthenticationProfiles", "http":{ @@ -3127,6 +3224,24 @@ ], "documentation":"Searches contacts in an Amazon Connect instance.
" }, + "SearchEmailAddresses":{ + "name":"SearchEmailAddresses", + "http":{ + "method":"POST", + "requestUri":"/search-email-addresses" + }, + "input":{"shape":"SearchEmailAddressesRequest"}, + "output":{"shape":"SearchEmailAddressesResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterException"}, + {"shape":"InvalidRequestException"}, + {"shape":"InternalServiceException"} + ], + "documentation":"" + }, "SearchHoursOfOperations":{ "name":"SearchHoursOfOperations", "http":{ @@ -3331,6 +3446,25 @@ ], "documentation":"Processes chat integration events from Amazon Web Services or external integrations to Amazon Connect. A chat integration event includes:
SourceId, DestinationId, and Subtype: a set of identifiers, uniquely representing a chat
ChatEvent: details of the chat action to perform such as sending a message, event, or disconnecting from a chat
When a chat integration event is sent with chat identifiers that do not map to an active chat contact, a new chat contact is also created before handling chat action.
Access to this API is currently restricted to Amazon Pinpoint for supporting SMS integration.
" }, + "SendOutboundEmail":{ + "name":"SendOutboundEmail", + "http":{ + "method":"PUT", + "requestUri":"/instance/{InstanceId}/outbound-email" + }, + "input":{"shape":"SendOutboundEmailRequest"}, + "output":{"shape":"SendOutboundEmailResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"IdempotencyException"} + ], + "documentation":"" + }, "StartAttachedFileUpload":{ "name":"StartAttachedFileUpload", "http":{ @@ -3418,6 +3552,25 @@ ], "documentation":"Initiates real-time message streaming for a new chat contact.
For more information about message streaming, see Enable real-time chat message streaming in the Amazon Connect Administrator Guide.
For more information about chat, see the following topics in the Amazon Connect Administrator Guide:
" }, + "StartEmailContact":{ + "name":"StartEmailContact", + "http":{ + "method":"PUT", + "requestUri":"/contact/email" + }, + "input":{"shape":"StartEmailContactRequest"}, + "output":{"shape":"StartEmailContactResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"IdempotencyException"} + ], + "documentation":"" + }, "StartOutboundChatContact":{ "name":"StartOutboundChatContact", "http":{ @@ -3437,6 +3590,25 @@ ], "documentation":"Initiates a new outbound SMS contact to a customer. Response of this API provides the ContactId of the outbound SMS contact created.
SourceEndpoint only supports Endpoints with CONNECT_PHONENUMBER_ARN as Type and DestinationEndpoint only supports Endpoints with TELEPHONE_NUMBER as Type. ContactFlowId initiates the flow to manage the new SMS contact created.
This API can be used to initiate outbound SMS contacts for an agent or it can also deflect an ongoing contact to an outbound SMS contact by using the StartOutboundChatContact Flow Action.
For more information about using SMS in Amazon Connect, see the following topics in the Amazon Connect Administrator Guide:
" }, + "StartOutboundEmailContact":{ + "name":"StartOutboundEmailContact", + "http":{ + "method":"PUT", + "requestUri":"/contact/outbound-email" + }, + "input":{"shape":"StartOutboundEmailContactRequest"}, + "output":{"shape":"StartOutboundEmailContactResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"IdempotencyException"} + ], + "documentation":"" + }, "StartOutboundVoiceContact":{ "name":"StartOutboundVoiceContact", "http":{ @@ -3887,6 +4059,25 @@ ], "documentation":"Updates the scheduled time of a task contact that is already scheduled.
" }, + "UpdateEmailAddressMetadata":{ + "name":"UpdateEmailAddressMetadata", + "http":{ + "method":"POST", + "requestUri":"/email-addresses/{InstanceId}/{EmailAddressId}" + }, + "input":{"shape":"UpdateEmailAddressMetadataRequest"}, + "output":{"shape":"UpdateEmailAddressMetadataResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"InternalServiceException"}, + {"shape":"IdempotencyException"} + ], + "documentation":"" + }, "UpdateEvaluationForm":{ "name":"UpdateEvaluationForm", "http":{ @@ -4109,6 +4300,24 @@ ], "documentation":"This API is in preview release for Amazon Connect and is subject to change.
Updates the outbound caller ID name, number, and outbound whisper flow for a specified queue.
If the phone number is claimed to a traffic distribution group that was created in the same Region as the Amazon Connect instance where you are calling this API, then you can use a full phone number ARN or a UUID for OutboundCallerIdNumberId. However, if the phone number is claimed to a traffic distribution group that is in one Region, and you are calling this API from an instance in another Amazon Web Services Region that is associated with the traffic distribution group, you must provide a full phone number ARN. If a UUID is provided in this scenario, you will receive a ResourceNotFoundException.
Only use the phone number ARN format that doesn't contain instance in the path, for example, arn:aws:connect:us-east-1:1234567890:phone-number/uuid. This is the same ARN format that is returned when you call the ListPhoneNumbersV2 API.
If you plan to use IAM policies to allow/deny access to this API for phone number resources claimed to a traffic distribution group, see Allow or Deny queue API actions for phone numbers in a replica Region.
Status of the attachment reference type.
" + }, + "Arn":{ + "shape":"ReferenceArn", + "documentation":"" } }, "documentation":"Information about a reference when the referenceType is ATTACHMENT. Otherwise, null.
A leaf node condition which can be used to specify a ProficiencyName, ProficiencyValue and ProficiencyLimit.
" }, + "ConditionalOperationFailedException":{ + "type":"structure", + "members":{ + "Message":{"shape":"Message"} + }, + "documentation":"", + "error":{"httpStatusCode":409}, + "exception":true + }, "Conditions":{ "type":"list", "member":{"shape":"Condition"} @@ -6350,6 +6646,10 @@ "shape":"ContactId", "documentation":"If this contact is not the first contact, this is the ID of the previous contact.
" }, + "ContactAssociationId":{ + "shape":"ContactId", + "documentation":"" + }, "InitiationMethod":{ "shape":"ContactInitiationMethod", "documentation":"Indicates how the contact was initiated.
" @@ -6414,6 +6714,14 @@ "shape":"WisdomInfo", "documentation":"Information about Amazon Connect Wisdom.
" }, + "CustomerEndpoint":{ + "shape":"EndpointInfo", + "documentation":"" + }, + "SystemEndpoint":{ + "shape":"EndpointInfo", + "documentation":"" + }, "QueueTimeAdjustmentSeconds":{ "shape":"QueueTimeAdjustmentSeconds", "documentation":"An integer that represents the queue time adjust to be applied to the contact, in seconds (longer / larger queue time are routed preferentially). Cannot be specified if the QueuePriority is specified. Must be statically defined and a valid integer value.
" @@ -6455,6 +6763,10 @@ "shape":"DisconnectDetails", "documentation":"Information about the call disconnect experience.
" }, + "AdditionalEmailRecipients":{ + "shape":"AdditionalEmailRecipients", + "documentation":"" + }, "SegmentAttributes":{ "shape":"SegmentAttributes", "documentation":"A set of system defined key-value pairs stored on individual contact segments using an attribute map. The attributes are standard Amazon Connect attributes and can be accessed in flows. Attribute keys can include only alphanumeric, -, and _ characters. This field can be used to show channel subtype. For example, connect:Guide or connect:SMS.
The timestamp, in Unix epoch time format, at which to start running the inbound flow.
" + }, + "SegmentAttributes":{ + "shape":"ContactSearchSummarySegmentAttributes", + "documentation":"" } }, "documentation":"Information of returned contact.
" @@ -6978,6 +7297,21 @@ }, "documentation":"If this contact was queued, this contains information about the queue.
" }, + "ContactSearchSummarySegmentAttributeValue":{ + "type":"structure", + "members":{ + "ValueString":{ + "shape":"SegmentAttributeValueString", + "documentation":"" + } + }, + "documentation":"" + }, + "ContactSearchSummarySegmentAttributes":{ + "type":"map", + "key":{"shape":"SegmentAttributeName"}, + "value":{"shape":"ContactSearchSummarySegmentAttributeValue"} + }, "ContactState":{ "type":"string", "enum":[ @@ -7309,43 +7643,167 @@ } } }, - "CreateEvaluationFormRequest":{ + "CreateContactRequest":{ "type":"structure", "required":[ "InstanceId", - "Title", - "Items" + "Channel", + "InitiationMethod" ], "members":{ "InstanceId":{ "shape":"InstanceId", - "documentation":"The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", - "location":"uri", - "locationName":"InstanceId" + "documentation":"" }, - "Title":{ - "shape":"EvaluationFormTitle", - "documentation":"A title of the evaluation form.
" + "ClientToken":{ + "shape":"ClientToken", + "documentation":"", + "idempotencyToken":true }, - "Description":{ - "shape":"EvaluationFormDescription", - "documentation":"The description of the evaluation form.
" + "RelatedContactId":{ + "shape":"ContactId", + "documentation":"" }, - "Items":{ - "shape":"EvaluationFormItemsList", - "documentation":"Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.
" + "Attributes":{ + "shape":"Attributes", + "documentation":"" }, - "ScoringStrategy":{ - "shape":"EvaluationFormScoringStrategy", - "documentation":"A scoring strategy of the evaluation form.
" + "References":{ + "shape":"ContactReferences", + "documentation":"" }, - "ClientToken":{ - "shape":"ClientToken", - "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
", - "idempotencyToken":true - } - } - }, + "Channel":{ + "shape":"Channel", + "documentation":"" + }, + "InitiationMethod":{ + "shape":"ContactInitiationMethod", + "documentation":"" + }, + "ExpiryDurationInMinutes":{ + "shape":"ExpiryDurationInMinutes", + "documentation":"" + }, + "UserInfo":{ + "shape":"UserInfo", + "documentation":"" + }, + "InitiateAs":{ + "shape":"InitiateAs", + "documentation":"" + }, + "Name":{ + "shape":"Name", + "documentation":"" + }, + "Description":{ + "shape":"Description", + "documentation":"" + }, + "SegmentAttributes":{ + "shape":"SegmentAttributes", + "documentation":"" + } + } + }, + "CreateContactResponse":{ + "type":"structure", + "members":{ + "ContactId":{ + "shape":"ContactId", + "documentation":"" + }, + "ContactArn":{ + "shape":"ARN", + "documentation":"" + } + } + }, + "CreateEmailAddressRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "EmailAddress" + ], + "members":{ + "Description":{ + "shape":"Description", + "documentation":"" + }, + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "EmailAddress":{ + "shape":"EmailAddress", + "documentation":"" + }, + "DisplayName":{ + "shape":"EmailAddressDisplayName", + "documentation":"" + }, + "Tags":{ + "shape":"TagMap", + "documentation":"" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"" + } + } + }, + "CreateEmailAddressResponse":{ + "type":"structure", + "members":{ + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"" + }, + "EmailAddressArn":{ + "shape":"EmailAddressArn", + "documentation":"" + } + } + }, + "CreateEvaluationFormRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "Title", + "Items" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", + "location":"uri", + "locationName":"InstanceId" + }, + "Title":{ + "shape":"EvaluationFormTitle", + "documentation":"A title of the evaluation form.
" + }, + "Description":{ + "shape":"EvaluationFormDescription", + "documentation":"The description of the evaluation form.
" + }, + "Items":{ + "shape":"EvaluationFormItemsList", + "documentation":"Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.
" + }, + "ScoringStrategy":{ + "shape":"EvaluationFormScoringStrategy", + "documentation":"A scoring strategy of the evaluation form.
" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
", + "idempotencyToken":true + } + } + }, "CreateEvaluationFormResponse":{ "type":"structure", "required":[ @@ -7696,6 +8154,10 @@ "shape":"OutboundCallerConfig", "documentation":"The outbound caller ID name, number, and outbound whisper flow.
" }, + "OutboundEmailConfig":{ + "shape":"OutboundEmailConfig", + "documentation":"" + }, "HoursOfOperationId":{ "shape":"HoursOfOperationId", "documentation":"The identifier for the hours of operation.
" @@ -7989,6 +8451,10 @@ "shape":"ContactFlowId", "documentation":"The identifier of the flow that runs by default when a task is created by referencing this template.
" }, + "SelfAssignFlowId":{ + "shape":"ContactFlowId", + "documentation":"" + }, "Constraints":{ "shape":"TaskTemplateConstraints", "documentation":"Constraints that are applicable to the fields listed.
" @@ -8521,6 +8987,7 @@ }, "documentation":"Information about the Customer on the contact.
" }, + "CustomerProfileAttributesSerialized":{"type":"string"}, "CustomerQualityMetrics":{ "type":"structure", "members":{ @@ -8761,6 +9228,32 @@ "members":{ } }, + "DeleteEmailAddressRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "EmailAddressId" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"", + "location":"uri", + "locationName":"EmailAddressId" + } + } + }, + "DeleteEmailAddressResponse":{ + "type":"structure", + "members":{ + } + }, "DeleteEvaluationFormRequest":{ "type":"structure", "required":[ @@ -9393,6 +9886,64 @@ } } }, + "DescribeEmailAddressRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "EmailAddressId" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"", + "location":"uri", + "locationName":"EmailAddressId" + } + } + }, + "DescribeEmailAddressResponse":{ + "type":"structure", + "members":{ + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"" + }, + "EmailAddressArn":{ + "shape":"EmailAddressArn", + "documentation":"" + }, + "EmailAddress":{ + "shape":"EmailAddress", + "documentation":"" + }, + "DisplayName":{ + "shape":"EmailAddressDisplayName", + "documentation":"" + }, + "Description":{ + "shape":"Description", + "documentation":"" + }, + "CreateTimestamp":{ + "shape":"ISO8601Datetime", + "documentation":"" + }, + "ModifiedTimestamp":{ + "shape":"ISO8601Datetime", + "documentation":"" + }, + "Tags":{ + "shape":"TagMap", + "documentation":"" + } + } + }, "DescribeEvaluationFormRequest":{ "type":"structure", "required":[ @@ -10475,6 +11026,188 @@ "type":"string", "sensitive":true }, + "EmailAddress":{ + "type":"string", + "max":255, + "min":1, + "pattern":"[^\\s@]+@[^\\s@]+\\.[^\\s@]+", + "sensitive":true + }, + "EmailAddressArn":{ + "type":"string", + "max":500, + "min":1 + }, + "EmailAddressDisplayName":{ + "type":"string", + "max":256, + "min":0, + "sensitive":true + }, + "EmailAddressId":{ + "type":"string", + "max":500, + "min":1 + }, + "EmailAddressInfo":{ + "type":"structure", + "required":["EmailAddress"], + "members":{ + "EmailAddress":{ + "shape":"EmailAddress", + "documentation":"" + }, + "DisplayName":{ + "shape":"EmailAddressDisplayName", + "documentation":"" + } + }, + "documentation":"" + }, + "EmailAddressList":{ + "type":"list", + "member":{"shape":"EmailAddressMetadata"} + }, + "EmailAddressMetadata":{ + "type":"structure", + "members":{ + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"" + }, + "EmailAddressArn":{ + "shape":"EmailAddressArn", + "documentation":"" + }, + "EmailAddress":{ + "shape":"EmailAddress", + "documentation":"" + }, + "Description":{ + "shape":"Description", + "documentation":"" + }, + "DisplayName":{ + "shape":"EmailAddressDisplayName", + "documentation":"" + } + }, + "documentation":"" + }, + "EmailAddressRecipientList":{ + "type":"list", + "member":{"shape":"EmailAddressInfo"}, + "max":10, + "min":1 + }, + "EmailAddressSearchConditionList":{ + "type":"list", + "member":{"shape":"EmailAddressSearchCriteria"} + }, + "EmailAddressSearchCriteria":{ + "type":"structure", + "members":{ + "OrConditions":{ + "shape":"EmailAddressSearchConditionList", + "documentation":"" + }, + "AndConditions":{ + "shape":"EmailAddressSearchConditionList", + "documentation":"" + }, + "StringCondition":{"shape":"StringCondition"} + }, + "documentation":"" + }, + "EmailAddressSearchFilter":{ + "type":"structure", + "members":{ + "TagFilter":{"shape":"ControlPlaneTagFilter"} + }, + "documentation":"" + }, + "EmailAttachment":{ + "type":"structure", + "required":[ + "FileName", + "S3Url" + ], + "members":{ + "FileName":{ + "shape":"FileName", + "documentation":"" + }, + "S3Url":{ + "shape":"PreSignedAttachmentUrl", + "documentation":"" + } + }, + "documentation":"" + }, + "EmailAttachments":{ + "type":"list", + "member":{"shape":"EmailAttachment"}, + "max":10, + "min":1, + "sensitive":true + }, + "EmailHeaderType":{ + "type":"string", + "enum":[ + "REFERENCES", + "MESSAGE_ID", + "IN_REPLY_TO", + "X_SES_SPAM_VERDICT", + "X_SES_VIRUS_VERDICT" + ] + }, + "EmailHeaderValue":{ + "type":"string", + "max":20000, + "min":1 + }, + "EmailHeaders":{ + "type":"map", + "key":{"shape":"EmailHeaderType"}, + "value":{"shape":"EmailHeaderValue"} + }, + "EmailMessageContentType":{ + "type":"string", + "max":100, + "min":1 + }, + "EmailMessageReference":{ + "type":"structure", + "members":{ + "Name":{ + "shape":"ReferenceKey", + "documentation":"" + }, + "Arn":{ + "shape":"ReferenceArn", + "documentation":"" + } + }, + "documentation":"" + }, + "EmailRecipient":{ + "type":"structure", + "members":{ + "Address":{ + "shape":"EndpointAddress", + "documentation":"" + }, + "DisplayName":{ + "shape":"EndpointDisplayName", + "documentation":"" + } + }, + "documentation":"" + }, + "EmailRecipientsList":{ + "type":"list", + "member":{"shape":"EmailRecipient"} + }, "EmailReference":{ "type":"structure", "members":{ @@ -10542,13 +11275,37 @@ "max":256, "min":0 }, + "EndpointDisplayName":{ + "type":"string", + "max":256, + "min":0 + }, + "EndpointInfo":{ + "type":"structure", + "members":{ + "Type":{ + "shape":"EndpointType", + "documentation":"" + }, + "Address":{ + "shape":"EndpointAddress", + "documentation":"" + }, + "DisplayName":{ + "shape":"EndpointDisplayName", + "documentation":"" + } + }, + "documentation":"" + }, "EndpointType":{ "type":"string", "enum":[ "TELEPHONE_NUMBER", "VOIP", "CONTACT_FLOW", - "CONNECT_PHONENUMBER_ARN" + "CONNECT_PHONENUMBER_ARN", + "EMAIL_ADDRESS" ] }, "ErrorCode":{"type":"string"}, @@ -11469,6 +12226,7 @@ }, "documentation":"An object to specify the expiration of a routing step.
" }, + "ExpiryDurationInMinutes":{"type":"integer"}, "Expression":{ "type":"structure", "members":{ @@ -11590,6 +12348,7 @@ "FileIdList":{ "type":"list", "member":{"shape":"FileId"}, + "max":100, "min":1 }, "FileName":{ @@ -11614,7 +12373,10 @@ }, "FileUseCaseType":{ "type":"string", - "enum":["ATTACHMENT"] + "enum":[ + "EMAIL_MESSAGE", + "ATTACHMENT" + ] }, "FilterV2":{ "type":"structure", @@ -11666,7 +12428,11 @@ }, "FlowAssociationResourceType":{ "type":"string", - "enum":["SMS_PHONE_NUMBER"] + "enum":[ + "SMS_PHONE_NUMBER", + "INBOUND_EMAIL", + "OUTBOUND_EMAIL" + ] }, "FlowAssociationSummary":{ "type":"structure", @@ -12226,6 +12992,10 @@ "shape":"ContactFlowId", "documentation":"The identifier of the flow that runs by default when a task is created by referencing this template.
" }, + "SelfAssignFlowId":{ + "shape":"ContactFlowId", + "documentation":"" + }, "Constraints":{ "shape":"TaskTemplateConstraints", "documentation":"Constraints that are applicable to the fields listed.
" @@ -12938,8 +13708,78 @@ } } }, + "InboundAdditionalRecipients":{ + "type":"structure", + "members":{ + "ToAddresses":{ + "shape":"EmailAddressRecipientList", + "documentation":"" + }, + "CcAddresses":{ + "shape":"EmailAddressRecipientList", + "documentation":"" + } + }, + "documentation":"" + }, "InboundCallsEnabled":{"type":"boolean"}, + "InboundEmailContent":{ + "type":"structure", + "required":["MessageSourceType"], + "members":{ + "MessageSourceType":{ + "shape":"InboundMessageSourceType", + "documentation":"" + }, + "RawMessage":{ + "shape":"InboundRawMessage", + "documentation":"" + } + }, + "documentation":"" + }, + "InboundMessageSourceType":{ + "type":"string", + "enum":["RAW"] + }, + "InboundRawMessage":{ + "type":"structure", + "required":[ + "Subject", + "Body", + "ContentType" + ], + "members":{ + "Subject":{ + "shape":"InboundSubject", + "documentation":"" + }, + "Body":{ + "shape":"Body", + "documentation":"" + }, + "ContentType":{ + "shape":"EmailMessageContentType", + "documentation":"" + }, + "Headers":{ + "shape":"EmailHeaders", + "documentation":"" + } + }, + "documentation":"" + }, + "InboundSubject":{ + "type":"string", + "max":998, + "min":0, + "sensitive":true + }, "Index":{"type":"integer"}, + "InitiateAs":{ + "type":"string", + "enum":["CONNECTED_TO_USER"] + }, "InitiationMethodList":{ "type":"list", "member":{"shape":"ContactInitiationMethod"} @@ -13112,7 +13952,8 @@ "CONTACT_EVALUATIONS", "SCREEN_RECORDINGS", "REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS", - "REAL_TIME_CONTACT_ANALYSIS_VOICE_SEGMENTS" + "REAL_TIME_CONTACT_ANALYSIS_VOICE_SEGMENTS", + "EMAIL_MESSAGES" ] }, "InstanceSummary":{ @@ -13229,7 +14070,8 @@ "Q_MESSAGE_TEMPLATES", "CASES_DOMAIN", "APPLICATION", - "FILE_SCANNER" + "FILE_SCANNER", + "SES_IDENTITY" ] }, "InternalServiceException":{ @@ -13604,6 +14446,57 @@ } } }, + "ListAssociatedContactsRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "ContactId" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "ContactId":{ + "shape":"ContactId", + "documentation":"", + "location":"querystring", + "locationName":"contactId" + }, + "MaxResults":{ + "shape":"ListAssociatedContactsRequestMaxResults", + "documentation":"", + "location":"querystring", + "locationName":"maxResults" + }, + "NextToken":{ + "shape":"NextToken", + "documentation":"", + "location":"querystring", + "locationName":"nextToken" + } + } + }, + "ListAssociatedContactsRequestMaxResults":{ + "type":"integer", + "max":100, + "min":1 + }, + "ListAssociatedContactsResponse":{ + "type":"structure", + "members":{ + "ContactSummaryList":{ + "shape":"AssociatedContactSummaryList", + "documentation":"" + }, + "NextToken":{ + "shape":"NextToken", + "documentation":"" + } + } + }, "ListAuthenticationProfilesRequest":{ "type":"structure", "required":["InstanceId"], @@ -14052,7 +14945,11 @@ }, "ListFlowAssociationResourceType":{ "type":"string", - "enum":["VOICE_PHONE_NUMBER"] + "enum":[ + "VOICE_PHONE_NUMBER", + "INBOUND_EMAIL", + "OUTBOUND_EMAIL" + ] }, "ListFlowAssociationsRequest":{ "type":"structure", @@ -15706,6 +16603,16 @@ }, "MeetingId":{"type":"string"}, "Message":{"type":"string"}, + "MessageTemplateId":{ + "type":"string", + "max":500, + "min":1 + }, + "MessageTemplateKnowledgeBaseId":{ + "type":"string", + "max":500, + "min":1 + }, "MetadataUrl":{ "type":"string", "max":2000, @@ -15880,7 +16787,7 @@ }, "Name":{ "type":"string", - "max":512, + "max":1024, "min":0, "sensitive":true }, @@ -16031,6 +16938,16 @@ "type":"list", "member":{"shape":"Origin"} }, + "OutboundAdditionalRecipients":{ + "type":"structure", + "members":{ + "CcEmailAddresses":{ + "shape":"EmailAddressRecipientList", + "documentation":"" + } + }, + "documentation":"" + }, "OutboundCallerConfig":{ "type":"structure", "members":{ @@ -16067,6 +16984,76 @@ "error":{"httpStatusCode":403}, "exception":true }, + "OutboundEmailConfig":{ + "type":"structure", + "members":{ + "OutboundEmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"" + } + }, + "documentation":"" + }, + "OutboundEmailContent":{ + "type":"structure", + "required":["MessageSourceType"], + "members":{ + "MessageSourceType":{ + "shape":"OutboundMessageSourceType", + "documentation":"" + }, + "TemplatedMessageConfig":{ + "shape":"TemplatedMessageConfig", + "documentation":"" + }, + "RawMessage":{ + "shape":"OutboundRawMessage", + "documentation":"" + } + }, + "documentation":"" + }, + "OutboundMessageSourceType":{ + "type":"string", + "enum":[ + "TEMPLATE", + "RAW" + ] + }, + "OutboundRawMessage":{ + "type":"structure", + "required":[ + "Subject", + "Body", + "ContentType" + ], + "members":{ + "Subject":{ + "shape":"OutboundSubject", + "documentation":"" + }, + "Body":{ + "shape":"Body", + "documentation":"" + }, + "ContentType":{ + "shape":"EmailMessageContentType", + "documentation":"" + } + }, + "documentation":"" + }, + "OutboundRequestId":{ + "type":"string", + "max":36, + "min":36 + }, + "OutboundSubject":{ + "type":"string", + "max":998, + "min":1, + "sensitive":true + }, "OutputTypeNotFoundException":{ "type":"structure", "members":{ @@ -16655,6 +17642,11 @@ "max":128, "min":0 }, + "PreSignedAttachmentUrl":{ + "type":"string", + "max":2000, + "min":1 + }, "PredefinedAttribute":{ "type":"structure", "members":{ @@ -17025,6 +18017,10 @@ "shape":"OutboundCallerConfig", "documentation":"The outbound caller ID name, number, and outbound whisper flow.
" }, + "OutboundEmailConfig":{ + "shape":"OutboundEmailConfig", + "documentation":"" + }, "HoursOfOperationId":{ "shape":"HoursOfOperationId", "documentation":"The identifier for the hours of operation.
" @@ -17846,10 +18842,7 @@ }, "Reference":{ "type":"structure", - "required":[ - "Value", - "Type" - ], + "required":["Type"], "members":{ "Value":{ "shape":"ReferenceValue", @@ -17858,10 +18851,28 @@ "Type":{ "shape":"ReferenceType", "documentation":"The type of the reference. DATE must be of type Epoch timestamp.
Well-formed data on a contact, used by agents to complete a contact request. You can have up to 4,096 UTF-8 bytes across all references for a contact.
" }, + "ReferenceArn":{ + "type":"string", + "max":256, + "min":20, + "pattern":"^[-:/A-Za-z0-9]+" + }, "ReferenceId":{ "type":"string", "max":40, @@ -17875,10 +18886,19 @@ "ReferenceStatus":{ "type":"string", "enum":[ + "AVAILABLE", + "DELETED", "APPROVED", - "REJECTED" + "REJECTED", + "PROCESSING", + "FAILED" ] }, + "ReferenceStatusReason":{ + "type":"string", + "max":100, + "min":0 + }, "ReferenceSummary":{ "type":"structure", "members":{ @@ -17890,6 +18910,10 @@ "shape":"AttachmentReference", "documentation":"Information about the reference when the referenceType is ATTACHMENT. Otherwise, null.
Information about a reference when the referenceType is STRING. Otherwise, null.
The list of queue IDs associated with contacts.
" }, - "SearchableContactAttributes":{ - "shape":"SearchableContactAttributes", - "documentation":"The search criteria based on user-defined contact attributes that have been configured for contact search. For more information, see Search by custom contact attributes in the Amazon Connect Administrator Guide.
To use SearchableContactAttributes in a search request, the GetContactAttributes action is required to perform an API request. For more information, see https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnect.html#amazonconnect-actions-as-permissionsActions defined by Amazon Connect.
The search criteria based on user-defined contact attributes that have been configured for contact search. For more information, see Search by custom contact attributes in the Amazon Connect Administrator Guide.
To use SearchableContactAttributes in a search request, the GetContactAttributes action is required to perform an API request. For more information, see https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonconnect.html#amazonconnect-actions-as-permissionsActions defined by Amazon Connect.
A structure of search criteria to be used to return contacts.
" + }, + "SearchEmailAddressesRequest":{ + "type":"structure", + "required":["InstanceId"], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"" + }, + "MaxResults":{ + "shape":"MaxResult100", + "documentation":"" + }, + "NextToken":{ + "shape":"NextToken2500", + "documentation":"" + }, + "SearchCriteria":{ + "shape":"EmailAddressSearchCriteria", + "documentation":"" + }, + "SearchFilter":{ + "shape":"EmailAddressSearchFilter", + "documentation":"" + } + } + }, + "SearchEmailAddressesResponse":{ + "type":"structure", + "members":{ + "NextToken":{ + "shape":"NextToken", + "documentation":"" + }, + "EmailAddresses":{ + "shape":"EmailAddressList", + "documentation":"" + }, + "ApproximateTotalCount":{ + "shape":"ApproximateTotalCount", + "documentation":"" } - }, - "documentation":"A structure of search criteria to be used to return contacts.
" + } }, "SearchHoursOfOperationsRequest":{ "type":"structure", @@ -19572,7 +20645,7 @@ "SearchableContactAttributeKey":{ "type":"string", "max":100, - "min":0, + "min":1, "sensitive":true }, "SearchableContactAttributeValue":{ @@ -19630,6 +20703,64 @@ "type":"string", "enum":["STANDARD"] }, + "SearchableSegmentAttributeKey":{ + "type":"string", + "max":64, + "min":1, + "sensitive":true + }, + "SearchableSegmentAttributeValue":{ + "type":"string", + "max":128, + "min":0, + "sensitive":true + }, + "SearchableSegmentAttributeValueList":{ + "type":"list", + "member":{"shape":"SearchableSegmentAttributeValue"}, + "max":20, + "min":1, + "sensitive":true + }, + "SearchableSegmentAttributes":{ + "type":"structure", + "required":["Criteria"], + "members":{ + "Criteria":{ + "shape":"SearchableSegmentAttributesCriteriaList", + "documentation":"" + }, + "MatchType":{ + "shape":"SearchContactsMatchType", + "documentation":"" + } + }, + "documentation":"" + }, + "SearchableSegmentAttributesCriteria":{ + "type":"structure", + "required":[ + "Key", + "Values" + ], + "members":{ + "Key":{ + "shape":"SearchableSegmentAttributeKey", + "documentation":"" + }, + "Values":{ + "shape":"SearchableSegmentAttributeValueList", + "documentation":"" + } + }, + "documentation":"" + }, + "SearchableSegmentAttributesCriteriaList":{ + "type":"list", + "member":{"shape":"SearchableSegmentAttributesCriteria"}, + "max":15, + "min":1 + }, "SecurityKey":{ "type":"structure", "members":{ @@ -19844,7 +20975,7 @@ "SegmentAttributeValueString":{ "type":"string", "max":1024, - "min":1 + "min":0 }, "SegmentAttributes":{ "type":"map", @@ -19926,15 +21057,79 @@ }, "documentation":"Information about the send notification action.
" }, + "SendOutboundEmailRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "FromEmailAddress", + "DestinationEmailAddress", + "EmailMessage", + "TrafficType" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "FromEmailAddress":{ + "shape":"EmailAddressInfo", + "documentation":"" + }, + "DestinationEmailAddress":{ + "shape":"EmailAddressInfo", + "documentation":"" + }, + "AdditionalRecipients":{ + "shape":"OutboundAdditionalRecipients", + "documentation":"" + }, + "EmailMessage":{ + "shape":"OutboundEmailContent", + "documentation":"" + }, + "TrafficType":{ + "shape":"TrafficType", + "documentation":"" + }, + "SourceCampaign":{ + "shape":"SourceCampaign", + "documentation":"" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"", + "idempotencyToken":true + } + } + }, + "SendOutboundEmailResponse":{ + "type":"structure", + "members":{ + } + }, "ServiceQuotaExceededException":{ "type":"structure", "members":{ - "Message":{"shape":"Message"} + "Message":{"shape":"Message"}, + "Reason":{"shape":"ServiceQuotaExceededExceptionReason"} }, "documentation":"The service quota has been exceeded.
", "error":{"httpStatusCode":402}, "exception":true }, + "ServiceQuotaExceededExceptionReason":{ + "type":"structure", + "members":{ + "AttachedFileServiceQuotaExceededExceptionReason":{ + "shape":"AttachedFileServiceQuotaExceededExceptionReason", + "documentation":"" + } + }, + "documentation":"", + "union":true + }, "SignInConfig":{ "type":"structure", "required":["Distributions"], @@ -20050,6 +21245,20 @@ "min":1, "pattern":"^[a-zA-Z0-9_ -]+$" }, + "SourceCampaign":{ + "type":"structure", + "members":{ + "CampaignId":{ + "shape":"CampaignId", + "documentation":"" + }, + "OutboundRequestId":{ + "shape":"OutboundRequestId", + "documentation":"" + } + }, + "documentation":"" + }, "SourceId":{ "type":"string", "max":255, @@ -20339,6 +21548,83 @@ } } }, + "StartEmailContactRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "FromEmailAddress", + "DestinationEmailAddress", + "EmailMessage" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"" + }, + "FromEmailAddress":{ + "shape":"EmailAddressInfo", + "documentation":"" + }, + "DestinationEmailAddress":{ + "shape":"EmailAddress", + "documentation":"" + }, + "Description":{ + "shape":"Description", + "documentation":"" + }, + "References":{ + "shape":"ContactReferences", + "documentation":"" + }, + "Name":{ + "shape":"Name", + "documentation":"" + }, + "EmailMessage":{ + "shape":"InboundEmailContent", + "documentation":"" + }, + "AdditionalRecipients":{ + "shape":"InboundAdditionalRecipients", + "documentation":"" + }, + "Attachments":{ + "shape":"EmailAttachments", + "documentation":"" + }, + "ContactFlowId":{ + "shape":"ContactFlowId", + "documentation":"" + }, + "RelatedContactId":{ + "shape":"ContactId", + "documentation":"" + }, + "Attributes":{ + "shape":"Attributes", + "documentation":"" + }, + "SegmentAttributes":{ + "shape":"SegmentAttributes", + "documentation":"" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"", + "idempotencyToken":true + } + } + }, + "StartEmailContactResponse":{ + "type":"structure", + "members":{ + "ContactId":{ + "shape":"ContactId", + "documentation":"" + } + } + }, "StartOutboundChatContactRequest":{ "type":"structure", "required":[ @@ -20397,6 +21683,55 @@ } } }, + "StartOutboundEmailContactRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "ContactId", + "DestinationEmailAddress", + "EmailMessage" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"" + }, + "ContactId":{ + "shape":"ContactId", + "documentation":"" + }, + "FromEmailAddress":{ + "shape":"EmailAddressInfo", + "documentation":"" + }, + "DestinationEmailAddress":{ + "shape":"EmailAddressInfo", + "documentation":"" + }, + "AdditionalRecipients":{ + "shape":"OutboundAdditionalRecipients", + "documentation":"" + }, + "EmailMessage":{ + "shape":"OutboundEmailContent", + "documentation":"" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"", + "idempotencyToken":true + } + } + }, + "StartOutboundEmailContactResponse":{ + "type":"structure", + "members":{ + "ContactId":{ + "shape":"ContactId", + "documentation":"" + } + } + }, "StartOutboundVoiceContactRequest":{ "type":"structure", "required":[ @@ -20555,6 +21890,10 @@ "RelatedContactId":{ "shape":"ContactId", "documentation":"The contactId that is related to this contact. Linking tasks together by using RelatedContactID copies over contact attributes from the related task contact to the new task contact. All updates to user-defined attributes in the new task contact are limited to the individual contact ID, unlike what happens when tasks are linked by using PreviousContactID. There are no limits to the number of contacts that can be linked by using RelatedContactId.
The distribution of traffic between the instance and its replicas.
" }, + "TemplateAttributes":{ + "type":"structure", + "members":{ + "CustomAttributes":{ + "shape":"Attributes", + "documentation":"" + }, + "CustomerProfileAttributes":{ + "shape":"CustomerProfileAttributesSerialized", + "documentation":"" + } + }, + "documentation":"" + }, "TemplateId":{ "type":"string", "max":500, "min":1 }, + "TemplatedMessageConfig":{ + "type":"structure", + "required":[ + "KnowledgeBaseId", + "MessageTemplateId", + "TemplateAttributes" + ], + "members":{ + "KnowledgeBaseId":{ + "shape":"MessageTemplateKnowledgeBaseId", + "documentation":"" + }, + "MessageTemplateId":{ + "shape":"MessageTemplateId", + "documentation":"" + }, + "TemplateAttributes":{ + "shape":"TemplateAttributes", + "documentation":"" + } + }, + "documentation":"" + }, "Threshold":{ "type":"structure", "members":{ @@ -22040,6 +23418,10 @@ "References":{ "shape":"ContactReferences", "documentation":"Well-formed data on contact, shown to agents on Contact Control Panel (CCP).
" + }, + "SegmentAttributes":{ + "shape":"SegmentAttributes", + "documentation":"" } } }, @@ -22113,6 +23495,52 @@ "members":{ } }, + "UpdateEmailAddressMetadataRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "EmailAddressId" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"", + "location":"uri", + "locationName":"EmailAddressId" + }, + "Description":{ + "shape":"Description", + "documentation":"" + }, + "DisplayName":{ + "shape":"EmailAddressDisplayName", + "documentation":"" + }, + "ClientToken":{ + "shape":"ClientToken", + "documentation":"" + } + } + }, + "UpdateEmailAddressMetadataResponse":{ + "type":"structure", + "members":{ + "EmailAddressId":{ + "shape":"EmailAddressId", + "documentation":"" + }, + "EmailAddressArn":{ + "shape":"EmailAddressArn", + "documentation":"" + } + } + }, "UpdateEvaluationFormRequest":{ "type":"structure", "required":[ @@ -22566,6 +23994,32 @@ } } }, + "UpdateQueueOutboundEmailConfigRequest":{ + "type":"structure", + "required":[ + "InstanceId", + "QueueId", + "OutboundEmailConfig" + ], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "documentation":"", + "location":"uri", + "locationName":"InstanceId" + }, + "QueueId":{ + "shape":"QueueId", + "documentation":"", + "location":"uri", + "locationName":"QueueId" + }, + "OutboundEmailConfig":{ + "shape":"OutboundEmailConfig", + "documentation":"" + } + } + }, "UpdateQueueStatusRequest":{ "type":"structure", "required":[ @@ -22906,6 +24360,10 @@ "shape":"ContactFlowId", "documentation":"The identifier of the flow that runs by default when a task is created by referencing this template.
" }, + "SelfAssignFlowId":{ + "shape":"ContactFlowId", + "documentation":"" + }, "Constraints":{ "shape":"TaskTemplateConstraints", "documentation":"Constraints that are applicable to the fields listed.
" @@ -22951,6 +24409,10 @@ "shape":"ContactFlowId", "documentation":"The identifier of the flow that runs by default when a task is created by referencing this template.
" }, + "SelfAssignFlowId":{ + "shape":"ContactFlowId", + "documentation":"" + }, "Constraints":{ "shape":"TaskTemplateConstraints", "documentation":"Constraints that are applicable to the fields listed.
" @@ -23575,6 +25037,16 @@ }, "documentation":"The user's first name and last name.
" }, + "UserInfo":{ + "type":"structure", + "members":{ + "UserId":{ + "shape":"AgentResourceId", + "documentation":"" + } + }, + "documentation":"" + }, "UserNotFoundException":{ "type":"structure", "members":{ diff --git a/botocore/data/elbv2/2015-12-01/service-2.json b/botocore/data/elbv2/2015-12-01/service-2.json index 98c1bb6874..52e72b415d 100644 --- a/botocore/data/elbv2/2015-12-01/service-2.json +++ b/botocore/data/elbv2/2015-12-01/service-2.json @@ -1120,6 +1120,13 @@ }, "documentation":"Information about the override status applied to a target.
" }, + "AdvertiseTrustStoreCaNamesEnum":{ + "type":"string", + "enum":[ + "on", + "off" + ] + }, "AllocationId":{"type":"string"}, "AllocationIdNotFoundException":{ "type":"structure", @@ -3404,6 +3411,10 @@ "TrustStoreAssociationStatus":{ "shape":"TrustStoreAssociationStatusEnum", "documentation":"Indicates a shared trust stores association status.
" + }, + "AdvertiseTrustStoreCaNames":{ + "shape":"AdvertiseTrustStoreCaNamesEnum", + "documentation":"Indicates whether trust store CA certificate names are advertised.
" } }, "documentation":"Information about the mutual authentication attributes of a listener.
" diff --git a/botocore/data/emr/2009-03-31/service-2.json b/botocore/data/emr/2009-03-31/service-2.json index 91168deeee..42a8026151 100644 --- a/botocore/data/emr/2009-03-31/service-2.json +++ b/botocore/data/emr/2009-03-31/service-2.json @@ -3942,6 +3942,14 @@ "ComputeLimits":{ "shape":"ComputeLimits", "documentation":"The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.
" + }, + "UtilizationPerformanceIndex":{ + "shape":"UtilizationPerformanceIndexInteger", + "documentation":"An integer value that represents an advanced scaling strategy. Setting a higher value optimizes for performance. Setting a lower value optimizes for resource conservation. Setting the value to 50 balances performance and resource conservation. Possible values are 1, 25, 50, 75, and 100.
" + }, + "ScalingStrategy":{ + "shape":"ScalingStrategy", + "documentation":"Determines whether a custom scaling utilization performance index can be set. Possible values include ADVANCED or DEFAULT.
" } }, "documentation":"Managed scaling policy for an Amazon EMR cluster. The policy specifies the limits for resources that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.
" @@ -4801,6 +4809,13 @@ "type":"list", "member":{"shape":"ScalingRule"} }, + "ScalingStrategy":{ + "type":"string", + "enum":[ + "DEFAULT", + "ADVANCED" + ] + }, "ScalingTrigger":{ "type":"structure", "required":["CloudWatchAlarmDefinition"], @@ -5777,6 +5792,11 @@ "documentation":"The username and password that you use to connect to cluster endpoints.
", "sensitive":true }, + "UtilizationPerformanceIndexInteger":{ + "type":"integer", + "max":100, + "min":1 + }, "VolumeSpecification":{ "type":"structure", "required":[ diff --git a/botocore/data/inspector2/2020-06-08/service-2.json b/botocore/data/inspector2/2020-06-08/service-2.json index 613b20592b..ef2e9415c0 100644 --- a/botocore/data/inspector2/2020-06-08/service-2.json +++ b/botocore/data/inspector2/2020-06-08/service-2.json @@ -25,12 +25,13 @@ "input":{"shape":"AssociateMemberRequest"}, "output":{"shape":"AssociateMemberResponse"}, "errors":[ + {"shape":"ServiceQuotaExceededException"}, {"shape":"ValidationException"}, {"shape":"AccessDeniedException"}, {"shape":"ThrottlingException"}, {"shape":"InternalServerException"} ], - "documentation":"Associates an Amazon Web Services account with an Amazon Inspector delegated administrator. An HTTP 200 response indicates the association was successfully started, but doesn’t indicate whether it was completed. You can check if the association completed by using ListMembers for multiple accounts or GetMembers for a single account.
" + "documentation":"Associates an Amazon Web Services account with an Amazon Inspector delegated administrator. An HTTP 200 response indicates the association was started but doesn’t indicate whether it completed. You can check if the association completed using ListMembers for multiple accounts or GetMembers for a single account. An HTTP 402 response indicates the association failed because the organization size exceeded its limit. For information on limits, see Amazon Inspector quotas.
" }, "BatchGetAccountStatus":{ "name":"BatchGetAccountStatus", diff --git a/botocore/data/lambda/2015-03-31/service-2.json b/botocore/data/lambda/2015-03-31/service-2.json index 9127f7a096..b13a78b89a 100644 --- a/botocore/data/lambda/2015-03-31/service-2.json +++ b/botocore/data/lambda/2015-03-31/service-2.json @@ -1884,6 +1884,10 @@ "MetricsConfig":{ "shape":"EventSourceMappingMetricsConfig", "documentation":"The metrics configuration for your event source. For more information, see Event source mapping metrics.
" + }, + "ProvisionedPollerConfig":{ + "shape":"ProvisionedPollerConfig", + "documentation":"(Amazon MSK and self-managed Apache Kafka only) The Provisioned Mode configuration for the event source. For more information, see Provisioned Mode.
" } } }, @@ -2597,6 +2601,10 @@ "MetricsConfig":{ "shape":"EventSourceMappingMetricsConfig", "documentation":"The metrics configuration for your event source. For more information, see Event source mapping metrics.
" + }, + "ProvisionedPollerConfig":{ + "shape":"ProvisionedPollerConfig", + "documentation":"(Amazon MSK and self-managed Apache Kafka only) The Provisioned Mode configuration for the event source. For more information, see Provisioned Mode.
" } }, "documentation":"A mapping between an Amazon Web Services resource and a Lambda function. For details, see CreateEventSourceMapping.
" @@ -4742,6 +4750,11 @@ "max":21600, "min":60 }, + "MaximumNumberOfPollers":{ + "type":"integer", + "max":2000, + "min":1 + }, "MaximumRecordAgeInSeconds":{ "type":"integer", "max":604800, @@ -4767,6 +4780,11 @@ "max":6, "pattern":".*" }, + "MinimumNumberOfPollers":{ + "type":"integer", + "max":200, + "min":1 + }, "NameSpacedFunctionArn":{ "type":"string", "pattern":"arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?" @@ -4933,6 +4951,20 @@ "FAILED" ] }, + "ProvisionedPollerConfig":{ + "type":"structure", + "members":{ + "MinimumPollers":{ + "shape":"MinimumNumberOfPollers", + "documentation":"The minimum number of event pollers this event source can scale down to.
" + }, + "MaximumPollers":{ + "shape":"MaximumNumberOfPollers", + "documentation":"The maximum number of event pollers this event source can scale up to.
" + } + }, + "documentation":"The Provisioned Mode configuration for the event source. Use Provisioned Mode to customize the minimum and maximum number of event pollers for your event source. An event poller is a compute unit that provides approximately 5 MBps of throughput.
" + }, "PublishLayerVersionRequest":{ "type":"structure", "required":[ @@ -6110,6 +6142,10 @@ "MetricsConfig":{ "shape":"EventSourceMappingMetricsConfig", "documentation":"The metrics configuration for your event source. For more information, see Event source mapping metrics.
" + }, + "ProvisionedPollerConfig":{ + "shape":"ProvisionedPollerConfig", + "documentation":"(Amazon MSK and self-managed Apache Kafka only) The Provisioned Mode configuration for the event source. For more information, see Provisioned Mode.
" } } }, diff --git a/botocore/data/mailmanager/2023-10-17/service-2.json b/botocore/data/mailmanager/2023-10-17/service-2.json index 8444470d09..f20070197b 100644 --- a/botocore/data/mailmanager/2023-10-17/service-2.json +++ b/botocore/data/mailmanager/2023-10-17/service-2.json @@ -1490,6 +1490,33 @@ }, "documentation":"This action to delivers an email to a mailbox.
" }, + "DeliverToQBusinessAction":{ + "type":"structure", + "required":[ + "ApplicationId", + "IndexId", + "RoleArn" + ], + "members":{ + "ActionFailurePolicy":{ + "shape":"ActionFailurePolicy", + "documentation":"A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the qbusiness:BatchPutDocument API.
" + }, + "ApplicationId":{ + "shape":"QBusinessApplicationId", + "documentation":"The unique identifier of the Amazon Q Business application instance where the email content will be delivered.
" + }, + "IndexId":{ + "shape":"QBusinessIndexId", + "documentation":"The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.
" + }, + "RoleArn":{ + "shape":"IamRoleArn", + "documentation":"The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the qbusiness:BatchPutDocument API for the given application and index.
" + } + }, + "documentation":"The action to deliver incoming emails to an Amazon Q Business application for indexing.
" + }, "Double":{ "type":"double", "box":true @@ -2869,6 +2896,18 @@ "type":"list", "member":{"shape":"PolicyStatement"} }, + "QBusinessApplicationId":{ + "type":"string", + "max":36, + "min":36, + "pattern":"^[a-z0-9-]+$" + }, + "QBusinessIndexId":{ + "type":"string", + "max":36, + "min":36, + "pattern":"^[a-z0-9-]+$" + }, "Recipients":{ "type":"list", "member":{"shape":"EmailAddress"}, @@ -3121,6 +3160,10 @@ "shape":"DeliverToMailboxAction", "documentation":"This action delivers an email to a WorkMail mailbox.
" }, + "DeliverToQBusiness":{ + "shape":"DeliverToQBusinessAction", + "documentation":"This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.
" + }, "Drop":{ "shape":"DropAction", "documentation":"This action terminates the evaluation of rules in the rule set.
" diff --git a/botocore/data/neptune-graph/2023-11-29/paginators-1.json b/botocore/data/neptune-graph/2023-11-29/paginators-1.json index cb2bd93c63..7ce2e6dd09 100644 --- a/botocore/data/neptune-graph/2023-11-29/paginators-1.json +++ b/botocore/data/neptune-graph/2023-11-29/paginators-1.json @@ -23,6 +23,12 @@ "output_token": "nextToken", "limit_key": "maxResults", "result_key": "privateGraphEndpoints" + }, + "ListExportTasks": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "tasks" } } } diff --git a/botocore/data/neptune-graph/2023-11-29/service-2.json b/botocore/data/neptune-graph/2023-11-29/service-2.json index 41308a4428..9bb534b80c 100644 --- a/botocore/data/neptune-graph/2023-11-29/service-2.json +++ b/botocore/data/neptune-graph/2023-11-29/service-2.json @@ -15,6 +15,27 @@ "uid":"neptune-graph-2023-11-29" }, "operations":{ + "CancelExportTask":{ + "name":"CancelExportTask", + "http":{ + "method":"DELETE", + "requestUri":"/exporttasks/{taskIdentifier}", + "responseCode":200 + }, + "input":{"shape":"CancelExportTaskInput"}, + "output":{"shape":"CancelExportTaskOutput"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Cancel the specified export task.
", + "staticContextParams":{ + "ApiType":{"value":"ControlPlane"} + } + }, "CancelImportTask":{ "name":"CancelImportTask", "http":{ @@ -234,6 +255,26 @@ "ApiType":{"value":"DataPlane"} } }, + "GetExportTask":{ + "name":"GetExportTask", + "http":{ + "method":"GET", + "requestUri":"/exporttasks/{taskIdentifier}", + "responseCode":200 + }, + "input":{"shape":"GetExportTaskInput"}, + "output":{"shape":"GetExportTaskOutput"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Retrieves a specified export task.
", + "staticContextParams":{ + "ApiType":{"value":"ControlPlane"} + } + }, "GetGraph":{ "name":"GetGraph", "http":{ @@ -362,6 +403,26 @@ "ApiType":{"value":"DataPlane"} } }, + "ListExportTasks":{ + "name":"ListExportTasks", + "http":{ + "method":"GET", + "requestUri":"/exporttasks", + "responseCode":200 + }, + "input":{"shape":"ListExportTasksInput"}, + "output":{"shape":"ListExportTasksOutput"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Retrieves a list of export tasks.
", + "staticContextParams":{ + "ApiType":{"value":"ControlPlane"} + } + }, "ListGraphSnapshots":{ "name":"ListGraphSnapshots", "http":{ @@ -527,6 +588,27 @@ "ApiType":{"value":"ControlPlane"} } }, + "StartExportTask":{ + "name":"StartExportTask", + "http":{ + "method":"POST", + "requestUri":"/exporttasks", + "responseCode":201 + }, + "input":{"shape":"StartExportTaskInput"}, + "output":{"shape":"StartExportTaskOutput"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Export data from an existing Neptune Analytics graph to Amazon S3. The graph state should be AVAILABLE.
The unique identifier of the export task.
", + "location":"uri", + "locationName":"taskIdentifier" + } + } + }, + "CancelExportTaskOutput":{ + "type":"structure", + "required":[ + "graphId", + "roleArn", + "taskId", + "status", + "format", + "destination", + "kmsKeyIdentifier" + ], + "members":{ + "graphId":{ + "shape":"GraphId", + "documentation":"The source graph identifier of the cancelled export task.
" + }, + "roleArn":{ + "shape":"RoleArn", + "documentation":"The ARN of the IAM role that will allow the exporting of data to the destination.
" + }, + "taskId":{ + "shape":"ExportTaskId", + "documentation":"The unique identifier of the export task.
" + }, + "status":{ + "shape":"ExportTaskStatus", + "documentation":"The current status of the export task. The status is CANCELLING when the export task is cancelled.
The format of the cancelled export task.
" + }, + "destination":{ + "shape":"CancelExportTaskOutputDestinationString", + "documentation":"The Amazon S3 URI of the cancelled export task where data will be exported to.
" + }, + "kmsKeyIdentifier":{ + "shape":"KmsKeyArn", + "documentation":"The KMS key identifier of the cancelled export task.
" + }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the cancelled export task.
" + }, + "statusReason":{ + "shape":"String", + "documentation":"The reason that the export task has this status value.
" + } + } + }, + "CancelExportTaskOutputDestinationString":{ + "type":"string", + "max":1024, + "min":1 + }, "CancelImportTaskInput":{ "type":"structure", "required":["taskIdentifier"], @@ -680,6 +829,10 @@ "shape":"Format", "documentation":"Specifies the format of S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format or OPENCYPHER, which identies the openCypher load format.
The parquet type of the cancelled import task.
" + }, "roleArn":{ "shape":"RoleArn", "documentation":"The ARN of the IAM role that will allow access to the data that is to be imported.
" @@ -966,6 +1119,10 @@ "shape":"Format", "documentation":"Specifies the format of S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format, OPEN_CYPHER, which identifies the openCypher load format, or ntriples, which identifies the RDF n-triples format.
The parquet type of the import task.
" + }, "blankNodeHandling":{ "shape":"BlankNodeHandling", "documentation":"The method to handle blank nodes in the dataset. Currently, only convertToIri is supported, meaning blank nodes are converted to unique IRIs at load time. Must be provided when format is ntriples. For more information, see Handling RDF values.
Specifies the format of S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format, OPENCYPHER, which identifies the openCypher load format, or ntriples, which identifies the RDF n-triples format.
The parquet type of the import task.
" + }, "roleArn":{ "shape":"RoleArn", "documentation":"The ARN of the IAM role that will allow access to the data that is to be imported.
" @@ -1348,14 +1509,276 @@ "DETAILS" ] }, + "ExportFilter":{ + "type":"structure", + "members":{ + "vertexFilter":{ + "shape":"ExportFilterPerLabelMap", + "documentation":"Used to specify filters on a per-label basis for vertices. This allows you to control which vertex labels and properties are included in the export.
" + }, + "edgeFilter":{ + "shape":"ExportFilterPerLabelMap", + "documentation":"Used to specify filters on a per-label basis for edges. This allows you to control which edge labels and properties are included in the export.
" + } + }, + "documentation":"This is the top-level field for specifying vertex or edge filters. If the ExportFilter is not provided, then all properties for all labels will be exported. If the ExportFilter is provided but is an empty object, then no data will be exported.
" + }, + "ExportFilterElement":{ + "type":"structure", + "members":{ + "properties":{ + "shape":"ExportFilterPropertyMap", + "documentation":"Each property is defined by a key-value pair, where the key is the desired output property name (e.g. \"name\"), and the value is an object.
" + } + }, + "documentation":"Specifies whihc properties of that label should be included in the export.
" + }, + "ExportFilterLabel":{ + "type":"string", + "max":128, + "min":1 + }, + "ExportFilterOutputDataType":{ + "type":"string", + "pattern":"(Any|Byte|Short|Int|Long|Float|Double|String|Bool|Boolean|Float\\[\\]|Double\\[\\])" + }, + "ExportFilterOutputPropertyName":{ + "type":"string", + "max":128, + "min":1, + "pattern":"[a-zA-Z0-9_]+" + }, + "ExportFilterPerLabelMap":{ + "type":"map", + "key":{"shape":"ExportFilterLabel"}, + "value":{"shape":"ExportFilterElement"} + }, + "ExportFilterPropertyAttributes":{ + "type":"structure", + "members":{ + "outputType":{ + "shape":"ExportFilterOutputDataType", + "documentation":"Specifies the data type to use for the property in the exported data (e.g. \"String\", \"Int\", \"Float\"). If a type is not provided, the export process will determine the type. If a given property is present as multiple types (e.g. one vertex has \"height\" stored as a double, and another edge has it stored as a string), the type will be of Any type, otherwise, it will be the type of the property as present in vertices.
" + }, + "sourcePropertyName":{ + "shape":"ExportFilterSourcePropertyName", + "documentation":"The name of the property as it exists in the original graph data. If not provided, it is assumed that the key matches the desired sourcePropertyName.
" + }, + "multiValueHandling":{ + "shape":"MultiValueHandlingType", + "documentation":"Specifies how to handle properties that have multiple values. Can be either TO_LIST to export all values as a list, or PICK_FIRST to export the first value encountered. If not specified, the default value is PICK_FIRST.
A structure representing a property's attributes. It is a map object of outputType, sourcePropertyName and multiValueHandling.
" + }, + "ExportFilterPropertyMap":{ + "type":"map", + "key":{"shape":"ExportFilterOutputPropertyName"}, + "value":{"shape":"ExportFilterPropertyAttributes"} + }, + "ExportFilterSourcePropertyName":{ + "type":"string", + "max":128, + "min":1 + }, + "ExportFormat":{ + "type":"string", + "enum":[ + "PARQUET", + "CSV" + ] + }, + "ExportTaskDetails":{ + "type":"structure", + "required":[ + "startTime", + "timeElapsedSeconds", + "progressPercentage" + ], + "members":{ + "startTime":{ + "shape":"Timestamp", + "documentation":"The start time of the export task.
" + }, + "timeElapsedSeconds":{ + "shape":"Long", + "documentation":"The time elapsed, in seconds, since the start time of the export task.
" + }, + "progressPercentage":{ + "shape":"Integer", + "documentation":"The number of progress percentage of the export task.
" + }, + "numVerticesWritten":{ + "shape":"Long", + "documentation":"The number of exported vertices.
" + }, + "numEdgesWritten":{ + "shape":"Long", + "documentation":"The number of exported edges.
" + } + }, + "documentation":"Contains details about the specified export task.
" + }, + "ExportTaskId":{ + "type":"string", + "pattern":"t-[a-z0-9]{10}" + }, + "ExportTaskStatus":{ + "type":"string", + "enum":[ + "INITIALIZING", + "EXPORTING", + "SUCCEEDED", + "FAILED", + "CANCELLING", + "CANCELLED", + "DELETED" + ] + }, + "ExportTaskSummary":{ + "type":"structure", + "required":[ + "graphId", + "roleArn", + "taskId", + "status", + "format", + "destination", + "kmsKeyIdentifier" + ], + "members":{ + "graphId":{ + "shape":"GraphId", + "documentation":"The source graph identifier of the export task.
" + }, + "roleArn":{ + "shape":"RoleArn", + "documentation":"The ARN of the IAM role that will allow the data to be exported to the destination.
" + }, + "taskId":{ + "shape":"ExportTaskId", + "documentation":"The unique identifier of the export task.
" + }, + "status":{ + "shape":"ExportTaskStatus", + "documentation":"The current status of the export task.
" + }, + "format":{ + "shape":"ExportFormat", + "documentation":"The format of the export task.
" + }, + "destination":{ + "shape":"ExportTaskSummaryDestinationString", + "documentation":"The Amazon S3 URI of the export task where data will be exported to.
" + }, + "kmsKeyIdentifier":{ + "shape":"KmsKeyArn", + "documentation":"The KMS key identifier of the export task.
" + }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the export task.
" + }, + "statusReason":{ + "shape":"String", + "documentation":"The reason that the export task has this status value.
" + } + }, + "documentation":"Provides details about an export task.
" + }, + "ExportTaskSummaryDestinationString":{ + "type":"string", + "max":1024, + "min":1 + }, + "ExportTaskSummaryList":{ + "type":"list", + "member":{"shape":"ExportTaskSummary"} + }, "Format":{ "type":"string", "enum":[ "CSV", "OPEN_CYPHER", + "PARQUET", "NTRIPLES" ] }, + "GetExportTaskInput":{ + "type":"structure", + "required":["taskIdentifier"], + "members":{ + "taskIdentifier":{ + "shape":"ExportTaskId", + "documentation":"The unique identifier of the export task.
", + "location":"uri", + "locationName":"taskIdentifier" + } + } + }, + "GetExportTaskOutput":{ + "type":"structure", + "required":[ + "graphId", + "roleArn", + "taskId", + "status", + "format", + "destination", + "kmsKeyIdentifier" + ], + "members":{ + "graphId":{ + "shape":"GraphId", + "documentation":"The source graph identifier of the export task.
" + }, + "roleArn":{ + "shape":"RoleArn", + "documentation":"The ARN of the IAM role that will allow data to be exported to the destination.
" + }, + "taskId":{ + "shape":"ExportTaskId", + "documentation":"The unique identifier of the export task.
" + }, + "status":{ + "shape":"ExportTaskStatus", + "documentation":"The current status of the export task.
" + }, + "format":{ + "shape":"ExportFormat", + "documentation":"The format of the export task.
" + }, + "destination":{ + "shape":"GetExportTaskOutputDestinationString", + "documentation":"The Amazon S3 URI of the export task where data will be exported.
" + }, + "kmsKeyIdentifier":{ + "shape":"KmsKeyArn", + "documentation":"The KMS key identifier of the export task.
" + }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the export task.
" + }, + "statusReason":{ + "shape":"String", + "documentation":"The reason that the export task has this status value.
" + }, + "exportTaskDetails":{ + "shape":"ExportTaskDetails", + "documentation":"The details of the export task.
" + }, + "exportFilter":{ + "shape":"ExportFilter", + "documentation":"The export filter of the export task.
" + } + } + }, + "GetExportTaskOutputDestinationString":{ + "type":"string", + "max":1024, + "min":1 + }, "GetGraphInput":{ "type":"structure", "required":["graphIdentifier"], @@ -1558,6 +1981,10 @@ "shape":"Format", "documentation":"Specifies the format of S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format or OPENCYPHER, which identies the openCypher load format.
The parquet type of the import task.
" + }, "roleArn":{ "shape":"RoleArn", "documentation":"The ARN of the IAM role that will allow access to the data that is to be imported.
" @@ -1576,7 +2003,7 @@ }, "attemptNumber":{ "shape":"Integer", - "documentation":"The number of the current attempt to execute the import task.
" + "documentation":"The number of the current attempts to execute the import task.
" }, "statusReason":{ "shape":"String", @@ -1942,7 +2369,8 @@ "SUCCEEDED", "FAILED", "CANCELLING", - "CANCELLED" + "CANCELLED", + "DELETED" ] }, "ImportTaskSummary":{ @@ -1970,6 +2398,10 @@ "shape":"Format", "documentation":"Specifies the format of S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format or OPENCYPHER, which identies the openCypher load format.
The parquet type of the import task.
" + }, "roleArn":{ "shape":"RoleArn", "documentation":"The ARN of the IAM role that will allow access to the data that is to be imported.
" @@ -2010,6 +2442,37 @@ "min":1, "pattern":"arn:aws(|-cn|-us-gov):kms:[a-zA-Z0-9-]*:[0-9]{12}:key/[a-zA-Z0-9-]{36}" }, + "ListExportTasksInput":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"PaginationToken", + "documentation":"Pagination token used to paginate input.
", + "location":"querystring", + "locationName":"nextToken" + }, + "maxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of export tasks to return.
", + "location":"querystring", + "locationName":"maxResults" + } + } + }, + "ListExportTasksOutput":{ + "type":"structure", + "required":["tasks"], + "members":{ + "tasks":{ + "shape":"ExportTaskSummaryList", + "documentation":"The requested list of export tasks.
" + }, + "nextToken":{ + "shape":"PaginationToken", + "documentation":"Pagination token used to paginate output.
" + } + } + }, "ListGraphSnapshotsInput":{ "type":"structure", "members":{ @@ -2225,6 +2688,13 @@ "max":100, "min":1 }, + "MultiValueHandlingType":{ + "type":"string", + "enum":[ + "TO_LIST", + "PICK_FIRST" + ] + }, "NeptuneImportOptions":{ "type":"structure", "required":[ @@ -2300,6 +2770,10 @@ "max":8192, "min":1 }, + "ParquetType":{ + "type":"string", + "enum":["COLUMNAR"] + }, "PlanCacheType":{ "type":"string", "enum":[ @@ -2689,6 +3163,114 @@ "FAILED" ] }, + "StartExportTaskInput":{ + "type":"structure", + "required":[ + "graphIdentifier", + "roleArn", + "format", + "destination", + "kmsKeyIdentifier" + ], + "members":{ + "graphIdentifier":{ + "shape":"GraphIdentifier", + "documentation":"The source graph identifier of the export task.
" + }, + "roleArn":{ + "shape":"RoleArn", + "documentation":"The ARN of the IAM role that will allow data to be exported to the destination.
" + }, + "format":{ + "shape":"ExportFormat", + "documentation":"The format of the export task.
" + }, + "destination":{ + "shape":"StartExportTaskInputDestinationString", + "documentation":"The Amazon S3 URI where data will be exported to.
" + }, + "kmsKeyIdentifier":{ + "shape":"KmsKeyArn", + "documentation":"The KMS key identifier of the export task.
" + }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the export task.
" + }, + "exportFilter":{ + "shape":"ExportFilter", + "documentation":"The export filter of the export task.
" + }, + "tags":{ + "shape":"TagMap", + "documentation":"Tags to be applied to the export task.
" + } + } + }, + "StartExportTaskInputDestinationString":{ + "type":"string", + "max":1024, + "min":1 + }, + "StartExportTaskOutput":{ + "type":"structure", + "required":[ + "graphId", + "roleArn", + "taskId", + "status", + "format", + "destination", + "kmsKeyIdentifier" + ], + "members":{ + "graphId":{ + "shape":"GraphId", + "documentation":"The source graph identifier of the export task.
" + }, + "roleArn":{ + "shape":"RoleArn", + "documentation":"The ARN of the IAM role that will allow data to be exported to the destination.
" + }, + "taskId":{ + "shape":"ExportTaskId", + "documentation":"The unique identifier of the export task.
" + }, + "status":{ + "shape":"ExportTaskStatus", + "documentation":"The current status of the export task.
" + }, + "format":{ + "shape":"ExportFormat", + "documentation":"The format of the export task.
" + }, + "destination":{ + "shape":"StartExportTaskOutputDestinationString", + "documentation":"The Amazon S3 URI of the export task where data will be exported to.
" + }, + "kmsKeyIdentifier":{ + "shape":"KmsKeyArn", + "documentation":"The KMS key identifier of the export task.
" + }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the export task.
" + }, + "statusReason":{ + "shape":"String", + "documentation":"The reason that the export task has this status value.
" + }, + "exportFilter":{ + "shape":"ExportFilter", + "documentation":"The export filter of the export task.
" + } + } + }, + "StartExportTaskOutputDestinationString":{ + "type":"string", + "max":1024, + "min":1 + }, "StartImportTaskInput":{ "type":"structure", "required":[ @@ -2710,6 +3292,10 @@ "shape":"Format", "documentation":"Specifies the format of Amazon S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format or OPENCYPHER, which identies the openCypher load format.
" }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the import task.
" + }, "blankNodeHandling":{ "shape":"BlankNodeHandling", "documentation":"The method to handle blank nodes in the dataset. Currently, only convertToIri is supported, meaning blank nodes are converted to unique IRIs at load time. Must be provided when format is ntriples. For more information, see Handling RDF values.
Specifies the format of Amazon S3 data to be imported. Valid values are CSV, which identifies the Gremlin CSV format or OPENCYPHER, which identies the openCypher load format.
" }, + "parquetType":{ + "shape":"ParquetType", + "documentation":"The parquet type of the import task.
" + }, "roleArn":{ "shape":"RoleArn", "documentation":"The ARN of the IAM role that will allow access to the data that is to be imported.
" diff --git a/botocore/data/neptune-graph/2023-11-29/waiters-2.json b/botocore/data/neptune-graph/2023-11-29/waiters-2.json index afd62a0688..586b44b0ae 100644 --- a/botocore/data/neptune-graph/2023-11-29/waiters-2.json +++ b/botocore/data/neptune-graph/2023-11-29/waiters-2.json @@ -1,6 +1,50 @@ { "version" : 2, "waiters" : { + "ExportTaskCancelled" : { + "description" : "Wait until Export Task is Cancelled", + "delay" : 60, + "maxAttempts" : 60, + "operation" : "GetExportTask", + "acceptors" : [ { + "matcher" : "path", + "argument" : "status != 'CANCELLING' && status != 'CANCELLED'", + "state" : "failure", + "expected" : true + }, { + "matcher" : "path", + "argument" : "status", + "state" : "success", + "expected" : "CANCELLED" + } ] + }, + "ExportTaskSuccessful" : { + "description" : "Wait until Export Task is Successful", + "delay" : 60, + "maxAttempts" : 480, + "operation" : "GetExportTask", + "acceptors" : [ { + "matcher" : "path", + "argument" : "status", + "state" : "failure", + "expected" : "CANCELLING" + }, { + "matcher" : "path", + "argument" : "status", + "state" : "failure", + "expected" : "CANCELLED" + }, { + "matcher" : "path", + "argument" : "status", + "state" : "failure", + "expected" : "FAILED" + }, { + "matcher" : "path", + "argument" : "status", + "state" : "success", + "expected" : "SUCCEEDED" + } ] + }, "GraphAvailable" : { "description" : "Wait until Graph is Available", "delay" : 60, diff --git a/botocore/data/omics/2022-11-28/service-2.json b/botocore/data/omics/2022-11-28/service-2.json index 0d5e0374a0..76aa4f9ea6 100644 --- a/botocore/data/omics/2022-11-28/service-2.json +++ b/botocore/data/omics/2022-11-28/service-2.json @@ -524,6 +524,28 @@ "endpoint":{"hostPrefix":"workflows-"}, "idempotent":true }, + "DeleteS3AccessPolicy":{ + "name":"DeleteS3AccessPolicy", + "http":{ + "method":"DELETE", + "requestUri":"/s3accesspolicy/{s3AccessPointArn}", + "responseCode":200 + }, + "input":{"shape":"DeleteS3AccessPolicyRequest"}, + "output":{"shape":"DeleteS3AccessPolicyResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"NotSupportedOperationException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"RequestTimeoutException"} + ], + "documentation":"Deletes an access policy for the specified store.
", + "endpoint":{"hostPrefix":"control-storage-"}, + "idempotent":true + }, "DeleteSequenceStore":{ "name":"DeleteSequenceStore", "http":{ @@ -939,6 +961,28 @@ "documentation":"Gets information about a workflow run task.
", "endpoint":{"hostPrefix":"workflows-"} }, + "GetS3AccessPolicy":{ + "name":"GetS3AccessPolicy", + "http":{ + "method":"GET", + "requestUri":"/s3accesspolicy/{s3AccessPointArn}", + "responseCode":200 + }, + "input":{"shape":"GetS3AccessPolicyRequest"}, + "output":{"shape":"GetS3AccessPolicyResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"NotSupportedOperationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"RequestTimeoutException"} + ], + "documentation":"Retrieves details about an access policy on a given store.
", + "endpoint":{"hostPrefix":"control-storage-"} + }, "GetSequenceStore":{ "name":"GetSequenceStore", "http":{ @@ -1490,6 +1534,27 @@ "documentation":"Retrieves a list of workflows.
", "endpoint":{"hostPrefix":"workflows-"} }, + "PutS3AccessPolicy":{ + "name":"PutS3AccessPolicy", + "http":{ + "method":"PUT", + "requestUri":"/s3accesspolicy/{s3AccessPointArn}", + "responseCode":200 + }, + "input":{"shape":"PutS3AccessPolicyRequest"}, + "output":{"shape":"PutS3AccessPolicyResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"NotSupportedOperationException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"RequestTimeoutException"} + ], + "documentation":"Adds an access policy to the specified store.
", + "endpoint":{"hostPrefix":"control-storage-"} + }, "StartAnnotationImportJob":{ "name":"StartAnnotationImportJob", "http":{ @@ -1761,6 +1826,27 @@ "documentation":"Updates a run group.
", "endpoint":{"hostPrefix":"workflows-"} }, + "UpdateSequenceStore":{ + "name":"UpdateSequenceStore", + "http":{ + "method":"PATCH", + "requestUri":"/sequencestore/{id}", + "responseCode":200 + }, + "input":{"shape":"UpdateSequenceStoreRequest"}, + "output":{"shape":"UpdateSequenceStoreResponse"}, + "errors":[ + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, + {"shape":"ConflictException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"RequestTimeoutException"} + ], + "documentation":"Update one or more parameters for the sequence store.
", + "endpoint":{"hostPrefix":"control-storage-"} + }, "UpdateVariantStore":{ "name":"UpdateVariantStore", "http":{ @@ -1893,6 +1979,10 @@ }, "exception":true }, + "AccessLogLocation":{ + "type":"string", + "pattern":"$|^s3://([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])/?((.{1,800})/)?" + }, "ActivateReadSetFilter":{ "type":"structure", "members":{ @@ -2936,7 +3026,8 @@ }, "clientToken":{ "shape":"ClientToken", - "documentation":"To ensure that requests don't run multiple times, specify a unique token for each request.
" + "documentation":"To ensure that requests don't run multiple times, specify a unique token for each request.
", + "idempotencyToken":true }, "fallbackLocation":{ "shape":"S3Destination", @@ -2945,6 +3036,14 @@ "eTagAlgorithmFamily":{ "shape":"ETagAlgorithmFamily", "documentation":"The ETag algorithm family to use for ingested read sets.
" + }, + "propagatedSetLevelTags":{ + "shape":"PropagatedSetLevelTags", + "documentation":"The tags keys to propagate to the S3 objects associated with read sets in the sequence store.
" + }, + "s3AccessConfig":{ + "shape":"S3AccessConfig", + "documentation":"S3 access configuration parameters
" } } }, @@ -2987,7 +3086,20 @@ "eTagAlgorithmFamily":{ "shape":"ETagAlgorithmFamily", "documentation":"The algorithm family of the ETag.
" - } + }, + "status":{ + "shape":"SequenceStoreStatus", + "documentation":"The status of the sequence store.
" + }, + "statusMessage":{ + "shape":"SequenceStoreStatusMessage", + "documentation":"The status message of the sequence store.
" + }, + "propagatedSetLevelTags":{ + "shape":"PropagatedSetLevelTags", + "documentation":"The tags keys to propagate to the S3 objects associated with read sets in the sequence store.
" + }, + "s3Access":{"shape":"SequenceStoreS3Access"} } }, "CreateShareRequest":{ @@ -3321,6 +3433,23 @@ } } }, + "DeleteS3AccessPolicyRequest":{ + "type":"structure", + "required":["s3AccessPointArn"], + "members":{ + "s3AccessPointArn":{ + "shape":"S3AccessPointArn", + "documentation":"The S3 access point ARN that has the access policy.
", + "location":"uri", + "locationName":"s3AccessPointArn" + } + } + }, + "DeleteS3AccessPolicyResponse":{ + "type":"structure", + "members":{ + } + }, "DeleteSequenceStoreRequest":{ "type":"structure", "required":["id"], @@ -4941,6 +5070,45 @@ "box":true, "min":1 }, + "GetS3AccessPolicyRequest":{ + "type":"structure", + "required":["s3AccessPointArn"], + "members":{ + "s3AccessPointArn":{ + "shape":"S3AccessPointArn", + "documentation":"The S3 access point ARN that has the access policy.
", + "location":"uri", + "locationName":"s3AccessPointArn" + } + } + }, + "GetS3AccessPolicyResponse":{ + "type":"structure", + "required":["s3AccessPolicy"], + "members":{ + "s3AccessPointArn":{ + "shape":"S3AccessPointArn", + "documentation":"The S3 access point ARN that has the access policy.
" + }, + "storeId":{ + "shape":"StoreId", + "documentation":"The AWS-generated Sequence Store or Reference Store ID.
" + }, + "storeType":{ + "shape":"StoreType", + "documentation":"The type of store associated with the access point.
" + }, + "updateTime":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"The time when the policy was last updated.
" + }, + "s3AccessPolicy":{ + "shape":"S3AccessPolicy", + "documentation":"The current resource policy that controls S3 access on the store.
", + "jsonvalue":true + } + } + }, "GetSequenceStoreRequest":{ "type":"structure", "required":["id"], @@ -4996,6 +5164,22 @@ "eTagAlgorithmFamily":{ "shape":"ETagAlgorithmFamily", "documentation":"The algorithm family of the ETag.
" + }, + "status":{ + "shape":"SequenceStoreStatus", + "documentation":"The status of the sequence store.
" + }, + "statusMessage":{ + "shape":"SequenceStoreStatusMessage", + "documentation":"The status message of the sequence store.
" + }, + "propagatedSetLevelTags":{ + "shape":"PropagatedSetLevelTags", + "documentation":"The tags keys to propagate to the S3 objects associated with read sets in the sequence store.
" + }, + "updateTime":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"The last-updated time of the sequence store.
" } } }, @@ -6745,6 +6929,49 @@ "pattern":"[0-9]+" }, "PrimitiveBoolean":{"type":"boolean"}, + "PropagatedSetLevelTags":{ + "type":"list", + "member":{"shape":"TagKey"}, + "max":50, + "min":0 + }, + "PutS3AccessPolicyRequest":{ + "type":"structure", + "required":[ + "s3AccessPointArn", + "s3AccessPolicy" + ], + "members":{ + "s3AccessPointArn":{ + "shape":"S3AccessPointArn", + "documentation":"The S3 access point ARN where you want to put the access policy.
", + "location":"uri", + "locationName":"s3AccessPointArn" + }, + "s3AccessPolicy":{ + "shape":"S3AccessPolicy", + "documentation":"The resource policy that controls S3 access to the store.
", + "jsonvalue":true + } + } + }, + "PutS3AccessPolicyResponse":{ + "type":"structure", + "members":{ + "s3AccessPointArn":{ + "shape":"S3AccessPointArn", + "documentation":"The S3 access point ARN that now has the access policy.
" + }, + "storeId":{ + "shape":"StoreId", + "documentation":"The AWS-generated Sequence Store or Reference Store ID.
" + }, + "storeType":{ + "shape":"StoreType", + "documentation":"The type of store associated with the access point.
" + } + } + }, "Quote":{ "type":"string", "max":1, @@ -7882,12 +8109,27 @@ "min":1, "pattern":"[\\p{L}||\\p{M}||\\p{Z}||\\p{S}||\\p{N}||\\p{P}]+" }, + "S3AccessConfig":{ + "type":"structure", + "members":{ + "accessLogLocation":{ + "shape":"AccessLogLocation", + "documentation":"Location of the access logs.
" + } + }, + "documentation":"S3 access configuration parameters.
" + }, "S3AccessPointArn":{ "type":"string", "max":1024, "min":1, "pattern":"arn:[^:]*:s3:[^:]*:[^:]*:accesspoint/.*" }, + "S3AccessPolicy":{ + "type":"string", + "max":100000, + "min":1 + }, "S3Destination":{ "type":"string", "pattern":"s3://([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])/?((.{1,1024})/)?" @@ -8007,6 +8249,18 @@ "eTagAlgorithmFamily":{ "shape":"ETagAlgorithmFamily", "documentation":"The algorithm family of the ETag.
" + }, + "status":{ + "shape":"SequenceStoreStatus", + "documentation":"Status of the sequence store.
" + }, + "statusMessage":{ + "shape":"SequenceStoreStatusMessage", + "documentation":"The status message of the sequence store.
" + }, + "updateTime":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"The last-updated time of the Sequence Store.
" } }, "documentation":"Details about a sequence store.
" @@ -8029,6 +8283,18 @@ "createdBefore":{ "shape":"SyntheticTimestamp_date_time", "documentation":"The filter's end date.
" + }, + "status":{ + "shape":"SequenceStoreStatus", + "documentation":"Filter results based on status.
" + }, + "updatedAfter":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"Filter results based on stores updated after the specified time.
" + }, + "updatedBefore":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"Filter results based on stores updated before the specified time.
" } }, "documentation":"A filter for a sequence store.
" @@ -8055,10 +8321,30 @@ "s3AccessPointArn":{ "shape":"S3AccessPointArn", "documentation":"This is ARN of the access point associated with the S3 bucket storing read sets.
" + }, + "accessLogLocation":{ + "shape":"AccessLogLocation", + "documentation":"Location of the access logs.
" } }, "documentation":"The S3 access metadata of the sequence store.
" }, + "SequenceStoreStatus":{ + "type":"string", + "enum":[ + "CREATING", + "ACTIVE", + "UPDATING", + "DELETING", + "FAILED" + ] + }, + "SequenceStoreStatusMessage":{ + "type":"string", + "max":127, + "min":1, + "pattern":"[\\p{L}||\\p{M}||\\p{Z}||\\p{S}||\\p{N}||\\p{P}]+" + }, "ServiceQuotaExceededException":{ "type":"structure", "required":["message"], @@ -8766,6 +9052,12 @@ "VCF" ] }, + "StoreId":{ + "type":"string", + "max":36, + "min":10, + "pattern":"[0-9]+" + }, "StoreName":{ "type":"string", "max":255, @@ -8793,6 +9085,13 @@ "FAILED" ] }, + "StoreType":{ + "type":"string", + "enum":[ + "SEQUENCE_STORE", + "REFERENCE_STORE" + ] + }, "String":{"type":"string"}, "SubjectId":{ "type":"string", @@ -9310,6 +9609,99 @@ "max":100000, "min":1 }, + "UpdateSequenceStoreRequest":{ + "type":"structure", + "required":["id"], + "members":{ + "id":{ + "shape":"SequenceStoreId", + "documentation":"The ID of the sequence store.
", + "location":"uri", + "locationName":"id" + }, + "name":{ + "shape":"SequenceStoreName", + "documentation":"A name for the sequence store.
" + }, + "description":{ + "shape":"SequenceStoreDescription", + "documentation":"A description for the sequence store.
" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"To ensure that requests don't run multiple times, specify a unique token for each request.
", + "idempotencyToken":true + }, + "fallbackLocation":{ + "shape":"S3Destination", + "documentation":"The S3 URI of a bucket and folder to store Read Sets that fail to upload.
" + }, + "propagatedSetLevelTags":{ + "shape":"PropagatedSetLevelTags", + "documentation":"The tags keys to propagate to the S3 objects associated with read sets in the sequence store.
" + }, + "s3AccessConfig":{ + "shape":"S3AccessConfig", + "documentation":"S3 access configuration parameters.
" + } + } + }, + "UpdateSequenceStoreResponse":{ + "type":"structure", + "required":[ + "id", + "arn", + "creationTime" + ], + "members":{ + "id":{ + "shape":"SequenceStoreId", + "documentation":"The ID of the sequence store.
" + }, + "arn":{ + "shape":"SequenceStoreArn", + "documentation":"The ARN of the sequence store.
" + }, + "name":{ + "shape":"SequenceStoreName", + "documentation":"The name of the sequence store.
" + }, + "description":{ + "shape":"SequenceStoreDescription", + "documentation":"Description of the sequence store.
" + }, + "sseConfig":{"shape":"SseConfig"}, + "creationTime":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"The time when the store was created.
" + }, + "updateTime":{ + "shape":"SyntheticTimestamp_date_time", + "documentation":"The last-updated time of the Sequence Store.
" + }, + "propagatedSetLevelTags":{ + "shape":"PropagatedSetLevelTags", + "documentation":"The tags keys to propagate to the S3 objects associated with read sets in the sequence store.
" + }, + "status":{ + "shape":"SequenceStoreStatus", + "documentation":"The status of the sequence store.
" + }, + "statusMessage":{ + "shape":"SequenceStoreStatusMessage", + "documentation":"The status message of the sequence store.
" + }, + "fallbackLocation":{ + "shape":"S3Destination", + "documentation":"The S3 URI of a bucket and folder to store Read Sets that fail to upload.
" + }, + "s3Access":{"shape":"SequenceStoreS3Access"}, + "eTagAlgorithmFamily":{ + "shape":"ETagAlgorithmFamily", + "documentation":"The ETag algorithm family to use on ingested read sets.
" + } + } + }, "UpdateTime":{ "type":"timestamp", "timestampFormat":"iso8601" diff --git a/botocore/data/quicksight/2018-04-01/paginators-1.json b/botocore/data/quicksight/2018-04-01/paginators-1.json index a175dc9acc..0312ed2fa2 100644 --- a/botocore/data/quicksight/2018-04-01/paginators-1.json +++ b/botocore/data/quicksight/2018-04-01/paginators-1.json @@ -203,6 +203,12 @@ "output_token": "NextToken", "limit_key": "MaxResults", "result_key": "CustomPermissionsList" + }, + "SearchTopics": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults", + "result_key": "TopicSummaryList" } } } diff --git a/botocore/data/quicksight/2018-04-01/service-2.json b/botocore/data/quicksight/2018-04-01/service-2.json index 1811737350..22580e0ba2 100644 --- a/botocore/data/quicksight/2018-04-01/service-2.json +++ b/botocore/data/quicksight/2018-04-01/service-2.json @@ -1422,6 +1422,24 @@ ], "documentation":"Describes the result of an existing snapshot job that has finished running.
A finished snapshot job will return a COMPLETED or FAILED status when you poll the job with a DescribeDashboardSnapshotJob API call.
If the job has not finished running, this operation returns a message that says Dashboard Snapshot Job with id <SnapshotjobId> has not reached a terminal state..
Describes an existing dashboard QA configuration.
" + }, "DescribeDataSet":{ "name":"DescribeDataSet", "http":{ @@ -2862,6 +2880,24 @@ ], "documentation":"Use the SearchGroups operation to search groups in a specified Amazon QuickSight namespace using the supplied filters.
Searches for any Q topic that exists in an Amazon QuickSight account.
" + }, "StartAssetBundleExportJob":{ "name":"StartAssetBundleExportJob", "http":{ @@ -3205,6 +3241,24 @@ ], "documentation":"Updates the published version of a dashboard.
" }, + "UpdateDashboardsQAConfiguration":{ + "name":"UpdateDashboardsQAConfiguration", + "http":{ + "method":"PUT", + "requestUri":"/accounts/{AwsAccountId}/dashboards-qa-configuration" + }, + "input":{"shape":"UpdateDashboardsQAConfigurationRequest"}, + "output":{"shape":"UpdateDashboardsQAConfigurationResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ThrottlingException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalFailureException"} + ], + "documentation":"Updates a Dashboard QA configuration.
" + }, "UpdateDataSet":{ "name":"UpdateDataSet", "http":{ @@ -4133,7 +4187,11 @@ "shape":"AssetOptions", "documentation":"An array of option definitions for an analysis.
" }, - "QueryExecutionOptions":{"shape":"QueryExecutionOptions"} + "QueryExecutionOptions":{"shape":"QueryExecutionOptions"}, + "StaticFiles":{ + "shape":"StaticFileList", + "documentation":"The static files for the definition.
" + } }, "documentation":"The definition of an analysis.
" }, @@ -5763,11 +5821,11 @@ "members":{ "Body":{ "shape":"AssetBundleImportBodyBlob", - "documentation":"The bytes of the base64 encoded asset bundle import zip file. This file can't exceed 20 MB.
If you are calling the API operations from the Amazon Web Services SDK for Java, JavaScript, Python, or PHP, the SDK encodes base64 automatically to allow the direct setting of the zip file's bytes. If you are using an SDK for a different language or receiving related errors, try to base64 encode your data.
" + "documentation":"The bytes of the base64 encoded asset bundle import zip file. This file can't exceed 20 MB. If the size of the file that you want to upload is more than 20 MB, add the file to your Amazon S3 bucket and use S3Uri of the file for this operation.
If you are calling the API operations from the Amazon Web Services SDK for Java, JavaScript, Python, or PHP, the SDK encodes base64 automatically to allow the direct setting of the zip file's bytes. If you are using an SDK for a different language or receiving related errors, try to base64 encode your data.
" }, "S3Uri":{ "shape":"S3Uri", - "documentation":"The Amazon S3 URI for an asset bundle import file that exists in an Amazon S3 bucket that the caller has read access to. The file must be a zip format file and can't exceed 20 MB.
" + "documentation":"The Amazon S3 URI for an asset bundle import file that exists in an Amazon S3 bucket that the caller has read access to. The file must be a zip format file and can't exceed 1 GB.
" } }, "documentation":"The source of the asset bundle zip file that contains the data that you want to import. The file must be in QUICKSIGHT_JSON format.
The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A bar chart.
The BarChartVisual structure describes a visual that is a member of the bar chart family. The following charts can be described using this structure:
Horizontal bar chart
Vertical bar chart
Horizontal stacked bar chart
Vertical stacked bar chart
Horizontal stacked 100% bar chart
Vertical stacked 100% bar chart
For more information, see Using bar charts in the Amazon QuickSight User Guide.
" @@ -6869,6 +6931,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A box plot.
For more information, see Using box plots in the Amazon QuickSight User Guide.
" @@ -8112,6 +8178,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A combo chart.
The ComboChartVisual includes stacked bar combo charts and clustered bar combo charts
For more information, see Using combo charts in the Amazon QuickSight User Guide.
" @@ -10014,6 +10084,10 @@ "Tags":{ "shape":"TagList", "documentation":"Contains a map of the key-value pairs for the resource tag or tags that are assigned to the dataset.
" + }, + "FolderArns":{ + "shape":"FolderArnList", + "documentation":"The Folder ARN of the folder that you want the topic to reside in.
" } } }, @@ -10386,6 +10460,10 @@ "DataSetIdentifier":{ "shape":"DataSetIdentifier", "documentation":"The dataset that is used to create the custom content visual. You can't create a visual without a dataset.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A visual that contains custom content.
For more information, see Using custom visual content in the Amazon QuickSight User Guide.
" @@ -10898,6 +10976,10 @@ "Options":{ "shape":"AssetOptions", "documentation":"An array of option definitions for a dashboard.
" + }, + "StaticFiles":{ + "shape":"StaticFileList", + "documentation":"The static files for the definition.
" } }, "documentation":"The contents of a dashboard.
" @@ -10970,6 +11052,13 @@ }, "documentation":"The visual publish options of a visual in a dashboard
" }, + "DashboardsQAStatus":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "DataAggregation":{ "type":"structure", "members":{ @@ -15016,6 +15105,36 @@ } } }, + "DescribeDashboardsQAConfigurationRequest":{ + "type":"structure", + "required":["AwsAccountId"], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "documentation":"The ID of the Amazon Web Services account that contains the dashboard QA configuration that you want described.
", + "location":"uri", + "locationName":"AwsAccountId" + } + } + }, + "DescribeDashboardsQAConfigurationResponse":{ + "type":"structure", + "members":{ + "DashboardsQAStatus":{ + "shape":"DashboardsQAStatus", + "documentation":"The status of dashboards QA configuration that you want described.
" + }, + "RequestId":{ + "shape":"String", + "documentation":"The Amazon Web Services request ID for this operation.
" + }, + "Status":{ + "shape":"StatusCode", + "documentation":"The HTTP status of the request.
", + "location":"statusCode" + } + } + }, "DescribeDataSetPermissionsRequest":{ "type":"structure", "required":[ @@ -17264,6 +17383,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A filled map.
For more information, see Creating filled maps in the Amazon QuickSight User Guide.
" @@ -17999,6 +18122,10 @@ "FontStyle":{ "shape":"FontStyle", "documentation":"Determines the text display face that is inherited by the given font family.
" + }, + "FontFamily":{ + "shape":"String", + "documentation":"The font family that you want to use.
" } }, "documentation":"Configures the display properties of the given text.
" @@ -18021,6 +18148,10 @@ "Relative":{ "shape":"RelativeFontSize", "documentation":"The lexical name for the text size, proportional to its surrounding context.
" + }, + "Absolute":{ + "shape":"PixelLength", + "documentation":"The font size that you want to use in px.
" } }, "documentation":"The option that determines the text display size.
" @@ -18463,6 +18594,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A funnel chart.
For more information, see Using funnel charts in the Amazon QuickSight User Guide.
" @@ -18635,6 +18770,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A gauge chart.
For more information, see Using gauge charts in the Amazon QuickSight User Guide.
" @@ -18801,6 +18940,108 @@ "LATITUDE" ] }, + "GeospatialCategoricalColor":{ + "type":"structure", + "required":["CategoryDataColors"], + "members":{ + "CategoryDataColors":{ + "shape":"GeospatialCategoricalDataColorList", + "documentation":"A list of categorical data colors for each category.
" + }, + "NullDataVisibility":{ + "shape":"Visibility", + "documentation":"The state of visibility for null data.
" + }, + "NullDataSettings":{ + "shape":"GeospatialNullDataSettings", + "documentation":"The null data visualization settings.
" + }, + "DefaultOpacity":{ + "shape":"Opacity", + "documentation":"The default opacity of a categorical color.
" + } + }, + "documentation":"The definition for a categorical color.
" + }, + "GeospatialCategoricalDataColor":{ + "type":"structure", + "required":[ + "Color", + "DataValue" + ], + "members":{ + "Color":{ + "shape":"HexColorWithTransparency", + "documentation":"The color and opacity values for the category data color.
" + }, + "DataValue":{ + "shape":"String", + "documentation":"The data value for the category data color.
" + } + }, + "documentation":"The categorical data color for a single category.
" + }, + "GeospatialCategoricalDataColorList":{ + "type":"list", + "member":{"shape":"GeospatialCategoricalDataColor"} + }, + "GeospatialCircleRadius":{ + "type":"structure", + "members":{ + "Radius":{ + "shape":"GeospatialRadius", + "documentation":"The positive value for the radius of a circle.
" + } + }, + "documentation":"The geospatial radius for a circle.
" + }, + "GeospatialCircleSymbolStyle":{ + "type":"structure", + "members":{ + "FillColor":{ + "shape":"GeospatialColor", + "documentation":"The color and opacity values for the fill color.
" + }, + "StrokeColor":{ + "shape":"GeospatialColor", + "documentation":"The color and opacity values for the stroke color.
" + }, + "StrokeWidth":{ + "shape":"GeospatialLineWidth", + "documentation":"The width of the stroke (border).
" + }, + "CircleRadius":{ + "shape":"GeospatialCircleRadius", + "documentation":"The radius of the circle.
" + } + }, + "documentation":"The properties for a circle symbol style.
" + }, + "GeospatialColor":{ + "type":"structure", + "members":{ + "Solid":{ + "shape":"GeospatialSolidColor", + "documentation":"The visualization properties for the solid color.
" + }, + "Gradient":{ + "shape":"GeospatialGradientColor", + "documentation":"The visualization properties for the gradient color.
" + }, + "Categorical":{ + "shape":"GeospatialCategoricalColor", + "documentation":"The visualization properties for the categorical color.
" + } + }, + "documentation":"The visualization properties for solid, gradient, and categorical colors.
" + }, + "GeospatialColorState":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "GeospatialCoordinateBounds":{ "type":"structure", "required":[ @@ -18829,6 +19070,63 @@ }, "documentation":"The bound options (north, south, west, east) of the geospatial window options.
" }, + "GeospatialDataSourceItem":{ + "type":"structure", + "members":{ + "StaticFileDataSource":{ + "shape":"GeospatialStaticFileSource", + "documentation":"The static file data source properties for the geospatial data.
" + } + }, + "documentation":"The data source properties for the geospatial data.
" + }, + "GeospatialGradientColor":{ + "type":"structure", + "required":["StepColors"], + "members":{ + "StepColors":{ + "shape":"GeospatialGradientStepColorList", + "documentation":"A list of gradient step colors for the gradient.
" + }, + "NullDataVisibility":{ + "shape":"Visibility", + "documentation":"The state of visibility for null data.
" + }, + "NullDataSettings":{ + "shape":"GeospatialNullDataSettings", + "documentation":"The null data visualization settings.
" + }, + "DefaultOpacity":{ + "shape":"Opacity", + "documentation":"The default opacity for the gradient color.
" + } + }, + "documentation":"The definition for a gradient color.
" + }, + "GeospatialGradientStepColor":{ + "type":"structure", + "required":[ + "Color", + "DataValue" + ], + "members":{ + "Color":{ + "shape":"HexColorWithTransparency", + "documentation":"The color and opacity values for the gradient step color.
" + }, + "DataValue":{ + "shape":"Double", + "documentation":"The data value for the gradient step color.
" + } + }, + "documentation":"The gradient step color for a single step.
" + }, + "GeospatialGradientStepColorList":{ + "type":"list", + "member":{"shape":"GeospatialGradientStepColor"}, + "max":3, + "min":2 + }, "GeospatialHeatmapColorScale":{ "type":"structure", "members":{ @@ -18866,6 +19164,176 @@ "max":2, "min":2 }, + "GeospatialLayerColorField":{ + "type":"structure", + "members":{ + "ColorDimensionsFields":{ + "shape":"GeospatialLayerDimensionFieldList", + "documentation":"A list of color dimension fields.
" + }, + "ColorValuesFields":{ + "shape":"GeospatialLayerMeasureFieldList", + "documentation":"A list of color measure fields.
" + } + }, + "documentation":"The color field that defines a gradient or categorical style.
" + }, + "GeospatialLayerDefinition":{ + "type":"structure", + "members":{ + "PointLayer":{ + "shape":"GeospatialPointLayer", + "documentation":"The definition for a point layer.
" + }, + "LineLayer":{ + "shape":"GeospatialLineLayer", + "documentation":"The definition for a line layer.
" + }, + "PolygonLayer":{ + "shape":"GeospatialPolygonLayer", + "documentation":"The definition for a polygon layer.
" + } + }, + "documentation":"The definition properties for a geospatial layer.
" + }, + "GeospatialLayerDimensionFieldList":{ + "type":"list", + "member":{"shape":"DimensionField"}, + "max":1 + }, + "GeospatialLayerItem":{ + "type":"structure", + "required":["LayerId"], + "members":{ + "LayerId":{ + "shape":"String", + "documentation":"The ID of the layer.
" + }, + "LayerType":{ + "shape":"GeospatialLayerType", + "documentation":"The layer type.
" + }, + "DataSource":{ + "shape":"GeospatialDataSourceItem", + "documentation":"The data source for the layer.
" + }, + "Label":{ + "shape":"String", + "documentation":"The label that is displayed for the layer.
" + }, + "Visibility":{ + "shape":"Visibility", + "documentation":"The state of visibility for the layer.
" + }, + "LayerDefinition":{ + "shape":"GeospatialLayerDefinition", + "documentation":"The definition properties for a layer.
" + }, + "Tooltip":{"shape":"TooltipOptions"}, + "JoinDefinition":{ + "shape":"GeospatialLayerJoinDefinition", + "documentation":"The join definition properties for a layer.
" + }, + "Actions":{ + "shape":"LayerCustomActionList", + "documentation":"A list of custom actions for a layer.
" + } + }, + "documentation":"The properties for a single geospatial layer.
" + }, + "GeospatialLayerJoinDefinition":{ + "type":"structure", + "members":{ + "ShapeKeyField":{ + "shape":"String", + "documentation":"The name of the field or property in the geospatial data source.
" + }, + "DatasetKeyField":{"shape":"UnaggregatedField"}, + "ColorField":{ + "shape":"GeospatialLayerColorField", + "documentation":"The geospatial color field for the join definition.
" + } + }, + "documentation":"The custom actions for a layer.
" + }, + "GeospatialLayerMapConfiguration":{ + "type":"structure", + "members":{ + "Legend":{"shape":"LegendOptions"}, + "MapLayers":{ + "shape":"GeospatialMapLayerList", + "documentation":"The geospatial layers to visualize on the map.
" + }, + "MapState":{ + "shape":"GeospatialMapState", + "documentation":"The map state properties for the map.
" + }, + "MapStyle":{ + "shape":"GeospatialMapStyle", + "documentation":"The map style properties for the map.
" + }, + "Interactions":{"shape":"VisualInteractionOptions"} + }, + "documentation":"The map definition that defines map state, map style, and geospatial layers.
" + }, + "GeospatialLayerMeasureFieldList":{ + "type":"list", + "member":{"shape":"MeasureField"}, + "max":1 + }, + "GeospatialLayerType":{ + "type":"string", + "enum":[ + "POINT", + "LINE", + "POLYGON" + ] + }, + "GeospatialLineLayer":{ + "type":"structure", + "required":["Style"], + "members":{ + "Style":{ + "shape":"GeospatialLineStyle", + "documentation":"The visualization style for a line layer.
" + } + }, + "documentation":"The geospatial Line layer.
" + }, + "GeospatialLineStyle":{ + "type":"structure", + "members":{ + "LineSymbolStyle":{ + "shape":"GeospatialLineSymbolStyle", + "documentation":"The symbol style for a line style.
" + } + }, + "documentation":"The visualization style for a line layer.
" + }, + "GeospatialLineSymbolStyle":{ + "type":"structure", + "members":{ + "FillColor":{ + "shape":"GeospatialColor", + "documentation":"The color and opacity values for the fill color.
" + }, + "LineWidth":{ + "shape":"GeospatialLineWidth", + "documentation":"The width value for a line.
" + } + }, + "documentation":"The symbol style for a line layer.
" + }, + "GeospatialLineWidth":{ + "type":"structure", + "members":{ + "LineWidth":{ + "shape":"GeospatialWidth", + "documentation":"The positive value for the width of a line.
" + } + }, + "documentation":"The width properties for a line.
" + }, "GeospatialMapAggregatedFieldWells":{ "type":"structure", "members":{ @@ -18929,6 +19397,46 @@ }, "documentation":"The field wells of a GeospatialMapVisual.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" }, + "GeospatialMapLayerList":{ + "type":"list", + "member":{"shape":"GeospatialLayerItem"} + }, + "GeospatialMapNavigation":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, + "GeospatialMapState":{ + "type":"structure", + "members":{ + "Bounds":{"shape":"GeospatialCoordinateBounds"}, + "MapNavigation":{ + "shape":"GeospatialMapNavigation", + "documentation":"Enables or disables map navigation for a map.
" + } + }, + "documentation":"The map state properties for a map.
" + }, + "GeospatialMapStyle":{ + "type":"structure", + "members":{ + "BaseMapStyle":{ + "shape":"BaseMapStyleType", + "documentation":"The selected base map style.
" + }, + "BackgroundColor":{ + "shape":"HexColorWithTransparency", + "documentation":"The background color and opacity values for a map.
" + }, + "BaseMapVisibility":{ + "shape":"Visibility", + "documentation":"The state of visibility for the base map.
" + } + }, + "documentation":"The map style properties for a map.
" + }, "GeospatialMapStyleOptions":{ "type":"structure", "members":{ @@ -18966,10 +19474,64 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A geospatial map or a points on map visual.
For more information, see Creating point maps in the Amazon QuickSight User Guide.
" }, + "GeospatialNullDataSettings":{ + "type":"structure", + "required":["SymbolStyle"], + "members":{ + "SymbolStyle":{ + "shape":"GeospatialNullSymbolStyle", + "documentation":"The symbol style for null data.
" + } + }, + "documentation":"The properties for the visualization of null data.
" + }, + "GeospatialNullSymbolStyle":{ + "type":"structure", + "members":{ + "FillColor":{ + "shape":"HexColorWithTransparency", + "documentation":"The color and opacity values for the fill color.
" + }, + "StrokeColor":{ + "shape":"HexColorWithTransparency", + "documentation":"The color and opacity values for the stroke color.
" + }, + "StrokeWidth":{ + "shape":"GeospatialWidth", + "documentation":"The width of the border stroke.
" + } + }, + "documentation":"The symbol style for null data.
" + }, + "GeospatialPointLayer":{ + "type":"structure", + "required":["Style"], + "members":{ + "Style":{ + "shape":"GeospatialPointStyle", + "documentation":"The visualization style for a point layer.
" + } + }, + "documentation":"The geospatial Point layer.
" + }, + "GeospatialPointStyle":{ + "type":"structure", + "members":{ + "CircleSymbolStyle":{ + "shape":"GeospatialCircleSymbolStyle", + "documentation":"The circle symbol style for a point layer.
" + } + }, + "documentation":"The point style for a point layer.
" + }, "GeospatialPointStyleOptions":{ "type":"structure", "members":{ @@ -18988,6 +19550,49 @@ }, "documentation":"The point style of the geospatial map.
" }, + "GeospatialPolygonLayer":{ + "type":"structure", + "required":["Style"], + "members":{ + "Style":{ + "shape":"GeospatialPolygonStyle", + "documentation":"The visualization style for a polygon layer.
" + } + }, + "documentation":"The geospatial polygon layer.
" + }, + "GeospatialPolygonStyle":{ + "type":"structure", + "members":{ + "PolygonSymbolStyle":{ + "shape":"GeospatialPolygonSymbolStyle", + "documentation":"The polygon symbol style for a polygon layer.
" + } + }, + "documentation":"The polygon style for a polygon layer.
" + }, + "GeospatialPolygonSymbolStyle":{ + "type":"structure", + "members":{ + "FillColor":{ + "shape":"GeospatialColor", + "documentation":"The color and opacity values for the fill color.
" + }, + "StrokeColor":{ + "shape":"GeospatialColor", + "documentation":"The color and opacity values for the stroke color.
" + }, + "StrokeWidth":{ + "shape":"GeospatialLineWidth", + "documentation":"The width of the border stroke.
" + } + }, + "documentation":"The polygon symbol style for a polygon layer.
" + }, + "GeospatialRadius":{ + "type":"double", + "min":0 + }, "GeospatialSelectedPointStyle":{ "type":"string", "enum":[ @@ -18996,6 +19601,36 @@ "HEATMAP" ] }, + "GeospatialSolidColor":{ + "type":"structure", + "required":["Color"], + "members":{ + "Color":{ + "shape":"HexColorWithTransparency", + "documentation":"The color and opacity values for the color.
" + }, + "State":{ + "shape":"GeospatialColorState", + "documentation":"Enables and disables the view state of the color.
" + } + }, + "documentation":"The definition for a solid color.
" + }, + "GeospatialStaticFileSource":{ + "type":"structure", + "required":["StaticFileId"], + "members":{ + "StaticFileId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the static file.
" + } + }, + "documentation":"The source properties for a geospatial static file.
" + }, + "GeospatialWidth":{ + "type":"double", + "min":0 + }, "GeospatialWindowOptions":{ "type":"structure", "members":{ @@ -19595,6 +20230,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A heat map.
For more information, see Using heat maps in the Amazon QuickSight User Guide.
" @@ -19732,6 +20371,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A histogram.
For more information, see Using histograms in the Amazon QuickSight User Guide.
" @@ -19929,6 +20572,91 @@ }, "documentation":"The logo image configuration.
" }, + "ImageCustomAction":{ + "type":"structure", + "required":[ + "CustomActionId", + "Name", + "Trigger", + "ActionOperations" + ], + "members":{ + "CustomActionId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the custom action.
" + }, + "Name":{ + "shape":"ImageCustomActionName", + "documentation":"The name of the custom action.
" + }, + "Status":{ + "shape":"WidgetStatus", + "documentation":"The status of the custom action.
" + }, + "Trigger":{ + "shape":"ImageCustomActionTrigger", + "documentation":"The trigger of the VisualCustomAction.
Valid values are defined as follows:
CLICK: Initiates a custom action by a left pointer click on a data point.
MENU: Initiates a custom action by right pointer click from the menu.
A list of ImageCustomActionOperations.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" + } + }, + "documentation":"A custom action defined on an image.
" + }, + "ImageCustomActionList":{ + "type":"list", + "member":{"shape":"ImageCustomAction"}, + "max":10, + "min":0 + }, + "ImageCustomActionName":{ + "type":"string", + "max":256, + "min":1 + }, + "ImageCustomActionOperation":{ + "type":"structure", + "members":{ + "NavigationOperation":{"shape":"CustomActionNavigationOperation"}, + "URLOperation":{"shape":"CustomActionURLOperation"}, + "SetParametersOperation":{"shape":"CustomActionSetParametersOperation"} + }, + "documentation":"The operation that is defined by the custom action.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" + }, + "ImageCustomActionOperationList":{ + "type":"list", + "member":{"shape":"ImageCustomActionOperation"}, + "max":2, + "min":1 + }, + "ImageCustomActionTrigger":{ + "type":"string", + "enum":[ + "CLICK", + "MENU" + ] + }, + "ImageInteractionOptions":{ + "type":"structure", + "members":{ + "ImageMenuOption":{ + "shape":"ImageMenuOption", + "documentation":"The menu options for the image.
" + } + }, + "documentation":"The general image interactions setup for image publish options.
" + }, + "ImageMenuOption":{ + "type":"structure", + "members":{ + "AvailabilityStatus":{ + "shape":"DashboardBehavior", + "documentation":"The availability status of the image menu. If the value of this property is set to ENABLED, dashboard readers can interact with the image menu.
The menu options for the interactions of an image.
" + }, "ImageSet":{ "type":"structure", "required":["Original"], @@ -19974,6 +20702,21 @@ "documentation":"The source of the image.
", "union":true }, + "ImageStaticFile":{ + "type":"structure", + "required":["StaticFileId"], + "members":{ + "StaticFileId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the static file that contains an image.
" + }, + "Source":{ + "shape":"StaticFileSource", + "documentation":"The source of the image static file.
" + } + }, + "documentation":"A static file that contains an image.
" + }, "IncludeFolderMembers":{ "type":"string", "enum":[ @@ -20243,6 +20986,10 @@ "DataSetIdentifier":{ "shape":"DataSetIdentifier", "documentation":"The dataset that is used in the insight visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"An insight visual.
For more information, see Working with insights in the Amazon QuickSight User Guide.
" @@ -20800,6 +21547,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A key performance indicator (KPI).
For more information, see Using KPIs in the Amazon QuickSight User Guide.
" @@ -20859,6 +21610,99 @@ "max":90, "min":-90 }, + "LayerCustomAction":{ + "type":"structure", + "required":[ + "CustomActionId", + "Name", + "Trigger", + "ActionOperations" + ], + "members":{ + "CustomActionId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the custom action.
" + }, + "Name":{ + "shape":"LayerCustomActionName", + "documentation":"The name of the custom action.
" + }, + "Status":{ + "shape":"WidgetStatus", + "documentation":"The status of the LayerCustomAction.
The trigger of the LayerCustomAction.
Valid values are defined as follows:
DATA_POINT_CLICK: Initiates a custom action by a left pointer click on a data point.
DATA_POINT_MENU: Initiates a custom action by right pointer click from the menu.
A list of LayerCustomActionOperations.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" + } + }, + "documentation":"A layer custom action.
" + }, + "LayerCustomActionList":{ + "type":"list", + "member":{"shape":"LayerCustomAction"}, + "max":10 + }, + "LayerCustomActionName":{ + "type":"string", + "max":256, + "min":1 + }, + "LayerCustomActionOperation":{ + "type":"structure", + "members":{ + "FilterOperation":{"shape":"CustomActionFilterOperation"}, + "NavigationOperation":{"shape":"CustomActionNavigationOperation"}, + "URLOperation":{"shape":"CustomActionURLOperation"}, + "SetParametersOperation":{"shape":"CustomActionSetParametersOperation"} + }, + "documentation":"The operation that is defined by the custom action.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" + }, + "LayerCustomActionOperationList":{ + "type":"list", + "member":{"shape":"LayerCustomActionOperation"}, + "max":2, + "min":1 + }, + "LayerCustomActionTrigger":{ + "type":"string", + "enum":[ + "DATA_POINT_CLICK", + "DATA_POINT_MENU" + ] + }, + "LayerMapVisual":{ + "type":"structure", + "required":[ + "VisualId", + "DataSetIdentifier" + ], + "members":{ + "VisualId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the visual.
" + }, + "Title":{"shape":"VisualTitleLabelOptions"}, + "Subtitle":{"shape":"VisualSubtitleLabelOptions"}, + "ChartConfiguration":{ + "shape":"GeospatialLayerMapConfiguration", + "documentation":"The configuration settings of the visual.
" + }, + "DataSetIdentifier":{ + "shape":"DataSetIdentifier", + "documentation":"The dataset that is used to create the layer map visual. You can't create a visual without a dataset.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" + } + }, + "documentation":"A layer map visual.
" + }, "Layout":{ "type":"structure", "required":["Configuration"], @@ -20894,7 +21738,8 @@ "VISUAL", "FILTER_CONTROL", "PARAMETER_CONTROL", - "TEXT_BOX" + "TEXT_BOX", + "IMAGE" ] }, "LayoutList":{ @@ -20925,7 +21770,8 @@ "Height":{ "shape":"PixelLength", "documentation":"The height of the legend. If this value is omitted, a default height is used when rendering.
" - } + }, + "ValueFontConfiguration":{"shape":"FontConfiguration"} }, "documentation":"The options for the legend setup of a visual.
" }, @@ -21237,6 +22083,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A line chart.
For more information, see Using line charts in the Amazon QuickSight User Guide.
" @@ -23704,6 +24554,14 @@ "NamespaceError":{ "shape":"NamespaceError", "documentation":"An error that occurred when the namespace was created.
" + }, + "IamIdentityCenterApplicationArn":{ + "shape":"String", + "documentation":"The Amazon Resource Name (ARN) for the IAM Identity Center application.
" + }, + "IamIdentityCenterInstanceArn":{ + "shape":"String", + "documentation":"The Amazon Resource Name (ARN) for the IAM Identity Center instance.
" } }, "documentation":"The error type.
" @@ -24260,6 +25118,11 @@ "max":512, "min":1 }, + "Opacity":{ + "type":"double", + "max":1, + "min":0 + }, "OperandList":{ "type":"list", "member":{"shape":"Identifier"}, @@ -25101,6 +25964,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A pie or donut chart.
The PieChartVisual structure describes a visual that is a member of the pie chart family.
The following charts can be described by using this structure:
Pie charts
Donut charts
For more information, see Using pie charts in the Amazon QuickSight User Guide.
For more information, see Using donut charts in the Amazon QuickSight User Guide.
" @@ -25587,6 +26454,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A pivot table.
For more information, see Using pivot tables in the Amazon QuickSight User Guide.
" @@ -25633,6 +26504,149 @@ "type":"string", "documentation":"String based length that is composed of value and unit in px" }, + "PluginVisual":{ + "type":"structure", + "required":[ + "VisualId", + "PluginArn" + ], + "members":{ + "VisualId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the visual that you want to use.
" + }, + "PluginArn":{ + "shape":"Arn", + "documentation":"The Amazon Resource Name (ARN) that reflects the plugin and version.
" + }, + "Title":{"shape":"VisualTitleLabelOptions"}, + "Subtitle":{"shape":"VisualSubtitleLabelOptions"}, + "ChartConfiguration":{ + "shape":"PluginVisualConfiguration", + "documentation":"A description of the plugin field wells and their persisted properties.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" + } + }, + "documentation":"A flexible visualization type that allows engineers to create new custom charts in Amazon QuickSight.
" + }, + "PluginVisualAxisName":{ + "type":"string", + "enum":[ + "GROUP_BY", + "VALUE" + ] + }, + "PluginVisualConfiguration":{ + "type":"structure", + "members":{ + "FieldWells":{ + "shape":"PluginVisualFieldWells", + "documentation":"The field wells configuration of the plugin visual.
" + }, + "VisualOptions":{ + "shape":"PluginVisualOptions", + "documentation":"The persisted properties of the plugin visual.
" + }, + "SortConfiguration":{ + "shape":"PluginVisualSortConfiguration", + "documentation":"The sort configuration of the plugin visual.
" + } + }, + "documentation":"The plugin visual configuration. This includes the field wells, sorting options, and persisted options of the plugin visual.
" + }, + "PluginVisualFieldWell":{ + "type":"structure", + "members":{ + "AxisName":{ + "shape":"PluginVisualAxisName", + "documentation":"The semantic axis name for the field well.
" + }, + "Dimensions":{ + "shape":"DimensionFieldList", + "documentation":"A list of dimensions for the field well.
" + }, + "Measures":{ + "shape":"MeasureFieldList", + "documentation":"A list of measures that exist in the field well.
" + }, + "Unaggregated":{ + "shape":"UnaggregatedFieldList", + "documentation":"A list of unaggregated fields that exist in the field well.
" + } + }, + "documentation":"A collection of field wells for a plugin visual.
" + }, + "PluginVisualFieldWells":{ + "type":"list", + "member":{"shape":"PluginVisualFieldWell"}, + "max":10 + }, + "PluginVisualItemsLimitConfiguration":{ + "type":"structure", + "members":{ + "ItemsLimit":{ + "shape":"Long", + "documentation":"Determines how many values are be fetched at once.
", + "box":true + } + }, + "documentation":"A query limits configuration.
" + }, + "PluginVisualOptions":{ + "type":"structure", + "members":{ + "VisualProperties":{ + "shape":"PluginVisualPropertiesList", + "documentation":"The persisted properties and their values.
" + } + }, + "documentation":"The options and persisted properties for the plugin visual.
" + }, + "PluginVisualPropertiesList":{ + "type":"list", + "member":{"shape":"PluginVisualProperty"} + }, + "PluginVisualProperty":{ + "type":"structure", + "members":{ + "Name":{ + "shape":"String", + "documentation":"The name of the plugin visual property.
" + }, + "Value":{ + "shape":"String", + "documentation":"The value of the plugin visual property.
" + } + }, + "documentation":"The key value pair of the persisted property.
" + }, + "PluginVisualSortConfiguration":{ + "type":"structure", + "members":{ + "PluginVisualTableQuerySort":{ + "shape":"PluginVisualTableQuerySort", + "documentation":"The table query sorting options for the plugin visual.
" + } + }, + "documentation":"Determines how the plugin visual sorts the data during query.
" + }, + "PluginVisualTableQuerySort":{ + "type":"structure", + "members":{ + "RowSort":{ + "shape":"RowSortList", + "documentation":"Determines how data is sorted in the response.
" + }, + "ItemsLimitConfiguration":{ + "shape":"PluginVisualItemsLimitConfiguration", + "documentation":"The maximum amount of data to be returned by a query.
" + } + }, + "documentation":"The table query sorting options for the plugin visual.
" + }, "Port":{ "type":"integer", "max":65535, @@ -26112,6 +27126,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A radar chart visual.
" @@ -27423,6 +28441,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A sankey diagram.
For more information, see Using Sankey diagrams in the Amazon QuickSight User Guide.
" @@ -27577,6 +28599,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A scatter plot.
For more information, see Using scatter plots in the Amazon QuickSight User Guide.
" @@ -27920,6 +28946,56 @@ } } }, + "SearchTopicsRequest":{ + "type":"structure", + "required":[ + "AwsAccountId", + "Filters" + ], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "documentation":"The ID of the Amazon Web Services account that contains the topic that you want to find.
", + "location":"uri", + "locationName":"AwsAccountId" + }, + "Filters":{ + "shape":"TopicSearchFilterList", + "documentation":"The filters that you want to use to search for the topic.
" + }, + "NextToken":{ + "shape":"String", + "documentation":"The token for the next set of results, or null if there are no more results.
" + }, + "MaxResults":{ + "shape":"MaxResults", + "documentation":"The maximum number of results to be returned per request.
", + "box":true + } + } + }, + "SearchTopicsResponse":{ + "type":"structure", + "members":{ + "TopicSummaryList":{ + "shape":"TopicSummaries", + "documentation":"A list of topic summaries that is returned by the search topic request.
" + }, + "NextToken":{ + "shape":"String", + "documentation":"The token for the next set of results, or null if there are no more results.
" + }, + "Status":{ + "shape":"StatusCode", + "documentation":"The HTTP status of the request.
", + "location":"statusCode" + }, + "RequestId":{ + "shape":"String", + "documentation":"The Amazon Web Services request ID for this operation.
" + } + } + }, "Seasonality":{ "type":"integer", "max":180, @@ -28346,6 +29422,10 @@ "Name":{ "shape":"SheetName", "documentation":"The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.
" + }, + "Images":{ + "shape":"SheetImageList", + "documentation":"A list of images on a sheet.
" } }, "documentation":"A sheet, which is an object that contains a set of visuals that are viewed together on one page in Amazon QuickSight. Every analysis and dashboard contains at least one sheet. Each sheet contains at least one visualization widget, for example a chart, pivot table, or narrative insight. Sheets can be associated with other components, such as controls, filters, and so on.
" @@ -28475,6 +29555,10 @@ "shape":"SheetTextBoxList", "documentation":"The text boxes that are on a sheet.
" }, + "Images":{ + "shape":"SheetImageList", + "documentation":"A list of images on a sheet.
" + }, "Layouts":{ "shape":"LayoutList", "documentation":"Layouts define how the components of a sheet are arranged.
For more information, see Types of layout in the Amazon QuickSight User Guide.
" @@ -28533,6 +29617,114 @@ "member":{"shape":"SheetElementRenderingRule"}, "max":10000 }, + "SheetImage":{ + "type":"structure", + "required":[ + "SheetImageId", + "Source" + ], + "members":{ + "SheetImageId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the sheet image.
" + }, + "Source":{ + "shape":"SheetImageSource", + "documentation":"The source of the image.
" + }, + "Scaling":{ + "shape":"SheetImageScalingConfiguration", + "documentation":"Determines how the image is scaled.
" + }, + "Tooltip":{ + "shape":"SheetImageTooltipConfiguration", + "documentation":"The tooltip to be shown when hovering over the image.
" + }, + "ImageContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the image.
" + }, + "Interactions":{ + "shape":"ImageInteractionOptions", + "documentation":"The general image interactions setup for an image.
" + }, + "Actions":{ + "shape":"ImageCustomActionList", + "documentation":"A list of custom actions that are configured for an image.
" + } + }, + "documentation":"An image that is located on a sheet.
" + }, + "SheetImageList":{ + "type":"list", + "member":{"shape":"SheetImage"}, + "max":10, + "min":0 + }, + "SheetImageScalingConfiguration":{ + "type":"structure", + "members":{ + "ScalingType":{ + "shape":"SheetImageScalingType", + "documentation":"The scaling option to use when fitting the image inside the container.
Valid values are defined as follows:
SCALE_TO_WIDTH: The image takes up the entire width of the container. The image aspect ratio is preserved.
SCALE_TO_HEIGHT: The image takes up the entire height of the container. The image aspect ratio is preserved.
SCALE_TO_CONTAINER: The image takes up the entire width and height of the container. The image aspect ratio is not preserved.
SCALE_NONE: The image is displayed in its original size and is not scaled to the container.
Determines how the image is scaled
" + }, + "SheetImageScalingType":{ + "type":"string", + "enum":[ + "SCALE_TO_WIDTH", + "SCALE_TO_HEIGHT", + "SCALE_TO_CONTAINER", + "SCALE_NONE" + ] + }, + "SheetImageSource":{ + "type":"structure", + "members":{ + "SheetImageStaticFileSource":{ + "shape":"SheetImageStaticFileSource", + "documentation":"The source of the static file that contains the image.
" + } + }, + "documentation":"The source of the image.
" + }, + "SheetImageStaticFileSource":{ + "type":"structure", + "required":["StaticFileId"], + "members":{ + "StaticFileId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the static file that contains the image.
" + } + }, + "documentation":"The source of the static file that contains the image.
" + }, + "SheetImageTooltipConfiguration":{ + "type":"structure", + "members":{ + "TooltipText":{ + "shape":"SheetImageTooltipText", + "documentation":"The text that appears in the tooltip.
" + }, + "Visibility":{ + "shape":"Visibility", + "documentation":"The visibility of the tooltip.
" + } + }, + "documentation":"The tooltip configuration for a sheet image.
" + }, + "SheetImageTooltipText":{ + "type":"structure", + "members":{ + "PlainText":{ + "shape":"LongPlainText", + "documentation":"The plain text format.
" + } + }, + "documentation":"The text that appears in the sheet image tooltip.
" + }, "SheetLayoutElementMaximizationOption":{ "type":"structure", "members":{ @@ -29184,6 +30376,21 @@ }, "documentation":"The parameters for Spark.
" }, + "SpatialStaticFile":{ + "type":"structure", + "required":["StaticFileId"], + "members":{ + "StaticFileId":{ + "shape":"ShortRestrictiveResourceId", + "documentation":"The ID of the spatial static file.
" + }, + "Source":{ + "shape":"StaticFileSource", + "documentation":"The source of the spatial static file.
" + } + }, + "documentation":"A static file that contains the geospatial data.
" + }, "SpecialValue":{ "type":"string", "enum":[ @@ -29537,6 +30744,74 @@ }, "documentation":"The state perssitence configuration of an embedded dashboard.
" }, + "StaticFile":{ + "type":"structure", + "members":{ + "ImageStaticFile":{ + "shape":"ImageStaticFile", + "documentation":"The image static file.
" + }, + "SpatialStaticFile":{ + "shape":"SpatialStaticFile", + "documentation":"The spacial static file.
" + } + }, + "documentation":"The static file.
" + }, + "StaticFileList":{ + "type":"list", + "member":{"shape":"StaticFile"}, + "max":200, + "min":0 + }, + "StaticFileS3SourceOptions":{ + "type":"structure", + "required":[ + "BucketName", + "ObjectKey", + "Region" + ], + "members":{ + "BucketName":{ + "shape":"String", + "documentation":"The name of the Amazon S3 bucket.
" + }, + "ObjectKey":{ + "shape":"String", + "documentation":"The identifier of the static file in the Amazon S3 bucket.
" + }, + "Region":{ + "shape":"String", + "documentation":"The Region of the Amazon S3 account that contains the bucket.
" + } + }, + "documentation":"The structure that contains the Amazon S3 location to download the static file from.
" + }, + "StaticFileSource":{ + "type":"structure", + "members":{ + "UrlOptions":{ + "shape":"StaticFileUrlSourceOptions", + "documentation":"The structure that contains the URL to download the static file from.
" + }, + "S3Options":{ + "shape":"StaticFileS3SourceOptions", + "documentation":"The structure that contains the Amazon S3 location to download the static file from.
" + } + }, + "documentation":"The source of the static file.
" + }, + "StaticFileUrlSourceOptions":{ + "type":"structure", + "required":["Url"], + "members":{ + "Url":{ + "shape":"String", + "documentation":"The URL to download the static file from.
" + } + }, + "documentation":"The structure that contains the URL to download the static file from.
" + }, "Status":{ "type":"string", "enum":[ @@ -30336,6 +31611,10 @@ "Actions":{ "shape":"VisualCustomActionList", "documentation":"The list of custom actions that are configured for a visual.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A table visual.
For more information, see Using tables as visuals in the Amazon QuickSight User Guide.
" @@ -30684,7 +31963,11 @@ "shape":"AssetOptions", "documentation":"An array of option definitions for a template.
" }, - "QueryExecutionOptions":{"shape":"QueryExecutionOptions"} + "QueryExecutionOptions":{"shape":"QueryExecutionOptions"}, + "StaticFiles":{ + "shape":"StaticFileList", + "documentation":"The static files for the definition.
" + } }, "documentation":"The detailed definition of a template.
" }, @@ -31806,6 +33089,25 @@ }, "documentation":"A structure that represents a filter used to select items for a topic.
" }, + "TopicFilterAttribute":{ + "type":"string", + "enum":[ + "QUICKSIGHT_USER", + "QUICKSIGHT_VIEWER_OR_OWNER", + "DIRECT_QUICKSIGHT_VIEWER_OR_OWNER", + "QUICKSIGHT_OWNER", + "DIRECT_QUICKSIGHT_OWNER", + "DIRECT_QUICKSIGHT_SOLE_OWNER", + "TOPIC_NAME" + ] + }, + "TopicFilterOperator":{ + "type":"string", + "enum":[ + "StringEquals", + "StringLike" + ] + }, "TopicFilters":{ "type":"list", "member":{"shape":"TopicFilter"} @@ -32331,6 +33633,35 @@ "MONTHLY" ] }, + "TopicSearchFilter":{ + "type":"structure", + "required":[ + "Operator", + "Name", + "Value" + ], + "members":{ + "Operator":{ + "shape":"TopicFilterOperator", + "documentation":"The operator like equals or like.
" + }, + "Name":{ + "shape":"TopicFilterAttribute", + "documentation":"The name of the topic search filter.
" + }, + "Value":{ + "shape":"String", + "documentation":"The value of the topic search filter.
" + } + }, + "documentation":"The filter that is used to search for a topic.
" + }, + "TopicSearchFilterList":{ + "type":"list", + "member":{"shape":"TopicSearchFilter"}, + "max":1, + "min":1 + }, "TopicSingularFilterConstant":{ "type":"structure", "members":{ @@ -32698,6 +34029,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A tree map.
For more information, see Using tree maps in the Amazon QuickSight User Guide.
" @@ -33621,6 +34956,43 @@ } } }, + "UpdateDashboardsQAConfigurationRequest":{ + "type":"structure", + "required":[ + "AwsAccountId", + "DashboardsQAStatus" + ], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "documentation":"The ID of the Amazon Web Services account that contains the dashboard QA configuration that you want to update.
", + "location":"uri", + "locationName":"AwsAccountId" + }, + "DashboardsQAStatus":{ + "shape":"DashboardsQAStatus", + "documentation":"The status of dashboards QA configuration that you want to update.
" + } + } + }, + "UpdateDashboardsQAConfigurationResponse":{ + "type":"structure", + "members":{ + "DashboardsQAStatus":{ + "shape":"DashboardsQAStatus", + "documentation":"A value that indicates whether the dashboard QA configuration is enabled or not.
" + }, + "RequestId":{ + "shape":"String", + "documentation":"The Amazon Web Services request ID for this operation.
" + }, + "Status":{ + "shape":"StatusCode", + "documentation":"The HTTP status of the request.
", + "location":"statusCode" + } + } + }, "UpdateDataSetPermissionsRequest":{ "type":"structure", "required":[ @@ -35514,6 +36886,10 @@ "shape":"FilledMapVisual", "documentation":"A filled map.
For more information, see Creating filled maps in the Amazon QuickSight User Guide.
" }, + "LayerMapVisual":{ + "shape":"LayerMapVisual", + "documentation":"The properties for a layer map visual
" + }, "FunnelChartVisual":{ "shape":"FunnelChartVisual", "documentation":"A funnel chart.
For more information, see Using funnel charts in the Amazon QuickSight User Guide.
" @@ -35561,6 +36937,10 @@ "RadarChartVisual":{ "shape":"RadarChartVisual", "documentation":"A radar chart visual.
For more information, see Using radar charts in the Amazon QuickSight User Guide.
" + }, + "PluginVisual":{ + "shape":"PluginVisual", + "documentation":"The custom plugin visual type.
" } }, "documentation":"A visual displayed on a sheet in an analysis, dashboard, or template.
This is a union type structure. For this structure to be valid, only one of the attributes can be defined.
" @@ -35951,6 +37331,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A waterfall chart.
For more information, see Using waterfall charts in the Amazon QuickSight User Guide.
" @@ -36146,6 +37530,10 @@ "ColumnHierarchies":{ "shape":"ColumnHierarchyList", "documentation":"The column hierarchy that is used during drill-downs and drill-ups.
" + }, + "VisualContentAltText":{ + "shape":"LongPlainText", + "documentation":"The alt text for the visual.
" } }, "documentation":"A word cloud.
For more information, see Using word clouds in the Amazon QuickSight User Guide.
" diff --git a/botocore/data/sagemaker/2017-07-24/service-2.json b/botocore/data/sagemaker/2017-07-24/service-2.json index 0fa016bb7d..10ddbecb8d 100644 --- a/botocore/data/sagemaker/2017-07-24/service-2.json +++ b/botocore/data/sagemaker/2017-07-24/service-2.json @@ -7358,7 +7358,8 @@ "OnStartDeepHealthChecks":{ "shape":"OnStartDeepHealthChecks", "documentation":"A flag indicating whether deep health checks should be performed when the cluster instance group is created or updated.
" - } + }, + "OverrideVpcConfig":{"shape":"VpcConfig"} }, "documentation":"Details of an instance group in a SageMaker HyperPod cluster.
" }, @@ -7413,7 +7414,8 @@ "OnStartDeepHealthChecks":{ "shape":"OnStartDeepHealthChecks", "documentation":"A flag indicating whether deep health checks should be performed when the cluster instance group is created or updated.
" - } + }, + "OverrideVpcConfig":{"shape":"VpcConfig"} }, "documentation":"The specifications of an instance group that you need to define.
" }, @@ -7603,6 +7605,7 @@ "shape":"ClusterLifeCycleConfig", "documentation":"The LifeCycle configuration applied to the instance.
" }, + "OverrideVpcConfig":{"shape":"VpcConfig"}, "ThreadsPerCore":{ "shape":"ClusterThreadsPerCore", "documentation":"The number of threads per CPU core you specified under CreateCluster.
The maximum MB of memory to allocate to run a model that you assign to an inference component.
" } }, - "documentation":"Defines the compute resources to allocate to run a model that you assign to an inference component. These resources include CPU cores, accelerators, and memory.
" + "documentation":"Defines the compute resources to allocate to run a model, plus any adapter models, that you assign to an inference component. These resources include CPU cores, accelerators, and memory.
" }, "InferenceComponentContainerSpecification":{ "type":"structure", @@ -21580,7 +21581,6 @@ }, "InferenceComponentSpecification":{ "type":"structure", - "required":["ComputeResourceRequirements"], "members":{ "ModelName":{ "shape":"ModelName", @@ -21596,7 +21596,11 @@ }, "ComputeResourceRequirements":{ "shape":"InferenceComponentComputeResourceRequirements", - "documentation":"The compute resources allocated to run the model assigned to the inference component.
" + "documentation":"The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.
Omit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component.
" + }, + "BaseInferenceComponentName":{ + "shape":"InferenceComponentName", + "documentation":"The name of an existing inference component that is to contain the inference component that you're creating with your request.
Specify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component.
When you create an adapter inference component, use the Container parameter to specify the location of the adapter artifacts. In the parameter value, use the ArtifactUrl parameter of the InferenceComponentContainerSpecification data type.
Before you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt.
" } }, "documentation":"Details about the resources to deploy with this inference component, including the model, container, and compute resources.
" @@ -21618,7 +21622,11 @@ }, "ComputeResourceRequirements":{ "shape":"InferenceComponentComputeResourceRequirements", - "documentation":"The compute resources allocated to run the model assigned to the inference component.
" + "documentation":"The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component.
" + }, + "BaseInferenceComponentName":{ + "shape":"InferenceComponentName", + "documentation":"The name of the base inference component that contains this inference component.
" } }, "documentation":"Details about the resources that are deployed with this inference component.
" @@ -27099,7 +27107,7 @@ }, "ManagedInstanceScalingMinInstanceCount":{ "type":"integer", - "min":1 + "min":0 }, "ManagedInstanceScalingStatus":{ "type":"string", @@ -28955,6 +28963,20 @@ "type":"integer", "min":0 }, + "ModelShardingConfig":{ + "type":"structure", + "members":{ + "Image":{ + "shape":"OptimizationContainerImage", + "documentation":"The URI of an LMI DLC in Amazon ECR. SageMaker uses this image to run the optimization.
" + }, + "OverrideEnvironment":{ + "shape":"OptimizationJobEnvironmentVariables", + "documentation":"Environment variables that override the default ones in the model container.
" + } + }, + "documentation":"Settings for the model sharding technique that's applied by a model optimization job.
" + }, "ModelSortKey":{ "type":"string", "enum":[ @@ -30427,6 +30449,10 @@ "ModelCompilationConfig":{ "shape":"ModelCompilationConfig", "documentation":"Settings for the model compilation technique that's applied by a model optimization job.
" + }, + "ModelShardingConfig":{ + "shape":"ModelShardingConfig", + "documentation":"Settings for the model sharding technique that's applied by a model optimization job.
" } }, "documentation":"Settings for an optimization technique that you apply with a model optimization job.
", @@ -32153,6 +32179,24 @@ "ml.c6i.16xlarge", "ml.c6i.24xlarge", "ml.c6i.32xlarge", + "ml.m6i.large", + "ml.m6i.xlarge", + "ml.m6i.2xlarge", + "ml.m6i.4xlarge", + "ml.m6i.8xlarge", + "ml.m6i.12xlarge", + "ml.m6i.16xlarge", + "ml.m6i.24xlarge", + "ml.m6i.32xlarge", + "ml.r6i.large", + "ml.r6i.xlarge", + "ml.r6i.2xlarge", + "ml.r6i.4xlarge", + "ml.r6i.8xlarge", + "ml.r6i.12xlarge", + "ml.r6i.16xlarge", + "ml.r6i.24xlarge", + "ml.r6i.32xlarge", "ml.g5.xlarge", "ml.g5.2xlarge", "ml.g5.4xlarge", @@ -32169,6 +32213,14 @@ "ml.g6.16xlarge", "ml.g6.24xlarge", "ml.g6.48xlarge", + "ml.g6e.xlarge", + "ml.g6e.2xlarge", + "ml.g6e.4xlarge", + "ml.g6e.8xlarge", + "ml.g6e.12xlarge", + "ml.g6e.16xlarge", + "ml.g6e.24xlarge", + "ml.g6e.48xlarge", "ml.p4d.24xlarge", "ml.c7g.large", "ml.c7g.xlarge", @@ -32230,11 +32282,13 @@ "ml.trn1.2xlarge", "ml.trn1.32xlarge", "ml.trn1n.32xlarge", + "ml.trn2.48xlarge", "ml.inf2.xlarge", "ml.inf2.8xlarge", "ml.inf2.24xlarge", "ml.inf2.48xlarge", "ml.p5.48xlarge", + "ml.p5e.48xlarge", "ml.m7i.large", "ml.m7i.xlarge", "ml.m7i.2xlarge", diff --git a/botocore/data/ses/2010-12-01/service-2.json b/botocore/data/ses/2010-12-01/service-2.json index b26ab4adf5..bc5331cdf3 100644 --- a/botocore/data/ses/2010-12-01/service-2.json +++ b/botocore/data/ses/2010-12-01/service-2.json @@ -1450,6 +1450,28 @@ "type":"list", "member":{"shape":"ConfigurationSet"} }, + "ConnectAction":{ + "type":"structure", + "required":[ + "InstanceARN", + "IAMRoleARN" + ], + "members":{ + "InstanceARN":{ + "shape":"ConnectInstanceArn", + "documentation":"The Amazon Resource Name (ARN) for the Amazon Connect instance that Amazon SES integrates with for starting email contacts.
For more information about Amazon Connect instances, see the Amazon Connect Administrator Guide
" + }, + "IAMRoleARN":{ + "shape":"IAMRoleARN", + "documentation":" The Amazon Resource Name (ARN) of the IAM role to be used by Amazon Simple Email Service while starting email contacts to the Amazon Connect instance. This role should have permission to invoke connect:StartEmailContact for the given Amazon Connect instance.
When included in a receipt rule, this action parses the received message and starts an email contact in Amazon Connect on your behalf.
When you receive emails, the maximum email size (including headers) is 40 MB. Additionally, emails may only have up to 10 attachments. Emails larger than 40 MB or with more than 10 attachments will be bounced.
We recommend that you configure this action via Amazon Connect.
" + }, + "ConnectInstanceArn":{ + "type":"string", + "pattern":"arn:(aws|aws-us-gov):connect:[a-z]{2}-[a-z]+-[0-9-]{1}:[0-9]{1,20}:instance/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}" + }, "Content":{ "type":"structure", "required":["Data"], @@ -2450,7 +2472,7 @@ "type":"string", "max":2048, "min":20, - "pattern":"arn:[\\w-]+:iam::[0-9]+:role/[\\w-]+" + "pattern":"arn:[\\w-]+:iam::[0-9]+:role(\\u002F)([\\u0021-\\u007E]+\\u002F)?([\\w+=,.@-]+)" }, "Identity":{"type":"string"}, "IdentityDkimAttributes":{ @@ -3243,6 +3265,10 @@ "SNSAction":{ "shape":"SNSAction", "documentation":"Publishes the email content within a notification to Amazon SNS.
" + }, + "ConnectAction":{ + "shape":"ConnectAction", + "documentation":"Parses the received message and starts an email contact in Amazon Connect on your behalf.
" } }, "documentation":"An action that Amazon SES can take when it receives an email on behalf of one or more email addresses or domains that you own. An instance of this data type can represent only one action.
For information about setting up receipt rules, see the Amazon SES Developer Guide.
" @@ -3497,7 +3523,7 @@ }, "KmsKeyArn":{ "shape":"AmazonResourceName", - "documentation":"The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the default managed key or a custom managed key that you created in Amazon Web Services KMS as follows:
To use the default managed key, provide an ARN in the form of arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses. For example, if your Amazon Web Services account ID is 123456789012 and you want to use the default managed key in the US West (Oregon) Region, the ARN of the default master key would be arn:aws:kms:us-west-2:123456789012:alias/aws/ses. If you use the default managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.
To use a custom managed key that you created in Amazon Web Services KMS, provide the ARN of the managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the Amazon SES Developer Guide.
For more information about key policies, see the Amazon Web Services KMS Developer Guide. If you do not specify a managed key, Amazon SES does not encrypt your emails.
Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your Amazon Web Services KMS keys for decryption. This encryption client is currently available with the Amazon Web Services SDK for Java and Amazon Web Services SDK for Ruby only. For more information about client-side encryption using Amazon Web Services KMS managed keys, see the Amazon S3 Developer Guide.
The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the Amazon Web Services managed key or a customer managed key that you created in Amazon Web Services KMS as follows:
To use the Amazon Web Services managed key, provide an ARN in the form of arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses. For example, if your Amazon Web Services account ID is 123456789012 and you want to use the Amazon Web Services managed key in the US West (Oregon) Region, the ARN of the Amazon Web Services managed key would be arn:aws:kms:us-west-2:123456789012:alias/aws/ses. If you use the Amazon Web Services managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.
To use a customer managed key that you created in Amazon Web Services KMS, provide the ARN of the customer managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the Amazon SES Developer Guide.
For more information about key policies, see the Amazon Web Services KMS Developer Guide. If you do not specify an Amazon Web Services KMS key, Amazon SES does not encrypt your emails.
Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your Amazon Web Services KMS keys for decryption. This encryption client is currently available with the Amazon Web Services SDK for Java and Amazon Web Services SDK for Ruby only. For more information about client-side encryption using Amazon Web Services KMS managed keys, see the Amazon S3 Developer Guide.
A map of attributes with their corresponding values.
The following lists names, descriptions, and values of the special request parameters that the CreateTopic action uses:
DeliveryPolicy – The policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.
DisplayName – The display name to use for a topic with SMS subscriptions.
FifoTopic – Set to true to create a FIFO topic.
Policy – The policy that defines who can access your topic. By default, only the topic owner can publish or subscribe to the topic.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, SignatureVersion is set to 1.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
The following attribute applies only to server-side encryption:
KmsMasterKeyId – The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
The following attributes apply only to FIFO topics:
ArchivePolicy – Adds or updates an inline policy document to archive messages stored in the specified Amazon SNS topic.
BeginningArchiveTime – The earliest starting point at which a message in the topic’s archive can be replayed from. This point in time is based on the configured message retention period set by the topic’s message archiving policy.
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
A map of attributes with their corresponding values.
The following lists names, descriptions, and values of the special request parameters that the CreateTopic action uses:
DeliveryPolicy – The policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.
DisplayName – The display name to use for a topic with SMS subscriptions.
FifoTopic – Set to true to create a FIFO topic.
Policy – The policy that defines who can access your topic. By default, only the topic owner can publish or subscribe to the topic.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, SignatureVersion is set to 1.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
The following attribute applies only to server-side encryption:
KmsMasterKeyId – The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
The following attributes apply only to FIFO topics:
ArchivePolicy – The policy that sets the retention period for messages stored in the message archive of an Amazon SNS FIFO topic.
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
A map of the topic's attributes. Attributes in this map include the following:
DeliveryPolicy – The JSON serialization of the topic's delivery policy.
DisplayName – The human-readable name used in the From field for notifications to email and email-json endpoints.
EffectiveDeliveryPolicy – The JSON serialization of the effective delivery policy, taking system defaults into account.
Owner – The Amazon Web Services account ID of the topic's owner.
Policy – The JSON serialization of the topic's access control policy.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS.
By default, SignatureVersion is set to 1. The signature is a Base64-encoded SHA1withRSA signature.
When you set SignatureVersion to 2. Amazon SNS uses a Base64-encoded SHA256withRSA signature.
If the API response does not include the SignatureVersion attribute, it means that the SignatureVersion for the topic has value 1.
SubscriptionsConfirmed – The number of confirmed subscriptions for the topic.
SubscriptionsDeleted – The number of deleted subscriptions for the topic.
SubscriptionsPending – The number of subscriptions pending confirmation for the topic.
TopicArn – The topic's ARN.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
The following attribute applies only to server-side-encryption:
KmsMasterKeyId - The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
The following attributes apply only to FIFO topics:
FifoTopic – When this is set to true, a FIFO topic is created.
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
A map of the topic's attributes. Attributes in this map include the following:
DeliveryPolicy – The JSON serialization of the topic's delivery policy.
DisplayName – The human-readable name used in the From field for notifications to email and email-json endpoints.
EffectiveDeliveryPolicy – The JSON serialization of the effective delivery policy, taking system defaults into account.
Owner – The Amazon Web Services account ID of the topic's owner.
Policy – The JSON serialization of the topic's access control policy.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS.
By default, SignatureVersion is set to 1. The signature is a Base64-encoded SHA1withRSA signature.
When you set SignatureVersion to 2. Amazon SNS uses a Base64-encoded SHA256withRSA signature.
If the API response does not include the SignatureVersion attribute, it means that the SignatureVersion for the topic has value 1.
SubscriptionsConfirmed – The number of confirmed subscriptions for the topic.
SubscriptionsDeleted – The number of deleted subscriptions for the topic.
SubscriptionsPending – The number of subscriptions pending confirmation for the topic.
TopicArn – The topic's ARN.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
The following attribute applies only to server-side-encryption:
KmsMasterKeyId - The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
The following attributes apply only to FIFO topics:
ArchivePolicy – The policy that sets the retention period for messages stored in the message archive of an Amazon SNS FIFO topic.
BeginningArchiveTime – The earliest starting point at which a message in the topic’s archive can be replayed from. This point in time is based on the configured message retention period set by the topic’s message archiving policy.
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
FifoTopic – When this is set to true, a FIFO topic is created.
Response for GetTopicAttributes action.
" @@ -2311,7 +2311,7 @@ }, "AttributeName":{ "shape":"attributeName", - "documentation":"A map of attributes with their corresponding values.
The following lists the names, descriptions, and values of the special request parameters that the SetTopicAttributes action uses:
ApplicationSuccessFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to a platform application endpoint.
DeliveryPolicy – The policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.
DisplayName – The display name to use for a topic with SMS subscriptions.
Policy – The policy that defines who can access your topic. By default, only the topic owner can publish or subscribe to the topic.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
HTTP
HTTPSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
HTTPSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an HTTP endpoint.
HTTPFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
Amazon Kinesis Data Firehose
FirehoseSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
FirehoseSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
FirehoseFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
Lambda
LambdaSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Lambda endpoint.
LambdaSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Lambda endpoint.
LambdaFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Lambda endpoint.
Platform application endpoint
ApplicationSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
ApplicationSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
ApplicationFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
In addition to being able to configure topic attributes for message delivery status of notification messages sent to Amazon SNS application endpoints, you can also configure application attributes for the delivery status of push notification messages sent to push notification services.
For example, For more information, see Using Amazon SNS Application Attributes for Message Delivery Status.
Amazon SQS
SQSSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
SQSSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
SQSFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
The <ENDPOINT>SuccessFeedbackRoleArn and <ENDPOINT>FailureFeedbackRoleArn attributes are used to give Amazon SNS write access to use CloudWatch Logs on your behalf. The <ENDPOINT>SuccessFeedbackSampleRate attribute is for specifying the sample rate percentage (0-100) of successfully delivered messages. After you configure the <ENDPOINT>FailureFeedbackRoleArn attribute, then all failed message deliveries generate CloudWatch Logs.
The following attribute applies only to server-side-encryption:
KmsMasterKeyId – The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, SignatureVersion is set to 1.
The following attribute applies only to FIFO topics:
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
A map of attributes with their corresponding values.
The following lists the names, descriptions, and values of the special request parameters that the SetTopicAttributes action uses:
ApplicationSuccessFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to a platform application endpoint.
DeliveryPolicy – The policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.
DisplayName – The display name to use for a topic with SMS subscriptions.
Policy – The policy that defines who can access your topic. By default, only the topic owner can publish or subscribe to the topic.
TracingConfig – Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to Active, Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. This is only supported on standard topics.
HTTP
HTTPSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
HTTPSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an HTTP endpoint.
HTTPFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
Amazon Kinesis Data Firehose
FirehoseSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
FirehoseSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
FirehoseFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
Lambda
LambdaSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Lambda endpoint.
LambdaSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Lambda endpoint.
LambdaFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Lambda endpoint.
Platform application endpoint
ApplicationSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
ApplicationSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
ApplicationFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Web Services application endpoint.
In addition to being able to configure topic attributes for message delivery status of notification messages sent to Amazon SNS application endpoints, you can also configure application attributes for the delivery status of push notification messages sent to push notification services.
For example, For more information, see Using Amazon SNS Application Attributes for Message Delivery Status.
Amazon SQS
SQSSuccessFeedbackRoleArn – Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
SQSSuccessFeedbackSampleRate – Indicates percentage of successful messages to sample for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
SQSFailureFeedbackRoleArn – Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
The <ENDPOINT>SuccessFeedbackRoleArn and <ENDPOINT>FailureFeedbackRoleArn attributes are used to give Amazon SNS write access to use CloudWatch Logs on your behalf. The <ENDPOINT>SuccessFeedbackSampleRate attribute is for specifying the sample rate percentage (0-100) of successfully delivered messages. After you configure the <ENDPOINT>FailureFeedbackRoleArn attribute, then all failed message deliveries generate CloudWatch Logs.
The following attribute applies only to server-side-encryption:
KmsMasterKeyId – The ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the Key Management Service API Reference.
SignatureVersion – The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, SignatureVersion is set to 1.
The following attribute applies only to FIFO topics:
ArchivePolicy – The policy that sets the retention period for messages stored in the message archive of an Amazon SNS FIFO topic.
ContentBasedDeduplication – Enables content-based deduplication for FIFO topics.
By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action.
When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message).
(Optional) To override the generated value, you can specify a value for the MessageDeduplicationId parameter for the Publish action.
Validates the syntax of a state machine definition.
You can validate that a state machine definition is correct without creating a state machine resource. Step Functions will implicitly perform the same syntax check when you invoke CreateStateMachine and UpdateStateMachine. State machine definitions are specified using a JSON-based, structured language. For more information on Amazon States Language see Amazon States Language (ASL).
Suggested uses for ValidateStateMachineDefinition:
Integrate automated checks into your code review or Continuous Integration (CI) process to validate state machine definitions before starting deployments.
Run the validation from a Git pre-commit hook to check your state machine definitions before committing them to your source repository.
Errors found in the state machine definition will be returned in the response as a list of diagnostic elements, rather than raise an exception.
Validates the syntax of a state machine definition specified in Amazon States Language (ASL), a JSON-based, structured language.
You can validate that a state machine definition is correct without creating a state machine resource.
Suggested uses for ValidateStateMachineDefinition:
Integrate automated checks into your code review or Continuous Integration (CI) process to check state machine definitions before starting deployments.
Run validation from a Git pre-commit hook to verify the definition before committing to your source repository.
Validation will look for problems in your state machine definition and return a result and a list of diagnostic elements.
The result value will be OK when your workflow definition can be successfully created or updated. Note the result can be OK even when diagnostic warnings are present in the response. The result value will be FAIL when the workflow definition contains errors that would prevent you from creating or updating your state machine.
The list of ValidateStateMachineDefinitionDiagnostic data elements can contain zero or more WARNING and/or ERROR elements.
The ValidateStateMachineDefinition API might add new diagnostics in the future, adjust diagnostic codes, or change the message wording. Your automated processes should only rely on the value of the result field value (OK, FAIL). Do not rely on the exact order, count, or wording of diagnostic messages.
Indicates whether assigned variables were truncated in the response. Always false for API calls. In CloudWatch logs, the value will be true if the data is truncated due to size limits.
Provides details about assigned variables in an execution history event.
" + }, "BilledDuration":{ "type":"long", "min":0 @@ -1401,6 +1416,10 @@ "encryptionConfiguration":{ "shape":"EncryptionConfiguration", "documentation":"Settings to configure server-side encryption.
" + }, + "variableReferences":{ + "shape":"VariableReferences", + "documentation":"A map of state name to a list of variables referenced by that state. States that do not use variable references will not be shown in the response.
" } } }, @@ -1477,6 +1496,10 @@ "encryptionConfiguration":{ "shape":"EncryptionConfiguration", "documentation":"Settings to configure server-side encryption.
" + }, + "variableReferences":{ + "shape":"VariableReferences", + "documentation":"A map of state name to a list of variables referenced by that state. States that do not use variable references will not be shown in the response.
" } } }, @@ -1509,6 +1532,35 @@ ] }, "ErrorMessage":{"type":"string"}, + "EvaluationFailedEventDetails":{ + "type":"structure", + "required":["state"], + "members":{ + "error":{ + "shape":"SensitiveError", + "documentation":"The error code of the failure.
" + }, + "cause":{ + "shape":"SensitiveCause", + "documentation":"A more detailed explanation of the cause of the failure.
" + }, + "location":{ + "shape":"EvaluationFailureLocation", + "documentation":"The location of the field in the state in which the evaluation error occurred.
" + }, + "state":{ + "shape":"StateName", + "documentation":"The name of the state in which the evaluation error occurred.
" + } + }, + "documentation":"Contains details about an evaluation failure that occurred while processing a state, for example, when a JSONata expression throws an error. This event will only be present in state machines that have QueryLanguage set to JSONata, or individual states set to JSONata.
" + }, + "EvaluationFailureLocation":{ + "type":"string", + "max":256, + "min":0, + "sensitive":true + }, "EventId":{"type":"long"}, "ExecutionAbortedEventDetails":{ "type":"structure", @@ -1919,6 +1971,10 @@ "mapRunRedrivenEventDetails":{ "shape":"MapRunRedrivenEventDetails", "documentation":"Contains details about the redrive attempt of a Map Run.
" + }, + "evaluationFailedEventDetails":{ + "shape":"EvaluationFailedEventDetails", + "documentation":"Contains details about an evaluation failure that occurred while processing a state.
" } }, "documentation":"Contains details about the events of an execution.
" @@ -1928,7 +1984,7 @@ "members":{ "truncated":{ "shape":"truncated", - "documentation":"Indicates whether input or output was truncated in the response. Always false for API calls.
Indicates whether input or output was truncated in the response. Always false for API calls. In CloudWatch logs, the value will be true if the data is truncated due to size limits.
Provides details about input or output in an execution history event.
" @@ -2001,7 +2057,8 @@ "MapRunStarted", "MapRunSucceeded", "ExecutionRedriven", - "MapRunRedriven" + "MapRunRedriven", + "EvaluationFailed" ] }, "Identity":{ @@ -2027,13 +2084,17 @@ "shape":"SensitiveData", "documentation":"The raw state input.
" }, + "afterArguments":{ + "shape":"SensitiveData", + "documentation":"The input after Step Functions applies an Arguments filter. This event will only be present when QueryLanguage for the state machine or individual states is set to JSONata. For more info, see Transforming data with Step Functions.
" + }, "afterInputPath":{ "shape":"SensitiveData", - "documentation":"The input after Step Functions applies the InputPath filter.
" + "documentation":"The input after Step Functions applies the InputPath filter. Not populated when QueryLanguage is JSONata.
" }, "afterParameters":{ "shape":"SensitiveData", - "documentation":"The effective input after Step Functions applies the Parameters filter.
" + "documentation":"The effective input after Step Functions applies the Parameters filter. Not populated when QueryLanguage is JSONata.
" }, "result":{ "shape":"SensitiveData", @@ -2041,11 +2102,11 @@ }, "afterResultSelector":{ "shape":"SensitiveData", - "documentation":"The effective result after Step Functions applies the ResultSelector filter.
" + "documentation":"The effective result after Step Functions applies the ResultSelector filter. Not populated when QueryLanguage is JSONata.
" }, "afterResultPath":{ "shape":"SensitiveData", - "documentation":"The effective result combined with the raw state input after Step Functions applies the ResultPath filter.
" + "documentation":"The effective result combined with the raw state input after Step Functions applies the ResultPath filter. Not populated when QueryLanguage is JSONata.
" }, "request":{ "shape":"InspectionDataRequest", @@ -2054,6 +2115,10 @@ "response":{ "shape":"InspectionDataResponse", "documentation":"The raw HTTP response that is returned when you test an HTTP Task.
" + }, + "variables":{ + "shape":"SensitiveData", + "documentation":"JSON string that contains the set of workflow variables after execution of the state. The set will include variables assigned in the state and variables set up as test state input.
" } }, "documentation":"Contains additional details about the state's execution, including its input and output data processing flow, and HTTP request and response information.
", @@ -3197,6 +3262,14 @@ "outputDetails":{ "shape":"HistoryEventExecutionDataDetails", "documentation":"Contains details about the output of an execution history event.
" + }, + "assignedVariables":{ + "shape":"AssignedVariables", + "documentation":"Map of variable name and value as a serialized JSON representation.
" + }, + "assignedVariablesDetails":{ + "shape":"AssignedVariablesDetails", + "documentation":"Provides details about input or output in an execution history event.
" } }, "documentation":"Contains details about an exit from a state during an execution.
" @@ -3684,10 +3757,7 @@ }, "TestStateInput":{ "type":"structure", - "required":[ - "definition", - "roleArn" - ], + "required":["definition"], "members":{ "definition":{ "shape":"Definition", @@ -3708,6 +3778,10 @@ "revealSecrets":{ "shape":"RevealSecrets", "documentation":"Specifies whether or not to include secret information in the test result. For HTTP Tasks, a secret includes the data that an EventBridge connection adds to modify the HTTP request headers, query parameters, and body. Step Functions doesn't omit any information included in the state definition or the HTTP response.
If you set revealSecrets to true, you must make sure that the IAM user that calls the TestState API has permission for the states:RevealSecrets action. For an example of IAM policy that sets the states:RevealSecrets permission, see IAM permissions to test a state. Without this permission, Step Functions throws an access denied error.
By default, revealSecrets is set to false.
JSON object literal that sets variables used in the state under test. Object keys are the variable names and values are the variable values.
" } } }, @@ -3921,7 +3995,10 @@ } } }, - "ValidateStateMachineDefinitionCode":{"type":"string"}, + "ValidateStateMachineDefinitionCode":{ + "type":"string", + "sensitive":true + }, "ValidateStateMachineDefinitionDiagnostic":{ "type":"structure", "required":[ @@ -3932,7 +4009,7 @@ "members":{ "severity":{ "shape":"ValidateStateMachineDefinitionSeverity", - "documentation":"A value of ERROR means that you cannot create or update a state machine with this definition.
A value of ERROR means that you cannot create or update a state machine with this definition.
WARNING level diagnostics alert you to potential issues, but they will not prevent you from creating or updating your state machine.
Location of the issue in the state machine, if available.
For errors specific to a field, the location could be in the format: /States/<StateName>/<FieldName>, for example: /States/FailState/ErrorPath.
Describes an error found during validation. Validation errors found in the definition return in the response as diagnostic elements, rather than raise an exception.
" + "documentation":"Describes potential issues found during state machine validation. Rather than raise an exception, validation will return a list of diagnostic elements containing diagnostic information.
The ValidateStateMachineDefinitionlAPI might add new diagnostics in the future, adjust diagnostic codes, or change the message wording. Your automated processes should only rely on the value of the result field value (OK, FAIL). Do not rely on the exact order, count, or wording of diagnostic messages.
List of warning codes
No .$ on a field that appears to be a JSONPath or Intrinsic Function.
Field value looks like a path, but field name does not end with 'Path'.
Attempt to use a path in the result of a pass state.
List of error codes
JSON syntax problem found.
Received a null or empty workflow input.
Schema validation reported errors.
The value of a Task-state resource field is invalid.
The workflow does not have a terminal state.
The same state name appears more than once.
The state name does not follow the naming convention.
The state machine name has not been specified.
The state machine name does not follow the naming convention.
The state name exceeds the allowed length.
The state name already exists.
A label name appears more than once.
You have provided an invalid label name.
The value of \"Next\" field doesn't match a known state name.
The states are too deeply nested.
If the result is OK, this field will be empty. When there are errors, this field will contain an array of Diagnostic objects to help you troubleshoot.
An array of diagnostic errors and warnings found during validation of the state machine definition. Since warnings do not prevent deploying your workflow definition, the result value could be OK even when warning diagnostics are present in the response.
The ingestion process to be used when importing the image, depending on which protocol you want to use for your BYOL Workspace image, either PCoIP, DCV, or bring your own protocol (BYOP). To use WSP, specify a value that ends in _DCV. To use PCoIP, specify a value that does not end in _DCV. To use BYOP, specify a value that ends in _BYOP.
For non-GPU-enabled bundles (bundles other than Graphics or GraphicsPro), specify BYOL_REGULAR, BYOL_REGULAR_DCV, or BYOL_REGULAR_BYOP, depending on the protocol.
The BYOL_REGULAR_BYOP and BYOL_GRAPHICS_G4DN_BYOP values are only supported by Amazon WorkSpaces Core. Contact your account team to be allow-listed to use these values. For more information, see Amazon WorkSpaces Core.
The ingestion process to be used when importing the image, depending on which protocol you want to use for your BYOL Workspace image, either PCoIP, WSP, or bring your own protocol (BYOP). To use DCV, specify a value that ends in _WSP. To use PCoIP, specify a value that does not end in _WSP. To use BYOP, specify a value that ends in _BYOP.
For non-GPU-enabled bundles (bundles other than Graphics or GraphicsPro), specify BYOL_REGULAR, BYOL_REGULAR_WSP, or BYOL_REGULAR_BYOP, depending on the protocol.
The BYOL_REGULAR_BYOP and BYOL_GRAPHICS_G4DN_BYOP values are only supported by Amazon WorkSpaces Core. Contact your account team to be allow-listed to use these values. For more information, see Amazon WorkSpaces Core.