A map of tags assigned to a resource. A tag is a string-to-string map of key-value pairs.
" + }, + "State":{ + "shape":"ResourceState", + "documentation":"Either ENABLED or DISABLED. The resource returns DISABLED if the organization's AWS Chatbot policy has explicitly denied that configuration. For example, if Amazon Chime is disabled.
Provided if State is DISABLED. Provides context as to why the resource is disabled.
An AWS Chatbot configuration for Amazon Chime.
" @@ -564,6 +572,14 @@ "TeamName":{ "shape":"UUID", "documentation":"The name of the Microsoft Teams Team.
" + }, + "State":{ + "shape":"ResourceState", + "documentation":"Either ENABLED or DISABLED. The resource returns DISABLED if the organization's AWS Chatbot policy has explicitly denied that configuration. For example, if Amazon Chime is disabled.
Provided if State is DISABLED. Provides context as to why the resource is disabled.
A Microsoft Teams team that is authorized with AWS Chatbot.
" @@ -1417,6 +1433,10 @@ }, "exception":true }, + "ResourceState":{ + "type":"string", + "pattern":"(ENABLED|DISABLED)" + }, "ServiceUnavailableException":{ "type":"structure", "members":{ @@ -1488,6 +1508,14 @@ "Tags":{ "shape":"Tags", "documentation":"A map of tags assigned to a resource. A tag is a string-to-string map of key-value pairs.
" + }, + "State":{ + "shape":"ResourceState", + "documentation":"Either ENABLED or DISABLED. The resource returns DISABLED if the organization's AWS Chatbot policy has explicitly denied that configuration. For example, if Amazon Chime is disabled.
Provided if State is DISABLED. Provides context as to why the resource is disabled.
An AWS Chatbot configuration for Slack.
" @@ -1575,6 +1603,14 @@ "SlackTeamName":{ "shape":"SlackTeamName", "documentation":"The name of the Slack workspace.
" + }, + "State":{ + "shape":"ResourceState", + "documentation":"Either ENABLED or DISABLED. The resource returns DISABLED if the organization's AWS Chatbot policy has explicitly denied that configuration. For example, if Amazon Chime is disabled.
Provided if State is DISABLED. Provides context as to why the resource is disabled.
A Slack workspace.
" @@ -1587,6 +1623,7 @@ "type":"list", "member":{"shape":"Arn"} }, + "String":{"type":"string"}, "Tag":{ "type":"structure", "required":[ @@ -1726,6 +1763,14 @@ "Tags":{ "shape":"Tags", "documentation":"A map of tags assigned to a resource. A tag is a string-to-string map of key-value pairs.
" + }, + "State":{ + "shape":"ResourceState", + "documentation":"Either ENABLED or DISABLED. The resource returns DISABLED if the organization's AWS Chatbot policy has explicitly denied that configuration. For example, if Amazon Chime is disabled.
Provided if State is DISABLED. Provides context as to why the resource is disabled.
An AWS Chatbot configuration for Microsoft Teams.
" diff --git a/botocore/data/endpoints.json b/botocore/data/endpoints.json index a7a3389535..092d1848c2 100644 --- a/botocore/data/endpoints.json +++ b/botocore/data/endpoints.json @@ -9634,6 +9634,8 @@ }, "endpoints" : { "ap-south-1" : { }, + "ap-southeast-2" : { }, + "eu-west-2" : { }, "us-east-1" : { }, "us-east-2" : { }, "us-west-2" : { } diff --git a/botocore/data/lambda/2015-03-31/service-2.json b/botocore/data/lambda/2015-03-31/service-2.json index bdb644cdd2..49d0b40b55 100644 --- a/botocore/data/lambda/2015-03-31/service-2.json +++ b/botocore/data/lambda/2015-03-31/service-2.json @@ -48,10 +48,9 @@ {"shape":"InvalidParameterValueException"}, {"shape":"PolicyLengthExceededException"}, {"shape":"TooManyRequestsException"}, - {"shape":"PreconditionFailedException"}, - {"shape":"PublicPolicyException"} + {"shape":"PreconditionFailedException"} ], - "documentation":"Grants a principal permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function. Note: Lambda does not support adding policies to version $LATEST.
To grant permission to another account, specify the account ID as the Principal. To grant permission to an organization defined in Organizations, specify the organization ID as the PrincipalOrgID. For Amazon Web Servicesservices, the principal is a domain-style identifier that the service defines, such as s3.amazonaws.com or sns.amazonaws.com. For Amazon Web Servicesservices, you can also specify the ARN of the associated resource as the SourceArn. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
This operation adds a statement to a resource-based permissions policy for the function. For more information about function policies, see Using resource-based policies for Lambda.
" + "documentation":"Grants a principal permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function. Note: Lambda does not support adding policies to version $LATEST.
To grant permission to another account, specify the account ID as the Principal. To grant permission to an organization defined in Organizations, specify the organization ID as the PrincipalOrgID. For Amazon Web Services services, the principal is a domain-style identifier that the service defines, such as s3.amazonaws.com or sns.amazonaws.com. For Amazon Web Services services, you can also specify the ARN of the associated resource as the SourceArn. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
This operation adds a statement to a resource-based permissions policy for the function. For more information about function policies, see Using resource-based policies for Lambda.
" }, "CreateAlias":{ "name":"CreateAlias", @@ -124,7 +123,7 @@ {"shape":"InvalidCodeSignatureException"}, {"shape":"CodeSigningConfigNotFoundException"} ], - "documentation":"Creates a Lambda function. To create a function, you need a deployment package and an execution role. The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use Amazon Web Servicesservices, such as Amazon CloudWatch Logs for log streaming and X-Ray for request tracing.
If the deployment package is a container image, then you set the package type to Image. For a container image, the code property must include the URI of a container image in the Amazon ECR registry. You do not need to specify the handler and runtime properties.
If the deployment package is a .zip file archive, then you set the package type to Zip. For a .zip file archive, the code property specifies the location of the .zip file. You must also specify the handler and runtime properties. The code in the deployment package must be compatible with the target instruction set architecture of the function (x86-64 or arm64). If you do not specify the architecture, then the default value is x86-64.
When you create a function, Lambda provisions an instance of the function and its supporting resources. If your function connects to a VPC, this process can take a minute or so. During this time, you can't invoke or modify the function. The State, StateReason, and StateReasonCode fields in the response from GetFunctionConfiguration indicate when the function is ready to invoke. For more information, see Lambda function states.
A function has an unpublished version, and can have published versions and aliases. The unpublished version changes when you update your function's code and configuration. A published version is a snapshot of your function code and configuration that can't be changed. An alias is a named resource that maps to a version, and can be changed to map to a different version. Use the Publish parameter to create version 1 of your function from its initial configuration.
The other parameters let you configure version-specific and function-level settings. You can modify version-specific settings later with UpdateFunctionConfiguration. Function-level settings apply to both the unpublished and published versions of the function, and include tags (TagResource) and per-function concurrency limits (PutFunctionConcurrency).
You can use code signing if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with UpdateFunctionCode, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes set of signing profiles, which define the trusted publishers for this function.
If another Amazon Web Services account or an Amazon Web Servicesservice invokes your function, use AddPermission to grant permission by creating a resource-based Identity and Access Management (IAM) policy. You can grant permissions at the function level, on a version, or on an alias.
To invoke your function directly, use Invoke. To invoke your function in response to events in other Amazon Web Servicesservices, create an event source mapping (CreateEventSourceMapping), or configure a function trigger in the other service. For more information, see Invoking Lambda functions.
" + "documentation":"Creates a Lambda function. To create a function, you need a deployment package and an execution role. The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use Amazon Web Services services, such as Amazon CloudWatch Logs for log streaming and X-Ray for request tracing.
If the deployment package is a container image, then you set the package type to Image. For a container image, the code property must include the URI of a container image in the Amazon ECR registry. You do not need to specify the handler and runtime properties.
If the deployment package is a .zip file archive, then you set the package type to Zip. For a .zip file archive, the code property specifies the location of the .zip file. You must also specify the handler and runtime properties. The code in the deployment package must be compatible with the target instruction set architecture of the function (x86-64 or arm64). If you do not specify the architecture, then the default value is x86-64.
When you create a function, Lambda provisions an instance of the function and its supporting resources. If your function connects to a VPC, this process can take a minute or so. During this time, you can't invoke or modify the function. The State, StateReason, and StateReasonCode fields in the response from GetFunctionConfiguration indicate when the function is ready to invoke. For more information, see Lambda function states.
A function has an unpublished version, and can have published versions and aliases. The unpublished version changes when you update your function's code and configuration. A published version is a snapshot of your function code and configuration that can't be changed. An alias is a named resource that maps to a version, and can be changed to map to a different version. Use the Publish parameter to create version 1 of your function from its initial configuration.
The other parameters let you configure version-specific and function-level settings. You can modify version-specific settings later with UpdateFunctionConfiguration. Function-level settings apply to both the unpublished and published versions of the function, and include tags (TagResource) and per-function concurrency limits (PutFunctionConcurrency).
You can use code signing if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with UpdateFunctionCode, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes set of signing profiles, which define the trusted publishers for this function.
If another Amazon Web Services account or an Amazon Web Services service invokes your function, use AddPermission to grant permission by creating a resource-based Identity and Access Management (IAM) policy. You can grant permissions at the function level, on a version, or on an alias.
To invoke your function directly, use Invoke. To invoke your function in response to events in other Amazon Web Services services, create an event source mapping (CreateEventSourceMapping), or configure a function trigger in the other service. For more information, see Invoking Lambda functions.
" }, "CreateFunctionUrlConfig":{ "name":"CreateFunctionUrlConfig", @@ -211,7 +210,7 @@ {"shape":"InvalidParameterValueException"}, {"shape":"ResourceConflictException"} ], - "documentation":"Deletes a Lambda function. To delete a specific function version, use the Qualifier parameter. Otherwise, all versions and aliases are deleted. This doesn't require the user to have explicit permissions for DeleteAlias.
To delete Lambda event source mappings that invoke a function, use DeleteEventSourceMapping. For Amazon Web Servicesservices and resources that invoke your function directly, delete the trigger in the service where you originally configured it.
" + "documentation":"Deletes a Lambda function. To delete a specific function version, use the Qualifier parameter. Otherwise, all versions and aliases are deleted. This doesn't require the user to have explicit permissions for DeleteAlias.
To delete Lambda event source mappings that invoke a function, use DeleteEventSourceMapping. For Amazon Web Services services and resources that invoke your function directly, delete the trigger in the service where you originally configured it.
" }, "DeleteFunctionCodeSigningConfig":{ "name":"DeleteFunctionCodeSigningConfig", @@ -312,24 +311,6 @@ ], "documentation":"Deletes the provisioned concurrency configuration for a function.
" }, - "DeleteResourcePolicy":{ - "name":"DeleteResourcePolicy", - "http":{ - "method":"DELETE", - "requestUri":"/2024-09-16/resource-policy/{ResourceArn}", - "responseCode":204 - }, - "input":{"shape":"DeleteResourcePolicyRequest"}, - "errors":[ - {"shape":"ServiceException"}, - {"shape":"ResourceNotFoundException"}, - {"shape":"ResourceConflictException"}, - {"shape":"InvalidParameterValueException"}, - {"shape":"TooManyRequestsException"}, - {"shape":"PreconditionFailedException"} - ], - "documentation":"The option to create and modify full JSON resource-based policies, and to use the PutResourcePolicy, GetResourcePolicy, and DeleteResourcePolicy APIs, won't be available in all Amazon Web Services Regions until September 30, 2024.
Deletes a resource-based policy from a function.
" - }, "GetAccountSettings":{ "name":"GetAccountSettings", "http":{ @@ -600,40 +581,6 @@ ], "documentation":"Retrieves the provisioned concurrency configuration for a function's alias or version.
" }, - "GetPublicAccessBlockConfig":{ - "name":"GetPublicAccessBlockConfig", - "http":{ - "method":"GET", - "requestUri":"/2024-09-16/public-access-block/{ResourceArn}", - "responseCode":200 - }, - "input":{"shape":"GetPublicAccessBlockConfigRequest"}, - "output":{"shape":"GetPublicAccessBlockConfigResponse"}, - "errors":[ - {"shape":"ServiceException"}, - {"shape":"ResourceNotFoundException"}, - {"shape":"TooManyRequestsException"}, - {"shape":"InvalidParameterValueException"} - ], - "documentation":"The option to configure public-access settings, and to use the PutPublicAccessBlock and GetPublicAccessBlock APIs, won't be available in all Amazon Web Services Regions until September 30, 2024.
Retrieve the public-access settings for a function.
" - }, - "GetResourcePolicy":{ - "name":"GetResourcePolicy", - "http":{ - "method":"GET", - "requestUri":"/2024-09-16/resource-policy/{ResourceArn}", - "responseCode":200 - }, - "input":{"shape":"GetResourcePolicyRequest"}, - "output":{"shape":"GetResourcePolicyResponse"}, - "errors":[ - {"shape":"ServiceException"}, - {"shape":"ResourceNotFoundException"}, - {"shape":"TooManyRequestsException"}, - {"shape":"InvalidParameterValueException"} - ], - "documentation":"The option to create and modify full JSON resource-based policies, and to use the PutResourcePolicy, GetResourcePolicy, and DeleteResourcePolicy APIs, won't be available in all Amazon Web Services Regions until September 30, 2024.
Retrieves the resource-based policy attached to a function.
" - }, "GetRuntimeManagementConfig":{ "name":"GetRuntimeManagementConfig", "http":{ @@ -933,7 +880,7 @@ {"shape":"InvalidParameterValueException"}, {"shape":"TooManyRequestsException"} ], - "documentation":"Returns a function, event source mapping, or code signing configuration's tags. You can also view funciton tags with GetFunction.
" + "documentation":"Returns a function, event source mapping, or code signing configuration's tags. You can also view function tags with GetFunction.
" }, "ListVersionsByFunction":{ "name":"ListVersionsByFunction", @@ -1081,45 +1028,6 @@ ], "documentation":"Adds a provisioned concurrency configuration to a function's alias or version.
" }, - "PutPublicAccessBlockConfig":{ - "name":"PutPublicAccessBlockConfig", - "http":{ - "method":"PUT", - "requestUri":"/2024-09-16/public-access-block/{ResourceArn}", - "responseCode":200 - }, - "input":{"shape":"PutPublicAccessBlockConfigRequest"}, - "output":{"shape":"PutPublicAccessBlockConfigResponse"}, - "errors":[ - {"shape":"ServiceException"}, - {"shape":"ResourceNotFoundException"}, - {"shape":"ResourceConflictException"}, - {"shape":"InvalidParameterValueException"}, - {"shape":"TooManyRequestsException"} - ], - "documentation":"The option to configure public-access settings, and to use the PutPublicAccessBlock and GetPublicAccessBlock APIs, won't be available in all Amazon Web Services Regions until September 30, 2024.
Configure your function's public-access settings.
To control public access to a Lambda function, you can choose whether to allow the creation of resource-based policies that allow public access to that function. You can also block public access to a function, even if it has an existing resource-based policy that allows it.
" - }, - "PutResourcePolicy":{ - "name":"PutResourcePolicy", - "http":{ - "method":"PUT", - "requestUri":"/2024-09-16/resource-policy/{ResourceArn}", - "responseCode":200 - }, - "input":{"shape":"PutResourcePolicyRequest"}, - "output":{"shape":"PutResourcePolicyResponse"}, - "errors":[ - {"shape":"ServiceException"}, - {"shape":"ResourceNotFoundException"}, - {"shape":"ResourceConflictException"}, - {"shape":"InvalidParameterValueException"}, - {"shape":"PolicyLengthExceededException"}, - {"shape":"TooManyRequestsException"}, - {"shape":"PreconditionFailedException"}, - {"shape":"PublicPolicyException"} - ], - "documentation":"The option to create and modify full JSON resource-based policies, and to use the PutResourcePolicy, GetResourcePolicy, and DeleteResourcePolicy APIs, won't be available in all Amazon Web Services Regions until September 30, 2024.
Adds a resource-based policy to a function. You can use resource-based policies to grant access to other Amazon Web Services accounts, organizations, or services. Resource-based policies apply to a single function, version, or alias.
Adding a resource-based policy using this API action replaces any existing policy you've previously created. This means that if you've previously added resource-based permissions to a function using the AddPermission action, those permissions will be overwritten by your new policy.
Revokes function-use permission from an Amazon Web Servicesservice or another Amazon Web Services account. You can get the ID of the statement from the output of GetPolicy.
" + "documentation":"Revokes function-use permission from an Amazon Web Services service or another Amazon Web Services account. You can get the ID of the statement from the output of GetPolicy.
" }, "TagResource":{ "name":"TagResource", @@ -1304,7 +1211,7 @@ {"shape":"InvalidCodeSignatureException"}, {"shape":"CodeSigningConfigNotFoundException"} ], - "documentation":"Modify the version-specific settings of a Lambda function.
When you update a function, Lambda provisions an instance of the function and its supporting resources. If your function connects to a VPC, this process can take a minute. During this time, you can't modify the function, but you can still invoke it. The LastUpdateStatus, LastUpdateStatusReason, and LastUpdateStatusReasonCode fields in the response from GetFunctionConfiguration indicate when the update is complete and the function is processing events with the new configuration. For more information, see Lambda function states.
These settings can vary between versions of a function and are locked when you publish a version. You can't modify the configuration of a published version, only the unpublished version.
To configure function concurrency, use PutFunctionConcurrency. To grant invoke permissions to an Amazon Web Services account or Amazon Web Servicesservice, use AddPermission.
" + "documentation":"Modify the version-specific settings of a Lambda function.
When you update a function, Lambda provisions an instance of the function and its supporting resources. If your function connects to a VPC, this process can take a minute. During this time, you can't modify the function, but you can still invoke it. The LastUpdateStatus, LastUpdateStatusReason, and LastUpdateStatusReasonCode fields in the response from GetFunctionConfiguration indicate when the update is complete and the function is processing events with the new configuration. For more information, see Lambda function states.
These settings can vary between versions of a function and are locked when you publish a version. You can't modify the configuration of a published version, only the unpublished version.
To configure function concurrency, use PutFunctionConcurrency. To grant invoke permissions to an Amazon Web Services account or Amazon Web Services service, use AddPermission.
" }, "UpdateFunctionEventInvokeConfig":{ "name":"UpdateFunctionEventInvokeConfig", @@ -1472,15 +1379,15 @@ }, "Principal":{ "shape":"Principal", - "documentation":"The Amazon Web Servicesservice, Amazon Web Services account, IAM user, or IAM role that invokes the function. If you specify a service, use SourceArn or SourceAccount to limit who can invoke the function through that service.
The Amazon Web Services service, Amazon Web Services account, IAM user, or IAM role that invokes the function. If you specify a service, use SourceArn or SourceAccount to limit who can invoke the function through that service.
For Amazon Web Servicesservices, the ARN of the Amazon Web Services resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.
Note that Lambda configures the comparison using the StringLike operator.
For Amazon Web Services services, the ARN of the Amazon Web Services resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.
Note that Lambda configures the comparison using the StringLike operator.
For Amazon Web Servicesservice, the ID of the Amazon Web Services account that owns the resource. Use this together with SourceArn to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.
For Amazon Web Services service, the ID of the Amazon Web Services account that owns the resource. Use this together with SourceArn to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.
The Amazon Resource Name (ARN) of the function you want to delete the policy from. You can use either a qualified or an unqualified ARN, but the value you specify must be a complete ARN and wildcard characters are not accepted.
", - "location":"uri", - "locationName":"ResourceArn" - }, - "RevisionId":{ - "shape":"RevisionId", - "documentation":"Delete the existing policy only if its revision ID matches the string you specify. To find the revision ID of the policy currently attached to your function, use the GetResourcePolicy action.
", - "location":"querystring", - "locationName":"RevisionId" - } - } - }, "Description":{ "type":"string", "max":256, @@ -3595,52 +3484,6 @@ } } }, - "GetPublicAccessBlockConfigRequest":{ - "type":"structure", - "required":["ResourceArn"], - "members":{ - "ResourceArn":{ - "shape":"PublicAccessBlockResourceArn", - "documentation":"The Amazon Resource Name (ARN) of the function you want to retrieve public-access settings for.
", - "location":"uri", - "locationName":"ResourceArn" - } - } - }, - "GetPublicAccessBlockConfigResponse":{ - "type":"structure", - "members":{ - "PublicAccessBlockConfig":{ - "shape":"PublicAccessBlockConfig", - "documentation":"The public-access settings configured for the function you specified
" - } - } - }, - "GetResourcePolicyRequest":{ - "type":"structure", - "required":["ResourceArn"], - "members":{ - "ResourceArn":{ - "shape":"PolicyResourceArn", - "documentation":"The Amazon Resource Name (ARN) of the function you want to retrieve the policy for. You can use either a qualified or an unqualified ARN, but the value you specify must be a complete ARN and wildcard characters are not accepted.
", - "location":"uri", - "locationName":"ResourceArn" - } - } - }, - "GetResourcePolicyResponse":{ - "type":"structure", - "members":{ - "Policy":{ - "shape":"ResourcePolicy", - "documentation":"The resource-based policy attached to the function you specified.
" - }, - "RevisionId":{ - "shape":"RevisionId", - "documentation":"The revision ID of the policy.
" - } - } - }, "GetRuntimeManagementConfigRequest":{ "type":"structure", "required":["FunctionName"], @@ -4964,11 +4807,6 @@ "error":{"httpStatusCode":400}, "exception":true }, - "PolicyResourceArn":{ - "type":"string", - "max":256, - "pattern":"arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_]+(:(\\$LATEST|[a-zA-Z0-9-_])+)?" - }, "PositiveInteger":{ "type":"integer", "min":1 @@ -5055,38 +4893,6 @@ "FAILED" ] }, - "PublicAccessBlockConfig":{ - "type":"structure", - "members":{ - "BlockPublicPolicy":{ - "shape":"NullableBoolean", - "documentation":"To block the creation of resource-based policies that would grant public access to your function, set BlockPublicPolicy to true. To allow the creation of resource-based policies that would grant public access to your function, set BlockPublicPolicy to false.
To block public access to your function, even if its resource-based policy allows it, set RestrictPublicResource to true. To allow public access to a function with a resource-based policy that permits it, set RestrictPublicResource to false.
An object that defines the public-access settings for a function.
" - }, - "PublicAccessBlockResourceArn":{ - "type":"string", - "max":170, - "pattern":"arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_]+" - }, - "PublicPolicyException":{ - "type":"structure", - "members":{ - "Type":{ - "shape":"String", - "documentation":"The exception type.
" - }, - "Message":{"shape":"String"} - }, - "documentation":"Lambda prevented your policy from being created because it would grant public access to your function. If you intended to create a public policy, use the PutPublicAccessBlockConfig API action to configure your function's public-access settings to allow public policies.
", - "error":{"httpStatusCode":400}, - "exception":true - }, "PublishLayerVersionRequest":{ "type":"structure", "required":[ @@ -5355,70 +5161,6 @@ } } }, - "PutPublicAccessBlockConfigRequest":{ - "type":"structure", - "required":[ - "ResourceArn", - "PublicAccessBlockConfig" - ], - "members":{ - "ResourceArn":{ - "shape":"PublicAccessBlockResourceArn", - "documentation":"The Amazon Resource Name (ARN) of the function you want to configure public-access settings for. Public-access settings are applied at the function level, so you can't apply different settings to function versions or aliases.
", - "location":"uri", - "locationName":"ResourceArn" - }, - "PublicAccessBlockConfig":{ - "shape":"PublicAccessBlockConfig", - "documentation":"An object defining the public-access settings you want to apply.
To block the creation of resource-based policies that would grant public access to your function, set BlockPublicPolicy to true. To allow the creation of resource-based policies that would grant public access to your function, set BlockPublicPolicy to false.
To block public access to your function, even if its resource-based policy allows it, set RestrictPublicResource to true. To allow public access to a function with a resource-based policy that permits it, set RestrictPublicResource to false.
The default setting for both BlockPublicPolicy and RestrictPublicResource is true.
The public-access settings Lambda applied to your function.
" - } - } - }, - "PutResourcePolicyRequest":{ - "type":"structure", - "required":[ - "ResourceArn", - "Policy" - ], - "members":{ - "ResourceArn":{ - "shape":"PolicyResourceArn", - "documentation":"The Amazon Resource Name (ARN) of the function you want to add the policy to. You can use either a qualified or an unqualified ARN, but the value you specify must be a complete ARN and wildcard characters are not accepted.
", - "location":"uri", - "locationName":"ResourceArn" - }, - "Policy":{ - "shape":"ResourcePolicy", - "documentation":"The JSON resource-based policy you want to add to your function.
To learn more about creating resource-based policies for controlling access to Lambda, see Working with resource-based IAM policies in Lambda in the Lambda Developer Guide.
" - }, - "RevisionId":{ - "shape":"RevisionId", - "documentation":"Replace the existing policy only if its revision ID matches the string you specify. To find the revision ID of the policy currently attached to your function, use the GetResourcePolicy action.
" - } - } - }, - "PutResourcePolicyResponse":{ - "type":"structure", - "members":{ - "Policy":{ - "shape":"ResourcePolicy", - "documentation":"The policy Lambda added to your function.
" - }, - "RevisionId":{ - "shape":"RevisionId", - "documentation":"The revision ID of the policy Lambda added to your function.
" - } - } - }, "PutRuntimeManagementConfigRequest":{ "type":"structure", "required":[ @@ -5647,12 +5389,6 @@ "error":{"httpStatusCode":502}, "exception":true }, - "ResourcePolicy":{ - "type":"string", - "max":20480, - "min":1, - "pattern":"[\\s\\S]+" - }, "ResponseStreamingInvocationType":{ "type":"string", "enum":[ @@ -5660,12 +5396,6 @@ "DryRun" ] }, - "RevisionId":{ - "type":"string", - "max":36, - "min":36, - "pattern":"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - }, "RoleArn":{ "type":"string", "pattern":"arn:(aws[a-zA-Z-]*)?:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+" diff --git a/botocore/data/organizations/2016-11-28/service-2.json b/botocore/data/organizations/2016-11-28/service-2.json index a89d4096d1..c45fae4ca1 100644 --- a/botocore/data/organizations/2016-11-28/service-2.json +++ b/botocore/data/organizations/2016-11-28/service-2.json @@ -60,7 +60,7 @@ {"shape":"UnsupportedAPIEndpointException"}, {"shape":"PolicyChangesInProgressException"} ], - "documentation":"Attaches a policy to a root, an organizational unit (OU), or an individual account. How the policy affects accounts depends on the type of policy. Refer to the Organizations User Guide for information about each policy type:
This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.
" + "documentation":"Attaches a policy to a root, an organizational unit (OU), or an individual account. How the policy affects accounts depends on the type of policy. Refer to the Organizations User Guide for information about each policy type:
This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.
" }, "CancelHandshake":{ "name":"CancelHandshake", @@ -1661,7 +1661,7 @@ }, "Type":{ "shape":"PolicyType", - "documentation":"The type of policy to create. You can specify one of the following values:
" + "documentation":"The type of policy to create. You can specify one of the following values:
" }, "Tags":{ "shape":"Tags", @@ -1838,7 +1838,7 @@ "members":{ "PolicyType":{ "shape":"EffectivePolicyType", - "documentation":"The type of policy that you want information about. You can specify one of the following values:
" + "documentation":"The type of policy that you want information about. You can specify one of the following values:
" }, "TargetId":{ "shape":"PolicyTargetId", @@ -1978,7 +1978,7 @@ }, "PolicyType":{ "shape":"PolicyType", - "documentation":"The policy type that you want to disable in this root. You can specify one of the following values:
" + "documentation":"The policy type that you want to disable in this root. You can specify one of the following values:
" } } }, @@ -2066,7 +2066,8 @@ "enum":[ "TAG_POLICY", "BACKUP_POLICY", - "AISERVICES_OPT_OUT_POLICY" + "AISERVICES_OPT_OUT_POLICY", + "CHATBOT_POLICY" ] }, "Email":{ @@ -2113,7 +2114,7 @@ }, "PolicyType":{ "shape":"PolicyType", - "documentation":"The policy type that you want to enable. You can specify one of the following values:
" + "documentation":"The policy type that you want to enable. You can specify one of the following values:
" } } }, @@ -2787,7 +2788,7 @@ }, "Filter":{ "shape":"PolicyType", - "documentation":"The type of policy that you want to include in the returned list. You must specify one of the following values:
" + "documentation":"The type of policy that you want to include in the returned list. You must specify one of the following values:
" }, "NextToken":{ "shape":"NextToken", @@ -2818,7 +2819,7 @@ "members":{ "Filter":{ "shape":"PolicyType", - "documentation":"Specifies the type of policy that you want to include in the response. You must specify one of the following values:
" + "documentation":"Specifies the type of policy that you want to include in the response. You must specify one of the following values:
" }, "NextToken":{ "shape":"NextToken", @@ -3266,7 +3267,8 @@ "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", - "AISERVICES_OPT_OUT_POLICY" + "AISERVICES_OPT_OUT_POLICY", + "CHATBOT_POLICY" ] }, "PolicyTypeAlreadyEnabledException":{ diff --git a/botocore/data/pcs/2023-02-10/service-2.json b/botocore/data/pcs/2023-02-10/service-2.json index 0ecd55ea9a..2f32df5d60 100644 --- a/botocore/data/pcs/2023-02-10/service-2.json +++ b/botocore/data/pcs/2023-02-10/service-2.json @@ -584,7 +584,7 @@ "customLaunchTemplate":{"shape":"CustomLaunchTemplate"}, "iamInstanceProfileArn":{ "shape":"InstanceProfileArn", - "documentation":"The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.
The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the pcs:RegisterComputeNodeGroupInstance permission. The resource identifier of the ARN must start with AWSPCS or it must have /aws-pcs/ in its path.
Examples
arn:aws:iam::111122223333:instance-profile/AWSPCS-example-role-1
arn:aws:iam::111122223333:instance-profile/aws-pcs/example-role-2
The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached in order to provision instances correctly. The resource identifier of the ARN must start with AWSPCS. For example, arn:aws:iam:123456789012:instance-profile/AWSPCSMyComputeNodeInstanceProfile.
The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the pcs:RegisterComputeNodeGroupInstance permission. The resource identifier of the ARN must start with AWSPCS or it must have /aws-pcs/ in its path.
Examples
arn:aws:iam::111122223333:instance-profile/AWSPCS-example-role-1
arn:aws:iam::111122223333:instance-profile/aws-pcs/example-role-2
Amazon Web Services PCS supports configuration of the following Slurm parameters: Prolog , Epilog , and SelectTypeParameters .
Amazon Web Services PCS supports configuration of the following Slurm parameters:
For clusters
For compute node groups
The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.
The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the pcs:RegisterComputeNodeGroupInstance permission. The resource identifier of the ARN must start with AWSPCS or it must have /aws-pcs/ in its path.
Examples
arn:aws:iam::111122223333:instance-profile/AWSPCS-example-role-1
arn:aws:iam::111122223333:instance-profile/aws-pcs/example-role-2
Starts a SQL transaction.
A transaction can run for a maximum of 24 hours. A transaction is terminated and rolled back automatically after 24 hours.
A transaction times out if no calls use its transaction ID in three minutes. If a transaction times out before it's committed, it's rolled back automatically.
DDL statements inside a transaction cause an implicit commit. We recommend that you run each DDL statement in a separate ExecuteStatement call with continueAfterTimeout enabled.
Starts a SQL transaction.
A transaction can run for a maximum of 24 hours. A transaction is terminated and rolled back automatically after 24 hours.
A transaction times out if no calls use its transaction ID in three minutes. If a transaction times out before it's committed, it's rolled back automatically.
For Aurora MySQL, DDL statements inside a transaction cause an implicit commit. We recommend that you run each MySQL DDL statement in a separate ExecuteStatement call with continueAfterTimeout enabled.
Runs one or more SQL statements.
This operation isn't supported for Aurora PostgreSQL Serverless v2 and provisioned DB clusters, and for Aurora Serverless v1 DB clusters, the operation is deprecated. Use the BatchExecuteStatement or ExecuteStatement operation.
Runs one or more SQL statements.
This operation isn't supported for Aurora Serverless v2 and provisioned DB clusters. For Aurora Serverless v1 DB clusters, the operation is deprecated. Use the BatchExecuteStatement or ExecuteStatement operation.
Amazon RDS provides an HTTP endpoint to run SQL statements on an Amazon Aurora DB cluster. To run these statements, you use the RDS Data API (Data API).
Data API is available with the following types of Aurora databases:
Aurora PostgreSQL - Serverless v2, Serverless v1, and provisioned
Aurora MySQL - Serverless v1 only
For more information about the Data API, see Using RDS Data API in the Amazon Aurora User Guide.
" + "documentation":"Amazon RDS provides an HTTP endpoint to run SQL statements on an Amazon Aurora DB cluster. To run these statements, you use the RDS Data API (Data API).
Data API is available with the following types of Aurora databases:
Aurora PostgreSQL - Serverless v2, provisioned, and Serverless v1
Aurora MySQL - Serverless v2, provisioned, and Serverless v1
For more information about the Data API, see Using RDS Data API in the Amazon Aurora User Guide.
" } diff --git a/botocore/data/sagemaker/2017-07-24/service-2.json b/botocore/data/sagemaker/2017-07-24/service-2.json index 68ef71f069..e63889326a 100644 --- a/botocore/data/sagemaker/2017-07-24/service-2.json +++ b/botocore/data/sagemaker/2017-07-24/service-2.json @@ -8957,6 +8957,10 @@ "shape":"AppSecurityGroupManagement", "documentation":"The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided. If setting up the domain for use with RStudio, this value must be set to Service.
Indicates whether custom tag propagation is supported for the domain. Defaults to DISABLED.
The default settings used to create a space.
" @@ -13762,6 +13766,10 @@ "shape":"AppSecurityGroupManagement", "documentation":"The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided.
Indicates whether custom tag propagation is supported for the domain.
" + }, "DefaultSpaceSettings":{ "shape":"DefaultSpaceSettings", "documentation":"The default settings used to create a space.
" @@ -35740,6 +35748,13 @@ "max":50, "min":0 }, + "TagPropagation":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "TagValue":{ "type":"string", "max":256, @@ -38131,6 +38146,10 @@ "AppNetworkAccessType":{ "shape":"AppNetworkAccessType", "documentation":"Specifies the VPC used for non-EFS traffic.
PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access.
VpcOnly - All Studio traffic is through the specified VPC and subnets.
This configuration can only be modified if there are no apps in the InService, Pending, or Deleting state. The configuration cannot be updated if DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is already set or DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided as part of the same request.
Indicates whether custom tag propagation is supported for the domain. Defaults to DISABLED.